FTGate Update 7.0.300

This update is available via auto-update.

It can also be applied manually if your UPSP is up to date: http://download.ftgate.com/files/FTGate7/updates/ftgau70300.fau


  • Fixed smtp receive errors causing lockup of DNS and SMTP service
  • Fixed SMTP send to none mx sites with odd dns servers
  • Added spf blocking filter 1
  • Added webmail view size limiter
  • Fixed mailbox list script errors
  • Fixed sql list display items
  • Fixed archive forwarding and resend envelope address
  • Fixed case sensitivity on attachment filter
  • Fixed invalid characters being included in contacts email addresses when users paste control characters into the fields.
  • Fixed sent items folder showing sender rather than recipients
  • Fixed Smartpop handling of raw apostrophe in multi recipient lists
  • Fixed inbox rule handling of special characters in name
  • Fixed deleting of entries form the service access lists
  • Added additional smtp size limit options
  • Fixed occasional sql errors
  • Fixed multiple CSRF & XSS Vulnerabilities 2
  1. See the following documentation for more details:
  2. This issue was identified by John Page aka hyp3rlinx and represents a potentially serious issue whereby a normal level user can execute some administrator commands by the use of specially crafted requests to the webmail services, including the ability to grant themselves full admin rights to FTGate.