Hunterdn688

Please Read Before Updating

• Outlook 2016 Could Not Synchronize Record -19703 -
• Outlook 2016 Could Not Synchronize Record -19703 Windows 10

Before installing any firmware version, be sure to make a backupof your configuration and read all release notes that apply toversions more recent than the one currently running on your system.

Note that updating to this release may cause youto lose any patches that have been installed by BarracudaNetworks Technical Support onto your system. Please check the versiondetails below to verify that the bug number for your issue is marked asfixed in the version that you are trying to install (or an earlier one)prior to installing.

. Fix - A deferred product sync is now scheduled when a product having a parent (e.g. A variation product) is deleted, not only when it's saved. #26629. Fix - Stock status of variable products that handle stock at the main product level is now appropriately updated when the product is saved. This is Exchange - I should NOT have to do a manual sync. I never had this problem with the 2011 client in the past. There are no settings on the client side to increase the frequency of the sync let alone see what it is. October-December 2016 was a drought year for the region and October-December 2019 was a pluvial year as shown by corresponding CHIRPS anomaly for (C) 2016 and (D) 2019. Forecasts at resolution 0.5. Monitor instances deleted in peer unit after sync: 717100-1: 3-Major: FQDN pool member is not added if FQDN resolves to same IP address as another existing FQDN pool member: 716167-2: 3-Major: The value of the sys db variable vlan.backplane.mtu may be out-of-sync with the value of the MTU of the kernel interface tmmbp: 704450-5: 3-Major.

Do not manually reboot your system at any time during an update,unless otherwise instructed by Barracuda Networks Technical Support. Depending on your current firmware version and other system factors, the update process could take up to 10 minutes. If the process takes longer, please contact Technical Support for further assistance.

Before updating, BE SURE TO TAKE THE BARRACUDA EMAIL SECURITY GATEWAY OFFLINE. This will ensure that the inbound queue is emptied and all messages are scanned before the update process begins. See the BASIC > Administration page for the Offline button.

Updating to Version 8.x

WARNING: After clicking the Apply Now on the ADVANCED > Firmware Update page, the progress bar may appear to time out and the administrator may need to manually return to the login screen after 5 minutes if it doesn't load automatically in the browser.

Firmware Version 8.0

What's New in Version 8.0

Web Interface

• The Barracuda Spam Firewall has been renamed the Barracuda Email Security Gateway.

Barracuda Exchange Antivirus Agent

• The Barracuda Exchange Antivirus Agent no longer supports Microsoft Exchange Server 2007. See How to Get and Configure Barracuda Exchange Antivirus Agent 8.x.

Fixed in Version 8.0

Version 8.0.3.002

• Fixed bug affecting mail processing after upgrading the firmware. [BNSF-26691]

Version 8.0.3

Barracuda Outlook Add-in

• Enhancement: Added support for TLS 1.1 and TLS 1.2. [BNSF-25586]

Notifications

• Enhancement: The system administrator and email recipient can receive notifications when a message is blocked due to a virus. Configure on the ADVANCED > Bounce/NDR Settings page. [BNSF-25486]

Mail Processing

• Improved spam scanning. [BNSF-26591]

Version 8.0.2

Barracuda Exchange Antivirus Agent

• Enhancement: Added support for Microsoft Exchange 2016.

Web Interface

• Fix: A Welcome email is not sent when a new user account is created due to a quarantined email. [BNSF-25904]

Security

• High severity vulnerability: authenticated, remote code injection [BNSEC-6613 / BNSF-25407]
• High severity vulnerability: unauthenticated, remotely exploitable, code injection [BNSEC-6223 / BNSF-24618]
• High severity vulnerability: remotely exploitable, buffer overflow [BNSEC-2012 / BNSF-24897]
• Medium - High severity vulnerability: unauthenticated, remotely exploitable, denial of service (DoS), ssl weakness [BNSEC-7107 / BNSF-25937]
• Medium - High severity vulnerability: unauthenticated, remotely exploitable, limited HTML content control, XSS delivered outside of the web based interface [BNSEC-6227 / BNSF-24635]
• Medium - High severity vulnerability: unauthenticated, remotely exploitable [BNSEC-6225 / BNSF-24621]
• Medium severity vulnerability: non-persistent XSS [BNSEC-2678 / BNSF-23507]

Version 8.0.1.001

Mail Processing

• Enhancement: Mail with Microsoft Office attachments that contain macros can be blocked. Configure on the BLOCK/ACCEPT > Attachment Filters page. [BNSF-23786]

Web Interface

• Fix: Resolved issue which prevented the Dashboard from displaying during update server outages. [BNSF-25934]
• Fix: Resolved issue preventing access to the ADVANCED > Energize Updates and the ADVANCED > Firmware Update pages when the Barracuda Email Security Gateway was offline. [BNSF-25929]

Barracuda Exchange Antivirus Agent

• Enhancement: The Barracuda Exchange Antivirus Agent supports Microsoft Exchange Server 2016. [BNSF-25828]

Version 8.0.0.007

Mail Processing

• Enhancement: Improved Sender Spoof Protection efficiency. [BNSF-25835]
• Resolved issue which could cause excessive system load. [BNSF-25831, BNSF-25884]
• Resolved issues with malformed headers causing incorrect parsing. [BNSF-25836, BNSF-25838]
• Resolved issue with Multi-Level Intent Analysis. [BNSF-25907]

Clustering

• Improved handling of Standby mode in a clustered system. [BNSF-25797]

Version 8.0.0.005

Mail Processing

• Outbound messages from whitelisted IP addresses are now properly checked for encryption if encryption is enabled. [BNSF-25732]
• Links in the BASIC > Message Log message view page now work properly. [BNSF-22345]

Version 8.0.0.003

Mail Processing

• Improved attachment filtering/detection. [BNSF-25491]

Version 8.0.0.002

Mail Processing

• Downloading a PDF file attached to a message from the Message Log through BAC/BCS works as expected. [BNSF-25536]
• Attachment filtering blocks correctly even if MIME type encoding is not formatted correctly. [BNSF-20598]
• Messages received by the Barracuda Email Security Gateway which are just under the maximum message size are processed properly and are not blocked. [BNSF-25500]
• When the From header of a message has an unusual format, the unit does not time out when attempting to deliver the message from the user's quarantine inbox. [BNSF-25254]
• SMTP over TLS for outbound mail works as expected, the mail queues and delivers properly and the logs do not indicate errors. [BNSF-25437]
• Outbound quarantine emails with multi-line From headers due to UTF8 are delivered as expected. [BNSF-25309]

Notifications

• The Barracuda Email Security Gateway no longer sends out notifications that state 'Encrypted email unable to be delivered' for emails that trigger encryption policies and have a blank sender. [BNSF-17895]
• Alert email announcing that Energize Updates subscription is about to expire is now branded correctly as Barracuda Email Security Gateway. [BNSF-25615]
• NDRs are not rejected by some mail servers, including O365, if they don't include a valid From header. [BNSF-25612]

Web Interface

• The Configuration Updated message only shows on web interface pages as needed. [BNSF-25566]
• Street Address and Driver's License information in emails trigger Privacy policies as expected. [BNSF-24772]
• When specifying a filename for an attachment content filter, the pattern specified (filename= ) works when there is a space between the '= ' and the filename. [BNSF-25491]

Security

• High severity vulnerability: persistent XSS, authenticated [BNSEC-6504 / BNSF-25215, BNSEC-4551 / BNSF-22345]

Version 8.0.0.001

Mail Processing

• Enhancement: Improved performance of IP Whitelisted and outbound message scanning. [BNSF-23352, BNSF-24293]
• Enhancement: Improved street address and driver's license detection. [BNSF-24388]
• Enhancement: Improved error handling for 'full disk' condition. [BNSF-24622]
• Enhancement: Added macro support for SPF records with macros. [BNSF-24659]
• Enhancement: Improved general performance of mail scoring and attachment scanning. [BNSF-24473]
• Enhancement: General improvements in PDF processing capabilities. [BNSF-24846]
• Enhancement: Improved HIPAA and Credit Card data detection. [BNSF-25026, BNSF-25028]
• Fix: Updated internal scanning processes to improve stability. [BNSF-21928, BNSF-24241, BNSF-25268]
• Fix: Resolved intermittent PTR detection issue. [BNSF-24546]
• Fix: Users who lack a mail attribute in LDAP are now properly quarantined. [BNSF-25136]
• Fix: LDAP Alias re-writing no longer rewrites the 'To' header. [BNSF-25141]
• Fix: Lines exceeding 990 characters are no longer broken in multiple places. [BNSF-25206]

Web Interface

• Enhancement: Administrative ACLs can be temporarily removed through the Console Administrator with the System > Reset Administrator IP/Range selection. [BNSF-23352]
• Enhancement: Invalid username and password attempts are now logged to the Web Syslog. [BNSF-24629]
• Enhancement: Improved performance of bulk classification of Spam/Not Spam. [BNSF-25000]
• Enhancement: Messages with unknown character sets are now treated as UTF-8. [BNSF-25086]
• Enhancement: Updated Japanese help file translations. [BNSF-25088]
• Enhancement: Improved web interface load times in general, and especially for BASIC > IP Configuration. [BNSF-25193, BNSF-25199]
• Fix: Message viewer Download and Delivery buttons now show properly for all window sizes. [BNSF-24177]
• Fix: Miscellaneous web interface improvements. [BNSF-24300, BNSF-24381]
• Fix: New user quarantine email links now work properly. [BNSF-24404]
• Fix: Users with an '&' in the name can now view the Quarantine Inbox. [BNSF-24764, BNSF-24961]
• Fix: Outbound Quarantine actions no longer result in an error page. [BNSF-24858]
• Fix: Invalid users can be removed. [BNSF-24860]
• Fix: Randomization has been improved for password generation. [BNSF-24995]
• Fix: The details for messages blocked without message bodies can now be viewed on all systems in a cluster. [BNSF-24973, BNSF-25053]

