
    Release Notes for McAfee(R) GroupShield(R)(TM)
        Version 6.0 for Microsoft Exchange
                     Patch1
      Copyright (C) 2004 Networks Associates
                 Technology, Inc.
               All Rights Reserved


==========================================================

Patch Release:        5th March 2004

This release was developed and tested with:

- McAfee GroupShield Version 6.0 for Microsoft Exchange
- DAT Version:         4333
- Engine Version:      4.2.60

Make sure you have installed these versions or newer
DAT/Engine versions before using this release.

==========================================================


Thank you for using McAfee(R) GroupShield(R)(TM) software.
This file contains important information regarding this
release. We strongly recommend that you read the entire 
document.

The attached files are provided as is, and with no
warranty either expressed or implied as to their
suitability for any particular use or purpose.
Network Associates, Inc. assumes no liability for
damages incurred either directly or indirectly as a
result of the use of these files, including but not
limited to the loss or damage of data or systems,
loss of business or revenue, or incidental damages
arising from their use. Patch files should be
applied only on the advice of McAfee Security
Technical Support, and only when you are actually
experiencing the issue being addressed by the
Patch. Patch files should not be proactively
applied in order to prevent potential product
issues. You are responsible for reading and
following all instructions for preparation,
configuration, and installation of Patch files.
Patch files are not a substitute or replacement for
product Service Packs which may be released by
Network Associates, Inc. It is a violation of your
software license agreement to distribute or share
these files with any other person or entity without
written permission from Network Associates, Inc.
Further, posting of McAfee Security Patch files to
publicly available Internet sites is prohibited.
Network Associates, Inc. reserves the right to
refuse distribution of Patch files to any company
or person guilty of unlawful distribution of McAfee
software products. Questions or issues with McAfee
Patch files should be directed to McAfee Security
Technical Support.


__________________________________________________________
WHAT'S IN THIS FILE

-   About This Release
   -   Purpose
   -   Resolved Issues
   -   Files Included with This Release
-   Installation
   -   Installation Requirements
   -   Installation steps
   -   Installation through ePolicy Orchestrator Version 3.0.1
   -   Installation Steps For Cluster Servers
   -   Testing Your Installation
   -   Removing This Release
-   Contacting McAfee Security and Network
    Associates
-   Copyright, Trademark Attributions & Patents
   -   Trademarks
   -   License Agreement and Attributions
   -   Patents


__________________________________________________________
ABOUT THIS RELEASE


PURPOSE

This Patch includes one file for use with McAfee
GroupShield version 6.0 for Microsoft Exchange. This new 
file resolves the issues listed in the section "Resolved 
Issues."


RESOLVED ISSUES

1.  RPCSERV.EXE exception at address 67202B19 when running
    an On Demand scan of Public folders with Outbreak 
    Manager enabled. High CPU usage may also occur.

2.  RPCSERV.EXE exception at addresses 780c258c and 
    05675618 caused by Notification messages.

3.  This Patch resolves 2 possible issues where RPCSERV.EXE 
    generated a fatal exception error at address 6410401F
    or 64104219. If Network Associates Error Reporting was
    enabled, a crash report would also be produced.

4.  This Patch resolves an issue where an email address 
    of the format firstname.lastname@emailaddress.domain 
    was not recognized as a valid address.

5.  This Patch resolves an issue where removing names 
    from one Policy Group would cause items from another 
    Policy Group to be removed.

6.  Under heavy load conditions a Microsoft Exchange
    server with McAfee GroupShield v6.0 installed may
    become unresponsive to client requests. This
    typically manifests itself as clients dropping
    connections, unable to connect or showing messages
    at the client similar to "Unable to contact
    <servername>, the server has become unresponsive".
    Upon viewing the process information via task
    manager from the server, RPCServ.exe is consuming
    50-100% utilization.

7.  This Patch resolves an issue where RPCSERV.EXE 
    generated a fatal exception error at address 77f486f9
    caused by Spam notification. If Network Associates
    Error Reporting was enabled, a crash report would
    also be produced.

8.  This Patch resolves an issue where the Spam score
    was not added to the header. If the email that was
    sent had a score that was less than the threshold,
    the header info was applied.

9. The action "Replace the item with an alert message",
    when applied on a zip file containing banned file(s),
    previously replaced the banned file(s) with an alert
    html file(s) having the name equal to the original 
    file name. This Patch now uniformly names the alert
    files within a zip as "WARNING.HTM". If there are a
    number of files replaced in the .ZIP, the file 
    WARNING.HTM will be prefixed with a number.

10. This Patch resolves an issue where system emails may
    cause the scanner to hang when Policies that were
    based on Active Directory policies were being used.

11. This Patch resolves an issue where the server became
    locked and users were unable to contact Exchange.



FILES INCLUDED WITH THIS RELEASE

    This release consists of a package called
    GS60PATCH1.ZIP, which contains the following files:

    GS60PATCH1.EXE
       GroupShield Patch executable file,
       replaces the following files:

      GSNOTIFICATION.DLL
      EVALUATEPOLICY.DLL
      NOTIFICATIONSPAGE.JS
      REPORTPAGE.JS
      CONFIGSERVER.DLL
      ESERVICESSCANNER.DLL
      REPORTER.DLL
      LOG.DLL
      IDWHATWIZPAGE.JS
      ODWIZPAGE.JS
      PROPERTYBAG.JS
      PROPERTYPATH.JS
      NAIARCHIVE.DLL
      EFMTDOCSCAN.DLL
      EFMTARCSCAN.DLL
      ESCANOLYMPUS.DLL
      FORMATHANDLER.DLL

    README.TXT =
       This text file
    VALIDATE.TXT =
       Validate codes for this Patch


__________________________________________________________
INSTALLATION


INSTALLATION REQUIREMENTS

To use this Patch, you must have McAfee GroupShield 
version 6.0 for Microsoft Exchange software installed on 
the computer you intend to update. This Patch will not 
work with any earlier versions of the software.

