eFa 4.0.3 is now available for both CentOS 7 and 8.
We would also like to thank everyone for their support and contributions to this project. 
Fail2Ban has been added as a default feature. Existing users can optionally enable via the CLI.
Backing up a CentOS 7 eFa and restoring on CentOS 8 is supported using the standard built-in restore utility.
The 3.0.2.5 update is now available.
We would also like to thank everyone for their support and contributions to this project.
The following issues have been fixed (hopefully) in 3.0.2.5:
Issue #324 Enhancement – Import external backup to new EFA device
Issue #361 Enhancement – Display EFA version in the CLI via EFA-Configure
Issue #385 Bug – Changed from reload to restart for Postfix
Issue #386 Bug – Admin cannot modify domain admin accounts
Issue #387 Enhancement – Updated MariaDB recovery script
Enhancement – Let’s Encrypt
Enhancement – Add EFA sponsored DCC servers
Enhancement – Hypervisor detection during init
Enhancement – MailScanner update to 5.0.6-5
Enhancement – MailWatch updated to latest develop
Enhancement – clamav-unofficial-sigs updated to 5.6.2
Security – Regenerate self signed certs for Postfix/Apache/Webmin
Security – Enabled strong cipher preference in Postfix
Security – Enabled strong cipher preference in Apache
Bug – Left the disabling of modsecuirty fix enabled, as new builds of 3.0.2.4 still have it enabled by default
Bug – Updated menu options for “Apache Settings” menu
Bug – Quarantine report to flip from HTTP to HTTPS
Bug – Update quarantine FROM_ADDR to use POSTMASTER address in /etc/EFA-Config
###################### How To Update ##################################
It is recommended that you suspend your mail flow and snapshot prior
to updating or to back up the entire appliance.
1) Stop mail flow temporarily (at firewalls/mailservers)
2) Snapshot your VM and its memory using your hypervisor tools
3) If the update fails for any reason, collect relevant logs or screen
outputs/screenshots and revert to your snapshot
4) Report failure at https://forum.efa-project.org
Launch EFA-Configure from console or secure shell
(sudo /usr/local/sbin/EFA-Configure)
Choose option 14) Update Now
The first time you run this update, the kernel may update. If this
happens, the script will halt to give you an opportunity to restart.
After restarting and booting to the new kernel, rerun EFA-Update to
continue the update process to 3.0.2.5.
EFA-Update will not proceed until you are running on the latest
kernel. This is to ensure that open-vm-tools updates appropriately
if present.
The 3.0.2.3 update is now available.
We would also like to thank everyone for their support and contributions to this project.
The following issues have been fixed (hopefully) in 3.0.2.3:
Issue #367 Bug – mod_security disable id 981320 (and 981317)
Issue #369 Bug – Variable type mismatch in viewmail.php
Configurable mod_security option added to EFA-Configure
Update MailWatch to resolve various issues found after 3.0.2.2
Includes session enhancements and configurable session timeouts
#################### Important Security Notice ########################
/// Everyone is STRONGLY encouraged to update from 3.0.1.8 and below NOW \ \ \
A recent set of vulnerabilities have been discovered in the MailWatch and
SGWI interfaces that can allow an attacker to escalate privileges in eFa.
Because of these vulnerabilities, if you are using the same password for
the console as you are for MailWatch (many folks are), please take a moment
to make your MailWatch admin password different from the console.
Doing so will limit the success of a shared credential attack via MailWatch
on eFa to gain root access.
If you cannnot update or have problems, the following steps are
strongly recommended to keep your appliance safe until you can update
successfully:
1) Rotate your admin passwords in the console and MailWatch UI and make
each one different than the other to prevent a shared credential
attack.
2) Install mod_security and mod_evasive to provide some security in front
of the vulnerable code.
3) Inform your MailWatch users (especially admins) to avoid opening multiple
tabs and performing general web browsing while working in MailWatch
###################### How To Update ##################################
It is recommended that you suspend your mail flow and snapshot prior
to updating or to back up the entire appliance.
1) Stop mail flow temporarily (at firewalls/mailservers)
2) Snapshot your VM and its memory using your hypervisor tools
3) If the update fails for any reason, collect relevant logs or screen
outputs/screenshots and revert to your snapshot
4) Report failure at https://forum.efa-project.org
Launch EFA-Configure from console or secure shell
(sudo /usr/local/sbin/EFA-Configure)
Choose option 14) Update Now
The first time you run this update, the kernel may update. If this
happens, the script will halt to give you an opportunity to restart.
After restarting and booting to the new kernel, rerun EFA-Update to
continue the update process to 3.0.2.3.
EFA-Update will not proceed until you are running on the latest
kernel. This is to ensure that open-vm-tools updates appropriately
if present.
The 3.0.2.2 update is now available.
We would also like to thank everyone for their support and contributions to this project.
The following issues have been fixed (hopefully) in 3.0.2.2:
Issue #357 Bug – Fonts Not Rendering in MailWatch
Issue #358 Bug – Certain emails from detail.php do not populate B/W Lists
Issue #362 Bug – mod_security disable id 981247
Issue #363 Bug – Check for failed yum kernel update
Issue #366 Bug – Clear SpamAssassin-Temp
MailWatch update to resolve timeout issues and directory traversal
#################### Important Security Notice ########################
/// Everyone is STRONGLY encouraged to update from 3.0.1.8 and below NOW \ \ \
A recent set of vulnerabilities have been discovered in the MailWatch and
SGWI interfaces that can allow an attacker to escalate privileges in eFa.
Because of these vulnerabilities, if you are using the same password for
the console as you are for MailWatch (many folks are), please take a moment
to make your MailWatch admin password different from the console.
Doing so will limit the success of a shared credential attack via MailWatch
on eFa to gain root access.
If you cannnot update or have problems, the following steps are
strongly recommended to keep your appliance safe until you can update
successfully:
1) Rotate your admin passwords in the console and MailWatch UI and make
each one different than the other to prevent a shared credential
attack.
2) Install mod_security and mod_evasive to provide some security in front
of the vulnerable code.
3) Inform your MailWatch users (especially admins) to avoid opening multiple
tabs and performing general web browsing while working in MailWatch
###################### How To Update ##################################
It is recommended that you suspend your mail flow and snapshot prior
to updating or to back up the entire appliance.
1) Stop mail flow temporarily (at firewalls/mailservers)
2) Snapshot your VM and its memory using your hypervisor tools
3) If the update fails for any reason, collect relevant logs or screen
outputs/screenshots and revert to your snapshot
4) Report failure at https://forum.efa-project.org
Launch EFA-Configure from console or secure shell
(sudo /usr/local/sbin/EFA-Configure)
Choose option 14) Update Now
The first time you run this update, the kernel may update. If this
happens, the script will halt to give you an opportunity to restart.
After restarting and booting to the new kernel, rerun EFA-Update to
continue the update process to 3.0.2.2.
EFA-Update will not proceed until you are running on the latest
kernel. This is to ensure that open-vm-tools updates appropriately
if present.