Reporting

• Fix: Fixed display of erroneous 'Permission denied'. [BNSF-24600]
• Fix: LDAP Failure Notifications are no longer triggered by outdated logs. [BNSF-25180]

Encryption

• Fix: Replies to encrypted emails are now archived. [BNSF-24496]

Virtualization

• Enhancement: Tuned database configuration for Microsoft Azure, Amazon AWS, and VMWare vCloud Air. [BNSF-24836]

Barracuda Outlook Add-in

• Fix: Resolved issue preventing Add-in authorization for some usernames. [BNSF-23766]
• Fix: Resolved issue which could cause the Add-in to appear in the wrong window. [BNSF-24585]
• Fix: The Add-in can now be used from an IP address in the Administration ACL IP Range. [BNSF-24759]

Security

• Fix: resolved the following vulnerabilities:
• High severity vulnerability: authenticated, remotely exploitable, arbitrary command execution [BNSEC-5205 / BNSF-23281]
• High severity vulnerability: unauthenticated, remotely exploitable, brute force, [BNSEC-5204 / BNSF-23282]
• High severity vulnerability: remotely exploitable, privilege escalation [BNSEC-5203 / BNSF-23285]
• Medium severity vulnerability: persistent XSS, unauthenticated, remotely exploitable [BNSEC-4622 / BNSF-24136]
• Medium severity vulnerability: non-persistent XSS, authenticated [BNSEC-3880 / BNSF-21745]
• Medium severity vulnerability: authenticated, insufficient authorization [BNSEC-2659 / BNSF-22336]
• Low severity vulnerability: non-persistent XSS, authenticated [BNSEC-2055 / BNSF-21775]
• Low severity vulnerability: Some non-persistent cross-site scripting vulnerabilities have been fixed. [BNSEC-877 / BNCMN-132]
• Low severity vulnerability: non-persistent XSS, authenticated [BNSEC-228 / BNSF-18340]

Firmware Version 7.1

What's New in Version 7.1

Web Interface

• The Microsoft IE browser is supported for version 9 and above.

Barracuda Exchange Antivirus Agent

• The new Barracuda Exchange Antivirus Agent 7.1 runs as a Windows service on your Microsoft Exchange 2013 server and enables it to scan email for viruses. From the ADVANCED > Exchange Antivirus page you can download the agent and view associated email statistics after it is installed and running. You can also click a link on the page to view the Barracuda Exchange Antivirus Agent release notes.
• This version of the agent only supports Microsoft Exchange Server 2013. If you are using versions 2007 or 2010 of Microsoft Exchange Server, you can download the Barracuda Exchange Antivirus Agent 6.0.x from the ADVANCED > Exchange Antivirus page.
• The Barracuda Exchange Antivirus Agent no longer supports Exchange Server 2003.
  See How to Get and Configure Barracuda Exchange Antivirus Agent 7.1 and Above in Barracuda Campus for more information.

Cloud Control

• Support for Domain Administration and Users management - Barracuda Cloud Control now supports managing domains and users. Administrators will have the ability to navigate between domains and users within Barracuda Cloud Control.

Fixed in Version 7.1

Version 7.1.1.004

Note: This release removes LED mail determination flash indicators on the front panel to improve performance.

Mail Processing

• Enhancement: Improved detection of stuck mail processing. [BNSF-24498]
• Enhancement: Removed the SSLv2 protocol and EXPORT and LOW strength ciphers. Improved set of ciphers as specified in ADVANCED > Email Protocol > SMTP over TLS/SSL > Allow Weak Ciphers. [BNSF-25283]

Web Interface

• Fix: Resolved issue on newer models where messages may not appear in the Message Log. [BNSF-23371]
• Fix: Resolved issue in which some Domain Administrators and Helpdesk Users who could not view messages. [BNSF-23920, BNSF-24892]

Reporting

• Fix: LDAP Failure Notification report now includes an attachment with additional information for troubleshooting. [BNSF-17538]

Encryption

• Fix: Resolved issue that could sometimes send duplicate emails when replies were sent to encrypted emails through the Barracuda Message Center. [BNSF-23969]

Security

• Fix: resolved the following vulnerabilities:
• Medium severity vulnerability: Update OpenSSL to address CVE-2016-0800 (commonly known as 'DROWN') and CVE-2016-2842. [BNSEC-6568 / BNSF-25307]

Version 7.1.1.003

Cloud Control

• Fix: Resolved condition which could prevent connection to Cloud Control after upgrade or upon the first connection. [BNSF-24814]

Version 7.1.1.002

Mail Processing

• Enhancement: Improved scanning for emails with large attachments. [BNSF-23864]
• Enhancement: Improved attachment processing for malformed attachments. [BNSF-24245]
• Fix: Resolved rare condition where Per-User Quarantining would still be used when disabled. [BNSF-22343]

Web Interface

• Enhancement: Use numeric sorting for Size column on Advanced > Queue Managment. [BNSF-19427]
• Enhancement: Updated Japanese help file translations. [BNSF-24598]
• Fix: Resolved condition where some Product Tips would not stay hidden. [BNSF-24583]

Barracuda Outlook Add-in

• Enhancement: Support for Microsoft Outlook 2016.

Version 7.1.1.001

Mail Processing

• Enhancement: Improved SPF checks for complex records. [BNSF-23979]
• Enhancement: Resolved case sensitivity with redirection checks. [BNSF-23979]
• Enhancement: Improved DLP detection. [BNSF-24186]
• Fix: Resolved case sensitivity issue with SPF and redirection checks. [BNSF-23876, BNSF-24102]
• Fix: Messages no longer have the global footer attached if Attach Footer is set to No on the ADVANCED > Outbound Footers page at the domain level. [BNSF-24148]

Web Interface

• Enhancement: Messages that are blocked for intent now contain a link to whitelist the sender. [BNSF-24372]
• Enhancement: Updated Japanese translations. [BNSF-23486]
• Enhancement: Messages that are allowed for emailreg now contain a link for reporting emailreg abuse. [BNSF-24373]
• Enhancement: Improved appearance for popups in Firefox and Internet Explorer. [BNSF-23986]
• Enhancement: Improved performance of data entry for pages containg large amounts of data. [BNSF-24152]
• Enhancement: Improved display of Exchange Antivirus data with multiple Exchange Servers. [BNSF-24220]
• Enhancement: Improved handling of message bodies for Bayesian classification. [BNSF-24368, BNSF-24370]
• Fix: Marking messages as Spam/Not Spam in the Message Log is now reflected properly on all units in a cluster. [BNSF-9564, BNSF-22576]
• Fix: Resolved an issue where users sometimes could not deliver or delete quarantine messages. [BNSF-22902]
• Fix: Clicking action links on the BASIC > Outbound Quarantine page at the domain level no longer redirects to the Dashboard. [BNSF-23840]
• Fix: The Message log now shows correct Delivery Status for all messages in a cluster. [BNSF-23897]
• Fix: The ADVANCED > Queue Management page State filter now correctly applies for non-English languages. [BNSF-23917]
• Fix: Changes to the BLOCK/ACCEPT > Recipient Filters page now take immediate effect on all units in a cluster. [BNSF-24089]
• Fix: Resolved issue where sometimes the Delivery Status on the Message Log page would not show correct information. [BNSF-24096]
• Fix: Messages can now be viewed on all units in a cluster. [BNSF-24140]
• Fix: Issue with taking action on quarantined mail in clusters consisting of 3 or more units. [BNSF-24207]
• Fix: Display of usernames with special characters. [BNSF-24253]
• Fix: Issue where new units may not show initial messages in the Message Log. [BNSF-24309]
• Fix: Attachments are again displayed for the end user quarantine. [BNSF-24367]
• Fix: Domain administrators can now view messages in the Message Log. [BNSF-24374]
• Fix: Help dialogs now show correct titles for multi-byte/high-ascii encoding. [BNSF-24376]

Backup

• Fix: Restoring a backup to a virtual machine no longer overwrites the license token. [BNSF-23846]

Security

• Fix: resolved the following vulnerabilities:
• BNSEC-877, BNCMN-132: Security fix, low severity. Some non-persistent cross-site scripting attacks have been fixed.

Version 7.1.0.002

Web Interface

• Fix: Resolved issue where statistics did not display in Barracuda Appliance Control after Barracuda Spam Firewall was rebooted. [BNSF-24079]
• Fix: End users can now log in if the Barracuda Spam Firewall cannot check subscriptions, such as when the internet is unavailable. [BNSF-24122]

Version 7.1.0.001

Mail Processing

• Fix: Messages containing hostnames that are IP addresses in messages are correctly processed. [BNSF-21784, BNSF-23457]

Web Interface

• Enhancement: Updated translations. [BNSF-23792, BNSF-223460]
• Enhancement: General web interface enhancements in font, color, and styling. [BNSF-23167, BNSF-23169, BNSF-23171]
• Enhancement: Improved display of Barracuda Exchange Antivirus Statistics. [BNSF-23791]
• Fix: Resolved issue regarding Single Sign-On with LDAP hosts with IPv4 and IPv6 addresses. [BNSF-21422]
• Fix: Online Help Search in Firefox correctly supports the Japanese IME keyboard. [BNSF-23116]
• Fix: On the BASIC > Outbound Quarantine page, taking actions with messages such as Delete, Reject or Deliver no longer clear the search filters. [BNSF-23134]
• Fix: Message Log buttons and icons for IE 9 render correctly. [BNSF-23882]
• Fix: When using Single Sign-On (SSO) with an LDAP Server Type of Other (see the USERS > LDAP Configuration page for a domain), the Barracuda Spam Firewall now only uses the user-provided filter for an LDAP search, preventing a timeout. [BNSF-23996]
• Fix: Admin, Domain Admin and Helpdesk roles can now deliver user quarantined messages from the Quarantine inbox when the locale is Multibyte. [BNSF-24062]
• Fix: Report data displayed with the Show Report function now matches the data in the emailed report, as the Show Report function now uses local time for the Date Range as opposed to UTC time. [BNSF-24004]

Barracuda Exchange Antivirus Agent

• Enhancement: Barracuda Exchange Antivirus Agent 2013 verifies signature integrity prior to loading the signatures. [BNSF-21154]

Security

• Fix: resolved the following vulnerabilities:
• High severity vulnerability: persistent XSS, unauthenticated, remotely exploitable [BNSEC-4672 / BNSF-22625]
• High severity vulnerability: persistent XSS, unauthenticated, remotely exploitable [BNSEC-4670 / BNSF-22626]
• High severity vulnerability: persistent XSS, unauthenticated, remotely exploitable [BNSEC-4669 / BNSF-22624]

Firmware Version 7.0

What's New in Version 7.0

Web Interface

• Updated the Barracuda Spam Firewall web interface with a new color scheme to be consistent with the look and feel with other Barracuda products. There are no navigation changes.
• New login security feature: If the user login fails 5 times, there is a 15 minute wait period before making another login attempt.
• The BASIC > Status page has been renamed to BASIC > Dashboard.

Improved Performance and Security

• Mail delivery now supports connection caching, thereby reducing the amount of network traffic as well as load on destination mail servers.
• TLS support is improved and now provides:
  • Better fallback negotiation
  • Wildcard support for requiring TLS to destination domains and sub-domains
  • Certificate validation

Virtualization

• Barracuda Spam Firewall Vx virtual machines now show the core capacity and usage on the BASIC > Dashboard page.

Fixed in Version 7.0

Version 7.0.0.004

Mail Processing

• Fix: Resolved issue with connecting to recipient servers when Enable SMTP over TLS/SSL is enabled (see the ADVANCED > Email Protocol page).

Version 7.0.0.003

Security

• Fix: Resolved the following vulnerability:
  • Medium severity: Update OpenSSL to address CVE-2015-0204 (commonly known as 'FREAK'), CVE-2015-0286, CVE-2015-0287, CVE-2015-0289, CVE-2015-0292, CVE-2015-0293, CVE-0209, and CVE-2015-0288 [BNSEC-5674 / BNSF-23869]

Version 7.0.0.002

Mail Processing

• Feature: SMTP response codes for rejected messages can now be customized on the ADVANCED > SMTP Responses page. [BNSF-20867]
• Enhancement: Added support for Recipient Addresses which include address tagging. See Recipient Delimiter on the ADVANCED > Email Protocol page for more information. [BNSF-7518]
• Enhancement: Outbound mail now supports connection caching to destination mail servers. [BNSF-18823]
• Enhancement: Updating a per-domain recipient whitelist now takes immediate effect, no longer requiring a Reload. [BNSF-19025]
• Enhancement: Improved TLS fallback and detection behavior. [BNSF-19178]
• Enhancement: The setting for Require Encrypted TLS relaying email to these destination servers now supports domain names, and wildcards, rather than specific servers. Click the Help button on the domain level ADVANCED > Email Protocol page for more information. [BNSF-19640]
• Enhancement: Requiring TLS to a destination domain now supports certificate validation instead of checking the hostname. [BNSF-19807]
• Fix: Fixed issue where mail could intermittently stop processing. [BNSF-14626]
• Fix: Outbound mail delivery no longer attempts to use IPv6 if the system is configured to only use IPv4. [BNSF-19703]
• Fix: Mail which bounced (return notification) due to an un-reachable server no longer shows as Deferred in the Message Log. [BNSF-19347]
• Fix: Comma delimiters separating destination mail servers now correctly enable load balancing. [BNSF-19397]
• Fix: Load balancing mode now properly handles fail-over if the attempted destination mail server is unreachable. [BNSF-19398]
• Fix: Certain attachment types no longer cause an error when adding footers to emails. [BNSF-21580]
• Fix: SPF outbound checks now properly handles private IP addresses and relays between Barracuda Spam Firewalls. [BNSF-21586, BNSF-22010]
• Fix: Barracuda Reputation and RBL IP Exemption Ranges now work as expected with Trusted Forwarders. [BNSF-22623]
• Fix: Multiple messages in a single session with invalid recipients no longer works with whitelisting as expected. [BNSF-22478]
• Fix: Outbound emails no longer erroneously include footers configured for other domains if a system wide footer is not configured. [BNSF-22495]
• Fix: Inbound mail are no longer incorrectly caught by Predefined credit card filters when the Link Domains feature is used and the primary domain is not fully configured. [BNSF-22874]

Web Interface

• Enhancement: Viewing a message now records the event in Web Syslog (see ADVANCED > Troubleshooting). [BNSF-7402]
• Enhancement: The addition of users now verifies that the domain exists on the Barracuda Spam Firewall before adding a user for that domain. [BNSF-20188]
• Enhancement: Updated translations. [BNSF-22551, BNSF-22707]
• Enhancement: Support for recently changed time zone/daylight savings times including Moscow and Fiji. [BNSF-22854]
• Fix: Message Log search filter now properly clears OR conditions when removed from the filter. [BNSF-21295]
• Fix: Online Search now properly works when HTTPS/SSL Access Only is enabled. [BNSF-21682]
• Fix: Deleting all displayed Emails from the Quarantine Summary Digest now properly deletes the quarantined emails from the system. [BNSF-22742]
• Fix: Helpdesk users can now see headers when Helpdesk users are allowed by the administrator to view headers. [BNSF-22791]
• Fix: Downloading an attachment from the Outbound Quarantine no longer forces a logout. [BNSF-22817]

Backup

• Enhancement: Added support for FTPS. [BNSF-2658]
• Enhancement: Added support for NTLMv2 on ADVANCED > Backup. [BNSF-22061]
• Enhancement: Improved reliability and compatibility with SMB targets for backup. [BNSF-22270]
• Fix: FTP PASV detection works for legacy restores. [BNSF-22678]

Security

• Fix: resolved the following vulnerabilities:
• Medium severity vulnerability: non-persistent XSS, authenticated [BNSEC-4544 / BNSF-22332]
• Medium severity vulnerability: non-persistent XSS, authenticated [BNSEC-4528 / BNSF-22334]
• Medium severity vulnerability: authenticated, security control bypass [BNSEC-3246 / BNSF-21595]
• Low severity vulnerability: non-persistent XSS, authenticated [BNSEC-4531 / BNSF-22333]

Firmware Version 6.1

What's New in Version 6.1

Email Categorization

• This feature gives administrators an additional way to decide what to do with various types of emails from senders on the Barracuda Reputation Whitelist. These emails are separated into different categories such as Transactional, Corporate and Marketing, each of which can have a different delivery action associated with it.

Extended Malware Protection

(Available on model 600 and higher)

• An additional layer of deep message scanning is available as Extended Malware Protection leveraging a third-party scanner. This feature is only available with a subscription. Contact your local Barracuda Networks Sales Reseller to purchase this subscription.

Barracuda Outlook Add-in

(Available on some models)

Note: To run version 6.1.4.001 of the Barracuda Spam Firewall firmware, you must update your Barracuda Outlook Add-in to version 6.1.11 or later (see the USERS > User Features page).

Fixed in Version 6.1

Version 6.1.5.006

Web Interface

• Fix: Resolved issue with rare cases of some charts on the BASIC > Status page not rendering correctly. [BNSF-22546]

Mail Processing

• Fix: TLS 1.1 and 1.2 remain available when SSLv2 and SSLv3 are disabled. [BNSF-22876]

Version 6.1.5.004

Virtualization

• Feature: Added support for hourly billing virtual deployment in Microsoft Azure. [BNSF-22841]

Version 6.1.5.003

Web Interface

• Fix: SSLv3 has been disabled in the web interface to mitigate CVE-2014-3566 (SSL POODLE). [BNSF-22788]

Mail Processing

• Enhancement: New setting on ADVANCED > Email Protocol page to allow or disallow SSLv2 and SSLv3 for incoming SMTP connections. Setting to Yes provides for greater compatibility with older mail servers. Set to No to mitigate the recently reported SSL POODLE [CVE-2014-3566] issue. [BNSF-22788]
• Fix: Resolved an issue in the encryption module that affected transmission of outbound messages over a TLS connection to some types of mail servers. [BNSF-22782]

Version 6.1.5.001

Mail Processing

• Feature: Added support for Perfect Forward Secrecy in the following two scenarios: [BNSF-21503]
  • When sending SMTP traffic over a TLS connection. To configure SMTP over TLS, see Enable SMTP over TLS/SSL on the ADVANCED > Email Protocol page.
  • When using HTTPS access for the Barracuda Spam Firewall web interface. This requires using properly configured SSL certificates. See the ADVANCED > Secure Administration page to configure certificates.
  • Note: Perfect Forward Secrecy is always on and offered to clients.

Barracuda Appliance Control

• Fix: From the Barracuda Appliance Control interface, clicking on a message in the Message Log properly renders the Message Details popup window and message information. [BNSF-22666]

Version 6.1.4.001:

Mail Processing

• Enhancement: Improved concurrent processing performance of the Barracuda Spam Firewall 900. [BNSF-21877]
• Enhancement: Improved message body scanning. [BNSF-21891]
• Enhancement: Optimized performance of Barracuda Reputation Blocklist resource utilization, update, and lookup. [BNSF-22036]
• Enhancement: Header filters can now be applied to the Received header added by the Barracuda Spam Firewall. [BNSF-22101]
• Enhancement: Improved performance of recipient verification lookup when Local Database is not in use. [BNSF-22185]
• Enhancement: Improved resource utilization for scoring and attachment scanning. [BNSF-22266]
• Enhancement: Valid and Explicit Recipients no longer require the primary email address to be listed twice on the ADVANCED > Explicit Users page (at the global level) or the USERS > Valid Recipients page (at the domain level). [BNSF-22357]
• Enhancement: Improved memory performance with attachment processing. [BNSF-22362]
• Fix: In clustered environments, Per-User Quarantine accounts now support special characters such as apostrophes, for example. [BNSF-16814]
• Fix: Archiving of encrypted messages handles TLS-based connections correctly. [BNSF-21150]
• Fix: Plain text footers are not duplicated if the footer is multi-line. [BNSF-21376]
• Fix: Resolved issue which could prevent statistics and Message Log from updating. [BNSF-21848]
• Fix: Quarantined messages with multi-byte characters in the headers can now be delivered. [BNSF-21964]
• Fix: PTR record analysis now properly handles Trusted Forwarders when a connection is made. [BNSF-22196]
• Fix: Resolved intermittent logging issue which, at times, used disk space on the firmware partition. [BNSF-22201]
• Fix: Now all messages from a whitelisted IP address in a single session are whitelisted. Previously only the first message was whitelisted. [BNSF-22205]
• Fix: Resolved long delay for display of BASIC > Status and ADVANCED > Energize Updates pages when offline updates are used. [BNSF-22258]
• Fix: Improved performance when Energize Updates are applied on a Barracuda Spam Firewall appliance under heavy System Load. [BNSF-22300, BNSF-22398]
• Fix: Outbound quarantine now works on the Barracuda Spam Firewall 100 and 200. [BNSF-22351]

Reporting

• Fix: Email Encryption Details report columns are correctly labeled. [BNSF-22095]

Web Interface

• Enhancement: Password values changed via the Support Tunnel are now masked from Syslog output. [BNSF-22018]
• Enhancement: Added Russian translations to NDR templates. [BNSF-22323]
• Enhancement: Included Icelandic translations for end user pages in the web interface. [BNSF-22358]
• Fix: Resolved case sensitivity issue when domain names are referenced in various settings. [BNSF-21358]
• Fix: Web interface no longer displays 'Temporarily Unavailable' if an invalid character set attribute is detected. [BNSF-22180, BNSF-22240]

Backup

• Fix: When restoring a backup to a new Barracuda Spam Firewall, upgraded to the most recent firmware, you are no longer required to do a Reload to prevent an 'Invalid Domain' response. [BNSF-20703]
• Fix: Resolved issue which could prevent backup jobs from completing. [BNSF-21915]
• Fix: Backups can now be restored if the web browser is configured for Japanese character sets. [BNSF-22364]

Barracuda Outlook Add-in

• Fix: The Barracuda Spam Firewall now returns error messages when appropriate from the Barracuda Outlook Add-in and Exchange Antivirus Add-in. [BNSF-22220]
• Fix: The Barracuda Outlook Add-in now properly detects the custom HTTPS port. [BNSF-22382]

Security

• Fix: resolved the following vulnerabilities:
• Medium - High severity vulnerability: insufficient authorization [BNSEC-4517 / BNSF-21063]
• Medium - High severity vulnerability: non-persistent XSS, unauthenticated [BNSEC-1251 / BNSF-20597]
• Low severity vulnerability: unauthenticated, remotely exploitable, information disclosure [BNSEC-3421 / BNSF-21649]

Version 6.1.3.001:

Virtualization

• Feature: Added support for virtual deployment in Microsoft Azure. [BNSF-22130]

Version 6.1.2.003:

Mail Processing

• Fix: Prevent the SpamIntent Category in Intent Analysis from defaulting to Off on upgrade. If a previous upgrade has occurred, please see the Intent Categories table for Spam in the Intent Analysis section of the BASIC > Spam Checking page and verify the setting. [BNSF-21927]

Version 6.1.2.002:

Security

• Fix: Resolved the following vulnerability:
  • Medium severity: Updated OpenSSL to address the issues reported in OpenSSL's security advisory dated 2014-06-05 [BNSEC-4499 / BNSF-22245]

Version 6.1.2.001:

Mail Processing

• Enhancement: Improved DLP detection algorithms for birth dates. [BNSF-21396]
• Enhancement: Improved handling of unusually formatted emails. [BNSF-21407]
• Fix: Messages were erroneously blocked by attachment type when whitelisted by the sender. [BNSF-20505]
• Fix: Messages with certain malformed headers now appear correctly in the message log. [BNSF-21305]
• Fix: Resolved issues with malformed headers from Trusted Forwarders. [BNSF-21897, BNSF-21906]
• Fix: Multiple messages in a single session are no longer encrypted after a message encrypted via the Outlook Add-in. [BNSF-21955]
• Fix: Per-User Scoring is no longer used when disabled. [BNSF-21800]

Web Interface

• Feature: Added ability to submit Email Categories for incorrect or uncategorized messages. [BNSF-21700]
• Feature: Added support for Europe/Busingen timezone. [BNSF-21988]
• Enhancement: Improved memory handling and performance of the Web Interface after long periods of time. [BNSF-22142, BNSF-22155]
• Fix: Resolved sporadic issue where BASIC > Status page would fail to load. [BNSF-21994, BNSF-22184]
• Fix: Deprecated timezones are not correctly updated when restored from a backup. [BNSF-21770, BNSF-21836]
• Fix: Restored the PRI facility field to Syslog. [BNSF-22044]
• Fix: Messages can now be delivered from any box in a cluster. [BNSF-22083]

Backup

• Fix: Resolved intermittent scenario in which Restore would fail if a previous backup or restore had failed. [BNSF-21257]
• Fix: Scheduled Backups Destination can now be changed from Cloud. [BNSF-21286]

Cloud Control

• Fix: The Cloud Control status chart now shows the correct date for the status bars. [BNSF-21842]

Security

• High severity vulnerability: unauthenticated, remotely exploitable, HTTP header injection [BNSEC-1168 / BNSF-20796]

Version 6.1.1.001:

Virtualization

• Feature: Added support for virtual deployment in Amazon Web Services. [BNSF-21875]

Version 6.1.0.003:

Mail Processing

• Enhancement: Improved processing of attachment filenames. [BNSF-21995]

Web Interface

• Fix: Bulk editing the list of domains no longer omits certain domains. [BNSF-21742]
• Enhancement: Added support for localized web interface for Email Categorization. [BNSF-22029]

Version 6.1.0.001:

Mail Processing

• Feature: Email Categorization. Messages from Barracuda-verified senders (including those on the Barracuda Reputation Whitelist) are categorized to allow the administrator another way to determine what action to take on various types of emails. Actions for each Category may be configured from the BLOCK/ACCEPT > IP Reputation page.[BNSF-21615]
• Feature: An additional layer of malware detection has been added with the Extended Malware feature. [BNSF-21662]
• Enhancement: Per-Domain whitelisting and blocklisting of IP addresses now honors Trusted Forwarder status. [BNSF-13907]
• Fix: Improved processing of messages with very long URLs. [BNSF-21779]
• Fix: Improved handling of Received headers containing missing IP addresses. [BNSF-21793]

Web Interface

• Feature: The Message Log now contains the IP address of the destination server. [BNSF-21404]
• Feature: The Message Debug Identifier has been added to the Queue Managment for easier tracing of messages. [BNSF-21405]
• Fix: Changing the character set in the Message Viewer now shows the message rather than the login page. [BNSF-21348]
• Fix: APIs now properly account for colons in regex values. [BNSF-21522]
• Fix: Adding valid recipients is now logged to the GUI syslog. [BNSF-21536]
• Fix: Explicit users are not supported by the list_valid_recipient_aliases API call. [BNSF-21768]

Reporting

• Fix: LDAP Failure notification report now accounts for case changes in domains. [BNSF-17538]

Security

• Fix: Resolved the following vulnerabilities:
  • High severity: Authentication bypass [BNSEC-3188 / BNSF-21585]
  • Medium - High severity: Requires authentication; security control bypass [BNSEC-3208 / BNSF-21593]
  • Medium severity: Requires authentication; denial of service [BNSEC-3297 / BNSF-21598]
  • Medium severity: Unauthenticated; information disclosure [BNSEC-3259 / BNSF-21596]
  • Medium severity: Requires authentication; security control bypass [BNSEC-3198 / BNSF-21591]
  • Low severity: Unauthenticated; remotely exploitable; information disclosure [BNSEC-3421 / BNSF-21649]
  • Low severity: Non-persistent XSS; requires authentication; remotely exploitable [BNSEC-3287 / BNSF-21597]

Firmware Version 6.0

What's New in Version 6.0

Cloud Services

• Cloud Protection Layer (CPL) - Now provides an integrated Message Log together with messages processed by the Barracuda Spam Firewall.
• Backups to the Cloud - New option to back up to the Barracuda Cloud with the same backup features as always, configurable from the ADVANCED > Backup page. Use your Barracuda Customer Account credentials to connect. If you don't have an account, you can create one following instructions in this Barracuda Campus article: Create a Barracuda Cloud Control Account, or create one from the ADVANCED > Cloud Control page.

Encryption

• More reports detailing number of encrypted emails sent, number of encrypted emails opened by recipients, policies that triggered encryption action and number of recalled messages.

Message Privacy

• Governance, Risk Management and Compliance (GRC) - The GRC role is used as a way to provide governance, risk management and compliance to email content. The GRC only has access to Outbound Quarantine logs via the web interface and has the job of reviewing the messages in the log, determining which ones should be delivered or rejected based on policy. The administrator can enable or disable the GRC account at any time. Configure on the BASIC > Administration page.
• Message Log Privacy - To protect email privacy, you can enable the Secondary Authorization feature to require a password before the Admin, Domain Admin, Helpdesk or GRC roles can view entries or email message contents across the system (including the global Message Log, per-domain Message Logs, queue management, outbound quarantine and quarantine inboxes). Configure on the BASIC > Administration page.

SSL Certificates

• Certificate installation is now greatly simplified by parsing the type of certificate uploaded and prompting for missing information.
• Supports PKCS12, X.509(PEM), and Chain certificate(.crt) formats.
• Users can now remove unused certificates from the system.

Add-ins

(Available on some models)

• The Barracuda Outlook Add-in supports Outlook 2003, Outlook 2007, Outlook 2010 and 2013. Support for Outlook XP is no longer available.
  Note: To run version 6.0.2.001 of the Barracuda Spam Firewall firmware, you must update your Barracuda Outlook Add-in to version 6.0.40 or later (see the USERS > User Features page).
• The Lotus Notes Plugin is no longer supported, starting in Firmware Release 6.0.

Version 6.0.2.002:

Mail Processing

• Enhancement: Multi-level intent analysis consistently handles timeouts. [BNSF-21731]
• Fix: PTR record analysis now honors Trusted Forwarder status; i.e. IP addresses are checked until and including the first IP that is not a trusted forwarder. [BNSF-21559]

Web Interface

• Fix: Converted time zones per new 2013 DST settings. [BNSF-21277].
  The following time zones have been converted:
  • Antarctica/South Pole, Amundsen-Scott Station, South Pole. New Time Zone: Antarctica/McMurdo
  • America/Montreal Eastern Time - Quebec - most locations. New Time Zone: Toronto
  • America/Shiprock Mountain Time, Navajo. New Time Zone: America/Denver America/Shiprock

Version 6.0.2.001:

Mail Processing

• Enhancement: Improved Sender Policy Framework (SPF) algorithms for increased accuracy. [BNSF-18114, BNSF-20387, BNSF-20523, BNSF-20558, BNSF-20883, BNSF-21068, BNSF-21118]
• Enhancement: Hard SPF detection failures are now enabled by default. [BNSF-17929]
• Enhancement: Inbound mail from a Trusted Relay source is now subject to Recipient Verification (if configured) to prevent sending email to an invalid user for the domain. [BNSF-20482].
• Enhancement: Mail Journaling can now be configured to only journal Quarantined messages on delivery. [BNSF-19388]
• Enhancement: Multi-level intent analysis performs better with slow web servers. [BNSF-20003]
• Enhancement: Improved disk space management. [BNSF-20543, BNSF-21026, BNSF-21339, BNSF-21308]
• Enhancement: Improved recovery of services that are in an inconsistent state. [BNSF-20656, BNSF-20802, BNSF-20898]
• Enhancement: Improved real-time detection for multilevel intent analysis. [BNSF-20733]
• Enhancement: Improved attachment detection and filtering. [BNSF-19488]
• Enhancement: Optimized analysis of messages with compressed files (.tgz, .rar, .zip). [BNSF-21147]
• Enhancement: Improved DLP detection algorithms for message contents and attachments, including those for identifying dates, credit card information, and data in Excel files. [BNSF-21094, BNSF-21354, BNSF-20736, BNSF-21272]
• Enhancement: Added default German NDR texts. [BNSF-21058]
• Fix: The Create Password email can now be sent to users with spaces in the UID. [BNSF-14773]
• Fix: Block Sender Verify is no longer disabled when Block Empty Sender is enabled. [BNSF-14977]
• Fix: PTR record analysis is now performed when mail is received from a Trusted Forwarder. [BNSF-19257]
• Fix: All messages in a single SMTP session are now whitelisted when sent from a whitelisted IP address. [BNSF-19779, BNSF-20562]
• Fix: Improved whitelist setting interactions between a primary account and its LDAP or Valid Recipient alias. [BNSF-20592, BNSF-21453]
• Fix: Improved detection of UPS tracking numbers previously mis-identified as Social Security Numbers. [BNSF-19577]
• Fix: Outbound Quarantine messages could be delivered to the Inbound Quarantine address with the Inbound Quarantine tag when using Global Quarantine. [BNSF-20032]
• Fix: Resolved issue processing messages with headers including ports with IP addresses. [BNSF-20524]
• Fix: Messages blocked due to file type now report as banned rather than accepted. [BNSF-20525]
• Fix: Whitelist properly takes precedence over quarantine rules that are based on EmailReg settings. [BNSF-20934]
• Fix: Resolved issue in which, in rare circumstances, per-user quarantine files could be written as zero bytes when in a clustered environment. [BNSF-20991]
• Fix: Spam analysis conditions which could prevent unusual messages from being processed. [BNSF-20994, BNSF-20997]

Web Interface

• Enhancement: Improved web interface performance when displaying a large number of users or domains. [BNSF-18336]
• Enhancement: Reduced time to reload system configurations when there are a large number of domains. [BNSF-20145]
• Enhancement: Single Sign-On now honors Valid Recipient alias linking. [BNSF-19754]
• Enhancement: Improved support for Internet Explorer 9 and 10 and Firefox 23 and Safari. [BNSF-19525, BNSF-19837, BNSF-19978, BNSF-20259, BNSF-21324, BNSF-21244]
• Enhancement: Manual Backups now show the correct status without requiring a manual refresh. [BNSF-19836]
• Enhancement: Improved detection of malformed character sets when displaying unicode messages. [BNSF-20503]
• Enhancement: Added 3 new methods to API to list, add and delete Valid Recipients. [BNSF-20605]
• Enhancement: The SMTP port is now excluded from synchronization across systems in a cluster. [BNSF-20561]
• Enhancement: Option for the Helpdesk role to view message headers (configured on the BASIC > Administration page). [BNSF-21204]
• Enhancement: Web Syslog contents now include the year, usernames, troubleshooting commands, and configuration changes made by Barracuda Technical Support. May require a restart of your syslog clients in order to receive the additional data. [BNSF-20990, BNSF-21206, BNSF-21207, BNSF-21431, BNSF-21504]
• Enhancement: Updated translations. [BNSF-19999, BNSF-20000, BNSF-20217, BNSF-20325, BNSF-20862, BNSF-21123, BNSF-21418]
• Fix: Time zone updates for Israel per new 2013 DST settings. [BNSF-21277]
• Fix: Journaling to the Barracuda Message Archiver now accepts an IP address. [BNSF-13505]
• Fix: Corrected handling of unicode characters in user whitelists. [BNSF-13751]
• Fix: Reduced time to log into the web interface when the update server is not reachable. [BNSF-18333]
• Fix: Improved handling of special characters such as '$' in the LDAP password for Single Sign-On users. [BNSF-19396]
• Fix: All users are now able to view quarantine messages when a device is removed from a cluster. [BNSF-19567]
• Fix: Viewing message bodies in a clustered environment no longer results in an error for some messages. [BNSF-21449]
• Fix: Searching the outbound quarantine from a user's account no longer forces a logout. [BNSF-19775]
• Fix: Repaired erroneous validation of the Message Log's Time Range filters. [BNSF-20218]
• Fix: Repaired Time Range searches of Outbound messages in the Message Log. [BNSF-21273]
• Fix: Message Log filter errors are now properly encoded. [BNSF-19968]
• Fix: The Barracuda Spam Firewall Vx now displays the correct expiration date for Energize Updates subscriptions. [BNSF-20076]
• Fix: The SNMP agent starts correctly on the Barracuda Spam Firewall Vx. [BNSF-19478]
• Fix: Graceful shutdown via the power button now works in all cases. [BNSF-20706]
• Fix: The 'ping' command works as expected with IPv6. [BNSF-20726]
• Fix: Performance statistics are now displayed when viewing the BASIC > Status page in the web interface page for the Chinese locale. [BNSF-21156]

Backup

• Enhancement: FTP backups now attempt both active and passive mode. [BNSF-7762]
• Fix: SMB shares are now always unmounted after a backup. [BNSF-19249]
• Fix: Repaired display of backup files available via FTP. [BNSF-21332]

Cloud Control

• Feature: The ADVANCED > Queue Management page is now available from Barracuda Cloud Control. [BNSF-19534]
• Fix: Errors restoring backups are now propagated to the top level of the Barracuda Cloud Control tree. [BNSF-19534]
• Fix: Repaired links for running/completed tasks. [BNSF-20186, BNSF-20194]

Barracuda Outlook Add-in

This firmware version requires update of your Barracuda Outlook Add-in (see the USERS > User Features page) to version 6.0.40 or later.

• Enhancement: Classification buttons are now available for public folders. [BNSF-20670]
• Enhancement: The Alternate URL was removed from the ADM configuration in favor of auto-provisioning. [BNSF-20670]
• Fix: The property page now shows correctly in Outlook 2003 and 2007. [BNSF-21300]
• Fix: The Add-in no longer fails to start if a localization is unavailable. [BNSF-21492]

Exchange Antivirus

• Enhancement: Improved handling of corrupted virus definition updates. [BNSF-20648]
• Fix: The Exchange Antivirus Agent now starts for all localized versions of Microsoft Exchange. [BNSF-19315]

Security

• Fix: Resolved the following vulnerabilities:
  • High severity: Persistent XSS; unauthenticated; remotely exploitable. [BNSEC-2590]
  • High severity: Authentication bypass. [BNSEC-2625]
  • High severity: Information disclosure. [BNSEC-2816]
  • Medium severity: Unauthenticated; information disclosure. [BNSEC-1658]
  • Medium severity: Information disclosure. [BNSEC-2814]
  • Low - Medium severity: Persistent XSS; unauthenticated; authentication bypass. [BNSEC-2563]
  • Low severity: Persistent XSS; requires authentication; remotely exploitable. [BNSEC-220]
  • Low severity: Non-persistent XSS; requires authentication; remotely exploitable. [BNSEC-1052]

Fixed in Version 6.0

Version 6.0.0.029:

Mail Processing

• Enhancement: Improved real-time detection of malformed attachments. [BNSF-21142].

Security

• Fix: Resolved the following vulnerabilities:
  • High severity: Persistent XSS; unauthenticated; remotely exploitable. [BNSEC-1550 / BNSF-20929]
  • High severity: Persistent XSS; unauthenticated; remotely exploitable. [BNSEC-1650 / BNSF-20943]
  • Medium - High severity: Non-persistent XSS; unauthenticated [BNSEC-1251 / BNSF-20597]
  • Low - High severity: Persistent XSS; requires authentication. [BNSEC-391 / BNSF-19756]
  • Low - High severity: Non-persistent XSS; requires authentication [BNSEC-1068 / BNSF-20228]
  • Low - High severity: Requires authentication; information disclosure. [BNSEC-1706 / BNSF-20955]
  • Medium severity: Information disclosure. [BNSEC-107 / BNSF-17460]
  • Low - Medium severity: Unauthenticated; information disclosure. [BNSEC-1746 / BNSF-20978]
  • Low severity: Persistent XSS; requires authentication. [BNSEC-220 / BNSF-18321]
  • Low severity: Persistent XSS; requires authentication. [BNSEC-1702 / BNSF-20953]
  • Low severity: Non-persistent XSS; requires authentication. [BNSEC-1152 / BNSF-20394]
  • Low severity: Requires authentication; information disclosure. [BNSEC-1160 / BNSF-20396]
  • Low severity: [BNSEC-1383 / BNSF-20817]

Version 6.0.0.028:

Mail Processing

• Enhancement: Access to updated Barracuda Real Time Systems (BRTS). The updated BRTS is significantly faster and leverages additional lookups and faster detection operations. with this BRTS update, the Barracuda Spam Firewall can adapt to spam faster and more accurately. [BNSF-20859]

Barracuda Outlook Add-in

This firmware version requires update of your Barracuda Outlook Add-in (see the USERS > User Features page) to version 6.0.21 or later.

Web Interface

• Fix: Firmware updates no longer fail to show progress in some cases. [BNSF-20790]

Version 6.0.0.027:

Web Interface

• Fix: The Search button returns the correct result set the first time it is clicked when using the 'Time' search filter. [BNSF-20591]
• Fix: Time zone updates for Chile and Paraguay per new 2013 DST settings. [BNSF-20522]

Version 6.0.0.019:

• Fix: Message Log search actions that exceed a certain processing duration now display a partial result set to avoid a timeout. [BNSF-20110]

Version 6.0.0.018:

Security

• Fix: Reflective cross-site scripting issue on the ADVANCED > Troubleshooting page. [BNSEC-1088]

Mail Processing

• Enhancement: Per-User Allows and Block lists now check envelope from and header from. [BNSF-17727]
• Enhancement: Improved performance for Realtime Intent Analysis. [BNSF-20002]
• Fix: Attachment content filtering does not cause a spike in CPU usage. [BNSF-17216]
• Fix: Rejected mail retrieved from a a POP3 server is now marked for deletion. [BNSF-19035]
• Fix: Filename attachment filters with some special characters block mail as expected. [BNSF-19831]
• Fix: Rate control is no longer applied excessively to POP accounts. [BNSF-19745]
• Fix: Filename attachment filters with some special characters do not always block mail. [BNSF-19831]
• Fix: Rate control was overapplied to POP accounts. [BNSF-19745]

Cloud Control

• Enhancement: Rate Control and Trusted Forwarder settings are now synchronized with and used by CPL unless overridden in CPL-specific settings. [BNSF-20094]

Web Interface

• Enhancement: Improved Internet Explorer and Safari compatibility. [BNSF-19811, BNSF-19837, BNSF-19570]
• Enhancement: SSL 2.0 has been disabled. [BNSF-19872]
• Enhancement: The Auditor role has been renamed GRC, as it is intended as a way to provide governance, risk management and compliance to email content. [BNSF-19916]
• Enhancement: Improved character display for various pages. [BNSF-19881]
• Fix: Bulk Edit does not properly store the '&' character. [BNSF-18342]
• Fix: The Message Log could fail to display in rare circumstances. [BNSF-19684]
• Fix: Message log filtering is no longer case sensitive. [BNSF-19955]
• Fix: The correct branding image is now properly used when changing images for the Encryption service. [BNSF-20019]
• Fix: The web interface no longer shows Temporarily Unavailable upon delivering a message from per-user quarantine. [BNSF-20075]
• Fix: Searching the quarantine message log no longer logs out the user from the web interface. [BNSF-19775]
• Fix: The correct branding image is now properly used when changing images for the Encryption service. [BNSF-20019]
• Fix: Searching the quarantine message log no longer logs the user out. [BNSF-19775]

Add-in

• Fix: The correct error message is shown if Copy (www.copy.com) cannot be contacted by the Barracuda Spam Firewall. [BNSF-19847]

Version 6.0.0.015

• Fix: Resolved issue with potential SSH access to unit when not deployed behind a firewall. To completely disable remote support functionality, contact Barracuda Networks Technical Support. Reported by Stefan Viehböck, SEC Consult Vulnerability Lab (https://www.sec-consult.com). [BNSEC-767]

Version 6.0.0.007:

Backup

• Feature: Improved backup web interface. [BNSF-19325]
• Enhancement: Backup files are deleted upon successful completion of a backup. [BNSF-18628]
• Enhancement: Restoring a backup no longer restores Advanced Network information. [BNSF-18957]
• Enhancement: Configuration backups are now encrypted. [BNSF-19496]
• Fix: Backup does not fail if there are special characters in the login name or password. [BNSF-14472]
• Fix: SMB mounts are now automatically dismounted after a backup. [BNSF-14625]
• Fix: Restoring a backup configuration now immediately processes mail for domains without requiring a Reload. [BNSF-19350]

Mail Processing

• Enhancement: Disabling SMTP Over TLS at the system level no longer rejects domains which are required by the Domain-level Force TLS settings. [BNSF-17474]
• Enhancement: Spoof Protection now looks at headers in addition to the envelope content. [BNSF-17679, BNSF-15997]
• Enhancement: Whitelisted messages are now flagged as whitelisted if Trusted Forwarders are configured on the BASIC > IP Configuration page. [BNSF-17943]
• Enhancement: Active directory default LDAP filter has been modified to reduce AD CPU load. [BNSF-17993]
• Enhancement: Improved HIPAA medical term detection in email content. [BNSF-18390]
• Enhancement: Malicious URL scanning now correctly scans all HTML attachments. [BNSF-18564]
• Enhancement: TNEF files are now scanned for viruses. [BNSF-18921]
• Enhancement: Added the ability to exempt email addresses and domains from encryption from the BASIC > Administration page. [BNSF-18949]
• Enhancement: Improved recipient verification performance if no Explicit Users are defined. [BNSF-19048]
• Enhancement: Improved false positive detection for DLP settings. [BNSF-18738, BNSF-19321, BNSF-19946]
• Enhancement: TLS can now be required for all incoming domains from the Per Domain ADVANCED > Email Protocol page. [BNSF-19738]
• Fix: Duplicate X-Barracuda-IPDD header lines are no longer added. [BNSF-15751]
• Fix: Duplicate X-Barracuda-Registry header lines are no longer added. [BNSF-19829]
• Fix: The Queue Management timestamp now matches the message log timestamp in all cases. [BNSF-19149]
• Fix: Improved processing performance for large multipart text emails. [BNSF-19644]
• Fix: Attachment filter now correctly detects video file types with altered extensions. [BNSF-18977]
• Fix: LDAP routing will now enable alias rewriting if username/password are not set. [BNSF-19114]
• Fix: SPF IPv6 record lookups work as expected. [BNSF-19500]
• Fix: URL inspection now correctly handles UTF-8 characters. [BNSF-19575]
• Fix: Improved process monitoring of front end scanning engine. [BNSF-19675]
• Fix: Appliance remains offline after a firmware update if it is already in offline mode. [BNSF-18941, BNSF-19705]
• Fix: Rate control settings for POP accounts are now applied correctly. [BNSF-19745]

Cloud Control

• Enhancement: Added Users and Advanced pages to Barracuda Cloud Control administration. [BNSF-16098, BNSF-16288]
• Enhancement: Passwords are masked in syslog output. [BNSF-16498]
• Fix: Unicode characters can now be added to tables through the Barracuda Cloud Control. [BNSF-18087]

Reporting

• Fix: Report performance has been optimized. [BNSF-16599, BNSF-17853]
• Fix: Queue details now include the To address. [BNSF-17127, BNSF-18516]
• Fix: LDAP failures are now sent to all email addresses when addresses include Unicode characters. [BNSF-18491]
• Fix: Traffic reports are no longer sorted in reverse order. [BNSF-18673]

Web Interface

• Feature: Improved syslog performance [BNSF-18033]
• Feature: Destination Mail Servers can now be defined using an MX record. [BNSF-19358]
• Enhancement: Syslog now logs 'Guest' logins. [BNSF-18102]
• Enhancement: Improved web performance. [BNSF-18378]
• Enhancement: Improved search performance of message log in a clustered environment. [BNSF-17385, BNSF-18734]
• Fix: Clustering is now removed from Running Tasks when complete. [BNSF-9554]
• Fix: Changing the hostname or destination mail server now takes immediate effect. [BNSF-17616, BNSF-19279]
• Fix: Adding a new domain now takes effect immediately without requiring a Reload. [BNSF-17673]
• Fix: Resolved false notification of 'old static routes on your system'. [BNSF-17963]
• Fix: Domain Admins can now set an end user to the Helpdesk role. [BNSF-18843]
• Fix: Message log could fail to display under some circumstances. [BNSF-18921]
• Fix: The Troubleshooting Telnet Utilities no longer omits the connection banner when telnetting to a mail server. [BNSF-19163]
• Fix: Product tips no longer expand to the entire browser width. [BNSF-19669]
• Fix: Message Log is no longer sorted based on the Queue Management sort. [BNSF-16315]
• Fix: Product tips now properly expire [BNSF-19661]

Barracuda Outlook Add-in

• Feature: Outlook Add-in now supports Outlook 2013. [BNSF-19535]
• Fix: Outlook Add-in no longer creates user accounts if quarantine is set to Global. [BNSF-18883]

Firmware Version 5.1

What's New in Version 5.1

• Exchange Antivirus
  • The new Barracuda Networks Exchange Antivirus Agent runs as a Windows service on your Microsoft Exchange server and enables it to scan internal email for viruses. From the ADVANCED > Exchange Antivirus page you can download the agent and view associated email statistics once it is installed and running.
• IPv6
  • New IPv6 support provides email receipt and delivery over IPv6 networks.
  • Email can be redirected by policy to an IPv6 network/server.
• Encryption
  • The Barracuda Microsoft Outlook Add-In now features a Send Encrypted button for sending encrypted emails.
  • Encrypted messages display as such in the Message Log with 'Outlook Add-in' as the Reason.
  • Administrators can upload a logo that will be displayed when recipients log into the Barracuda Message Center to retrieve encrypted messages.
  • Outgoing email notifications to recipients of encrypted messages can be customized using the per-domain ADVANCED > Encryption page.
• Barracuda Control Center
  • Improved Barracuda Control Center integration.
• Web Interface
  • Sender Domain and Sender Email filters are now combined on one page titled Sender Filters.
  • Simplified process for replacing failed units in a clustered system in a production environment.
  • The Explicitly Accepted Users and the Valid Recipients lists are now synchronized across clustered systems.
• Mail Processing
  • The Deep Header Scan setting for use with Trusted Forwarder IP addresses has been removed from the Web interface, as this functionality is now part of the Trusted Forwarder feature.
  • Sender Based Rate Control for outbound messages now counts number of recipients per sender as opposed to number of connections from the sender. The requirement for 5 unique sender email addresses before beginning rate control has been removed.
  • SNMP MIB extended to provide objects for additional mail and performance statistics, as well as statistics on encrypted, blocked, quarantined and tagged messages based on spam, custom policy, virus, etc. Includes outbound mail.
  • Multiple line regular expressions are supported for header filtering.
  • With HIPAA predefined filters, two or more terms are now needed to trigger an action with a message.
  • SMTP auth failures are logged in the Message Log for outbound mail only.

Fixed in Version 5.1

Version 5.1.3

The 5.1.3 firmware series was developed in parallel to the 6.0.x firmware series, and as such all fixes in 5.1.3 may not be in or even apply to the 6.0.x firmware. Relevant fixes from 5.1.3 will have been included starting with the 6.0 firmware series, so to prevent possible confusion the list of specific changes that went into 5.1.3 are not listed here. However, a complete list may be found in the release notes for the latest 5.1.3 release (5.1.3.007).

Version 5.1.2

Version 5.1.2.005:

• Enhancement: The Link Domains feature, configured on the BASIC > Quarantine page, and the per-domain Unify Email Aliases option, configured on the USERS > LDAP Configuration page at the domain level, are mutually exclusive and can no longer be enabled at the same time. These settings affect how and where user quarantined mail is delivered.

  Important:

  No changes are automatically made to existing settings after updating, so make sure to verify that both of these settings are not enabled at the same time. If both options were enabled prior to updating, and one is then disabled, that setting cannot be re-enabled without disabling the other setting. Please see the online help for both settings to understand what each feature does and decide which configuration works best for your organization. [BNSF-17401]
• Enhancement: If using Single Sign-On, users can now log in with either an alias or with their primary email address. If the per-domain Unify Email Aliases option is set to Yes, then when a user logs in with an alias, that user will be directed to the primary account. [BNSF-18377]
• Fix: When an LDAP user logs into the Barracuda Spam Firewall for the first time and uses an email alias to log in, a duplicate account will no longer be created if they already have a primary account. [BNSF-18839, BNSF-19406]

Version 5.1.2.004:

• Fix: Improved configuration data lookup for mail flow performance. [BNSF-19025, BNSF-18462]

Outlook 2016 Could Not Synchronize Record -19703 -

Version 5.1.2.003:

• Fix: Resolved high CPU loads that could occur with certain operations. [BNSF-19361]

Version 5.1.2.002:

• Enhancement: Improved per-domain recipient blocklisting. [BNSF-18462]
• Enhancement: Improved disk space monitoring. [BNSF-18998]
• Enhancement: The product web interface does not reveal version information to unauthenticated users. [BNSF-18437]
• Enhancement: Improved IPv6 message handling.
• Enhancement: Updated Polish translation of web interface.
• Enhancement: Updated Czech translation of web interface.
• Enhancement: Improved SPF checking for email from ipv6 networks. [BNSF-19110]
• Enhancement: Improved help text for the USERS > User Features page.
• Enhancement: Improved security for web interface login. [BNSF-19105]
• Enhancement: Improved internal process monitoring for mailflow, mitigating intermittent interruption to mail processing for firmware version 5.1.1.005 and higher. [BNSF-18984]
• Enhancement: Improved handling of large XLS files for attachment content filtering. [BNSF-18955]
• Enhancement: Improved process monitoring for secure web interface access over HTTPS. [BNSF-19070]
• Enhancement: Improved Barracuda Cloud Control connectivity. [BNSF-19129]
• Fix: Changes to the per-domain recipient whitelist now take immediate effect. [BNSF-19025]
• Fix: Changes to outbound mail trusted relay settings now take immediate effect, precluding 'Invalid Domain' errors. [BNSF-19156]
• Fix: Anonymous binding is allowed for LDAP routing/alias rewriting. [BNSF-19114]
• Fix: Relay Using Trusted Host/Domain (configured on the BASIC > Outbound page) works as expected. [BNSF-19193]
• Fix: Improved recognition of Japanese credit card numbers in Predefined Filters (BLOCK/ACCEPT > Content Filtering). [BNSF-18979]
• Fix: Inbound mail going to subdomains no longer mis-categorized as outbound mail. [BNSF-18960]
• Fix: The User Features Override table in the USERS > User Features help page now renders in widths appropriate to the amount of content to display in each column. [BNSF-17930]
• Fix: Bounce messages will not be inspected (so not blocked as 'invalid') when received from a trusted relay source. [BNSF-17564]
• Fix: Improved analysis of bounce messages (NDR) from MS-Exchange when receiving messages from a trusted forwarder. [BNSF-13370]
• Fix: Resolved potential 'Range Header' security issue [CVE-2011-3192]. Reported by Ben Williams, NGSSecure. [BNSF-18920]
• Fix: Messages no longer being blocked for internal domains hosted by the Barracuda Spam Firewall with reason of Invalid Domain. [BNSF-19111]

Version 5.1.1

Version 5.1.1.006:

• Enhancement: Improved spam fingerprint/ZeroHour virus protection accuracy.
• Enhancement: Support for recently changed time zone/daylight savings times including Moscow, Pacific/Pohnpei and Chile. [BNSF-18449, BNSF-17613, BNSF-18467]
• Enhancement: Updated Czech and Chinese translations in web interface.
• Fix: Mail for a specific domain is not rejected with 'invalid domain' message unless appropriate. [BNSF-17673]
• Fix: Rare circumstance no longer incorrectly causing messages to be deferred due to Rate Control. [BNSF-18059]
• Fix: Improved mail processing for large messages.
• Fix: Messages which are not in password protected archives are no longer being incorrectly blocked as such. [BNSF-18514]
• Fix: Outbound mail from a trusted relay is not blocked as an invalid domain. [BNSF-18475]
• Fix: Resolved reflective cross-site scripting issue. Thanks to Ben Williams of NGS-Secure. [BNSF-18434]
• Fix: Quarantine messages now sync properly across a cluster. [BNSF-18563]
• Fix: Traffic Summary report and BASIC > Status page more accurately represent inbound and outbound traffic. [BNSF-18631]
• Fix: Trusted Forwarders listed in SPF records pass SPF checks as expected. [BNSF-18122]

Version 5.1.1.004:

• Enhancement: Improved Queue Management performance. [BNSF-16951]
• Fix: When Unify Email Alias option is set to No on the per-domain USERS > LDAP Configuration page, both the primary and alias email addresses are able to log into the corresponding Quarantine accounts. [BNSF-18318]
• Fix: The Message Log renders properly in IE version 7. [BNSF-18301]
• Fix: Performance Statistics render as expected on the BASIC > Status page. [BNSF-17446]
• Fix: The message source of the message in the Message Log view shows all the normal headers including the Barracuda Spam Firewall's own Received line. [BNSF-17842]
• Fix: Indexed searching in the Message Log for only inbound or only outbound messages works as expected. [BNSF-17968]
• Fix: Users can whitelist an email address for which they have blocklisted the domain. [BNSF-17935]
• Fix: When sending a message to the Barracuda Spam Firewall from a Trusted Relay IP address, and Recipient Verification is configured, and the recipient is not a valid user in the domain as configured on the Barracuda Spam Firewall, the message is blocked as expected. [BNSf-17905]
• Fix: If more than one LDAP server IP address is configured, Single Sign-On allows valid logins as expected. [BNSF-17990]
• Fix: The Quarantine digest contains proper formatting without unreferenced images. [BNSF-17853]
• Fix: Quarantine notification show a single blue bar indicating messages in quarantine instead of multiple bars. [BNSF-17884]
• Fix: LDAP user passwords which include the % character are accepted as valid when doing an LDAP Test. [BNSF-17904]
• Fix: False positives no longer occuring for Social Security numbers in docx files. [BNSF-17721]

Version 5.1.0

Version 5.1.0.013:

• Fix: Sending an email to a domain immediately after adding it to the Barracuda Spam Firewall takes immediate effect. [BNSF-17673]
• Fix: Performance Statistics now render properly on the BASIC > Status page when there are multiple system fans present in the Barracuda Spam Firewall hardware. [BNSF-17779]
• Fix: Message Log and statistics updates are more efficient. [BNSF-17717]
• Fix: Single Domain Admin role restrictions are properly applied. [BNSF-17168]

Version 5.1.0.012:

• Enhancement: For outbound sender-based rate control, removed requirement for 5 unique sender email addresses before beginning rate control.
• Fix: Resolved clustering synchronization issue.
• Fix: The checkbox control now renders properly on all web interface pages in newer versions of Firefox and Opera browsers.
• Fix: Changing the Key Size or other options on the ADVANCED > Secure Administration page doesn't cause the web interface to reset.
• Fix: When configuring the Barracuda Spam Firewall Vx, the consconf utility does correct input checking.
• Fix: Outbound sender-based rate control now sends back 450 and 550 responses to the sending mail server, and consequently mail servers running Microsoft Exchange now take the correct actions.

Written by: Luke Chung, President

About Cloud Computing

We at FMS are very excited about cloud computing and started developing solutions using Microsoft Azure including SQL Azure well before it was released to the general public. I feel cloud computing represents the next big platform change in the software industry and the most significant transformation since the introduction of the Internet in the mid-1990's. It will literally revolutionize the way we create, test, host, and deploy applications, and can do it at a fraction of what it costs us today.

Read my article Microsoft Azure and Cloud Computing...What it Means to Me and Information Workers to learn more about how I see cloud computing impacting our community.

How Cloud Computing Applies to the Microsoft Access Community

Cloud computing will be a huge benefit to the information worker and Access community. Instead of worrying about the hardware and deployment issues around applications, one can focus on building the solution and using the enterprise quality cloud platforms which previously didn't exist or were prohibitively expensive and difficult to use. With Microsoft Access 2010 and SharePoint 2010, Access applications (in limited form) can be deployed over the Internet. With Microsoft Windows Azure and SQL Azure, one can create .NET applications and/or SQL Server databases in the cloud.

The other huge benefit of Microsoft Azure is that it can host SQL Server databases for you in the cloud (on multiple servers completely transparent to you). At a cost of only $5 per month for a database up to 1 GB in size, it's very reasonably priced.

From a Microsoft Access database, you can connect to the database and use those tables the same way you could link to SQL Server databases on your network or SQL Express on your desktop. For a fraction of the cost of buying and setting up a SQL Server box on your network, you can have Microsoft do it for you without worrying about licenses, downtime, hardware, etc., and it's available over the Internet to anyone you give the credentials for logging into it. It's pretty simple:

1. Open an Azure account and create a SQL Azure database
2. Install Microsoft SQL Server Management Studio (SSMS) for Microsoft SQL Server. The latest version is Microsoft SQL Server 2017, though Microsoft SQL Server 2008 R2 or 2012 can also work.
3. Use the ODBC administration tool to create a file containing the connection to the SQL Azure database
4. From a database opened in Access (2003, 2007, 2010, 2013 or 2016), use the ODBC connection to link to the SQL Azure tables and views

Installing SQL Server on Your Machine

There's a bit of confusion around the installation of SQL Server. As the developer, when you use SQL Azure, you don't need to install the full SQL Server product on your PC, just the SQL Server Management Studio (SSMS) to manage the hosted database. Alternatively, you can install the free SQL Server Express version. Visit our Microsoft SQL Server Express: Version Comparison Matrix and Free Downloads page for more information and download links.

Installing SQL Server ODBC Drivers on Your Users' Machines

The users of your Access database linked to SQL Azure won't even need that. They simply need to have the ODBC driver installed on their machine. For more info, read my paper on Deploying Microsoft Databases Linked to a SQL Azure Database to Users without SQL Server Installed on their Machine.

Make Sure Your Users' IP Addresses are Listed on the SQL Azure Firewall

For security reasons, SQL Azure (like standard SQL Server) lets you specify the IP addresses for direct interaction with the database. This is required with SQL Azure under Firewall rules. From the Azure portal for your database, choose 'Set server firewall', then add the IP addresses. For more information, visit this Microsoft web page on managing SQL Azure firewall rules.

Not sure what your IP address is? Use the WhatsMyIP.org site to get your current IP address.

The most complicated part of linking your Access database to SQL Azure is configuring your ODBC connection. Assuming you've taken care of steps 1 and 2 above (created an Azure account with SQL Server and installed a recent version of Microsoft SQL Server Express, you're ready to run the ODBC administrative tool which can be found in your Control Panel.

Run the ODBC Administrative Tool

When you launch it, the ODBC Data Source Administrator screen appears.

You can define your DSN (data source name) either at the user, system (machine), or file level. The first two are fine if you'll only be connecting to the SQL Azure database from your machine. To easily share the connection information with other machines, select the File DSN tab which creates a file that you can share over your network or send to other people:

Press the [Add] button to create a new data source.

Install the ODBC Driver that Matches Your Windows Bitness (Not Office)

Download, install and use the latest Microsoft SQL Server drivers since they are backward compatible. You can use an older version if your users already have it installed on their PCs and you aren't using the newer SQL Server features since that release. You can install multiple drivers on the same PC.

There are 64 and 32 bit versions of the ODBC drivers. Install the one that matches your Windows operating system, NOT the bitness of Office/Access.

The Bold Face is the name of the driver used in the connection string to SQL Server:

• ODBC Driver 17.0 for SQL Server released for Microsoft SQL Server 2017/SQL Server 2019 (Current Version 17.6) (Download)
• ODBC Driver 13.0 for SQL Server released for Microsoft SQL Server 2016 SP1 and SQL Azure (Current Version 13.1) (Download)
• ODBC Driver 13.0 for SQL Server released for Microsoft SQL Server 2016 (Download)
• SQL Server Native Client 11.0 released for Microsoft SQL Server 2012 (Download)
• SQL Server Native Client 10.0 released with Microsoft SQL Server 2008, R2

For a history of SQL Server versions, visit our page Microsoft SQL Server Express: Version Comparison Matrix and Free Downloads.

Do not choose the legacy 'SQL Server' or 'SQL Native Client'.
Significant performance problems are associated with using those old drivers against newer versions of SQL Server.

Then specify the name of the file to store the information and press [Next] and [Finish] to verify it. Then you begin to specify the Microsoft SQL Azure elements which is similar to setting up any ODBC DSN for SQL Server.

We'll create a sample DSN for our project. You'll need to know the server name from SQL Azure which looks something like *.database.secure.windows.net:

After pressing [Next], provide the login ID and password to your SQL Azure database.

When you press [Next] with valid entries, this screen appears:

Select the name of the database you created on SQL Azure. The default is master, but hopefully your database is named something more descriptive. Press [Next] to reach the final screen:

Make sure you check the 'Use strong encryption for data' option, then press [Finish]. A screen will appear to let you test your settings. Press the [Test Data Source] button. If everything is okay, a screen like this appears:

Now that you've created a file with the DSN for your SQL Azure database, you're ready to link an Access database to tables in your Azure database. From Access, on a machine with SQL Server 2008, R2 (or later) installed, you can then link to tables in the database.

Link to an ODBC Database from Microsoft Access 2016, 2013, 2010 and Access 2007

Depending on which Access version you're using, select the ODBC Database option under the External Data ribbon:

Microsoft Access 2007

The dialog box appears to import or link to the ODBC database. In our case, we'd like to link to the database so we always have the latest data:

Select Data Source

The next step is to specify the data source by selecting DSN File we created (if you created the ODBC setting for user or system, use the Machine Data Source tab):

Select Tables

It'll prompt you again for the password. Once you provide that, the list of tables from the SQL Azure database are presented. Select them like you would for any other data source. If you want to avoid entering the database password every time you open the linked table in Access, be sure to check the Save Password option:

By choosing the option to save the password in the Access database, a security hole is created. You'll need to decide if this risk is worth taking over the convenience of not entering the password each time. If you choose to save the password, you are prompted that this is a security issue:

There are a few problems with this dialog box:

1. The Help button gives no relevant information
2. The dialog box appears for every table you selected, so you need to manually select Save Password for each one

Once you get through that (which has nothing to do with SQL Azure), you'll find your database has linked tables and views to SQL Azure. Open and use the tables and views just like any other SQL Server data source.

Link to an ODBC Database from Microsoft Access 2003 or Earlier

In Microsoft Access 2003, linking to a SQL Server database is a bit different. From the database container, right click and select Link Tables. When the Link dialog appears, select 'ODBC Databases ()' in the Files of type:

After this, the dialog to Select the Data Source File appears which is similar to the steps described earlier for Access 2013, 2010 and 2007.

If your Access database is deployed to others, your users don't need to install SQL Server on their machine but they do need to install the SQL Server ODBC driver. Simply run the SQL Server Native Client Setup.

For more details, read my paper on Deploying Microsoft Databases Linked to a SQL Azure Database to Users without SQL Server Installed on their Machine.

With an Azure account, you'll be able to use SQL Azure to create SQL Server databases cheaply and make them available across the internet in minutes. Imagine what you can do with Access having that kind of scalability and enterprise quality support and bandwidth.

Outlook 2016 Could Not Synchronize Record -19703 Windows 10

Hope this helps. Good luck and I hope to learn what you're doing or would like to do with Access and Azure.

Have any questions or comments? Visit our blog post, Microsoft Access and Cloud Computing with SQL Azure Databases.

FMS Technical Papers

Microsoft Azure, SQL Azure, and Access in Action

• Microsoft Azure Security Holes with SQL Server DatabasesUPDATED!
• Microsoft SQL Server Database Users and Permissions Instead of Server LoginsNEW!

Microsoft Resources

• Microsoft Access Team Blog: Access 2010 and SQL Azure Introduction