NOTE 

If required, this Patch executable will stop and 
restart the following services (if they are present):

      1.  McAfee GroupShield/SpamKiller
      2.  MS Exchange Information Store
      3.  MS Exchange Routing Engine
      4.  MS Exchange IMAP4
      5.  MS Exchange POP3
      6.  MS Exchange MTA Stacks
      7.  SMTP Service
      8.  NNTP service
      9.  WWW service
      10. IIS Admin service


1. Close all GroupShield Administration consoles that 
   are running on the server or on any management
   console.

2. Extract the following file:

   GS60PATCH1.EXE

   from the Patch package into the C:\Temporary
   directory.

3. Run the GS60PATCH1.EXE

   The Patch will display a wizard-style UI and produce a
   SuperDAT.log file (in the folder where the Patch has been 
   executed from) where it will list all actions taken.


INSTALLATION THROUGH ePOLICY ORCHESTRATOR VERSION 3.0.1

1. Extract the following file:

   GS60PATCH1.EXE

   from the Patch package into the C:\Temporary
   directory of your ePO machine.

2. Using the "Add Package" option given under Master
   Repository in ePO, add the Superdat package.

3. Schedule an immediate update using ePolicy Orchestrator
   agent-"Update" option given under the "schedule" tab.

NOTE

You may have to restart the GroupShield server for the 
update to take effect.

INSTALLATION STEPS FOR CLUSTER SERVERS

To install this Patch on a Microsoft Cluster Server,
repeat the process above on all the cluster nodes in 
the cluster.


TESTING YOUR INSTALLATION

You can check that the Patch is applied correctly
by verifying the file version information of the 
files GSNOTIFICATION.DLL, EVALUATEPOLICY.DLL, 
NOTIFICATIONSPAGE.JS, REPORTPAGE.JS, CONFIGSERVER.DLL,
ESERVICESSCANNER.DLL, REPORTER.DLL, LOG.DLL, 
IDWHATWIZPAGE.JS, ODWIZPAGE.JS, PROPERTYBAG.JS, 
PROPERTYPATH.JS, NAIARCHIVE.DLL, EFMTDOCSCAN.DLL,
EFMTARCSCAN.DLL, ESCANOLYMPUS.DLL, FORMATHANDLER.DLL
now resident in the GroupShield directory:

      GSNOTIFICATION.DLL     6.0.527
      EVALUATEPOLICY.DLL     6.0.527
      NAIARCHIVE.DLL         4.2.4
      EFMTDOCSCAN.DLL        3.2.550
      EFMTARCSCAN.DLL        3.2.550
      ESCANOLYMPUS.DLL       3.2.550
      FORMATHANDLER.DLL      3.2.550
      CONFIGSERVER.DLL       1.0.610
      ESERVICESSCANNER.DLL   1.0.610
      REPORTER.DLL           1.0.610
      LOG.DLL                1.0.610
      NOTIFICATIONSPAGE.JS   
      REPORTPAGE.JS          
      IDWHATWIZPAGE.JS       
      ODWIZPAGE.JS           
      PROPERTYBAG.JS         
      PROPERTYPATH.JS        
 


REMOVING THIS RELEASE

   NOTE:
   We recommend that you do NOT remove these Patch
   files from your McAfee GroupShield version 6.0 for
   Microsoft Exchange installation once you have 
   installed them. If you reinstall your McAfee 
   GroupShield version 6.0 for Microsoft Exchange 
   software, we recommend that you also reinstall this 
   Patch.

__________________________________________________________
CONTACTING MCAFEE SECURITY & NETWORK ASSOCIATES

Technical Support
    Home Page
       http://www.networkassociates.com/us/support/

    KnowledgeBase Search
       https://knowledgemap.nai.com/phpclient/homepage.aspx

    PrimeSupport Service Portal
       http://mysupport.nai.com

Login credentials required.


McAfee Security Beta Program
    Beta Web Site
       http://www.networkassociates.com/us/downloads/beta/

    E-mail
       avbeta@nai.com


Security Headquarters -- AVERT (Anti-Virus Emergency
Response Team)
    Home Page
       http://www.networkassociates.com/us/security/home.asp

    Virus Information Library
       http://vil.nai.com

    Submit a Virus Sample - AVERT WebImmune
       https://www.webimmune.net/default.asp

    AVERT DAT Notification Service
       http://vil.nai.com/vil/join-DAT-list.asp


Download Site
    Home Page
       http://www.networkassociates.com/us/downloads/

    DAT File and Engine Updates
       http://www.networkassociates.com/us/downloads/updates/

       ftp://ftp.nai.com/pub/antivirus/datfiles/4.x

    Product Upgrades
       https://secure.nai.com/us/forms/downloads/upgrades/login.asp

Valid grant number required.
Contact Network Associates Customer Service


Training
    McAfee Security University
       http://www.networkassociates.com/us/services/education/mcafee/university.htm



Network Associates Customer Service
    US, Canada, and Latin America toll-free:
   Phone:     +1-888-VIRUS NO or +1-888-847-8766
              Monday - Friday, 8 a.m. - 8 p.m.,
              Central Time

   E-mail:    services_corporate_division@nai.com
   Web:       http://www.nai.com/us/index.asp
              http://www.networkassociates.com/us/index.asp


For additional information on contacting Network
Associates and McAfee Security - including toll-free
numbers for other geographic areas - see the CONTACT
file that accompanied your original product
release.


__________________________________________________________
COPYRIGHT, TRADEMARK ATTRIBUTIONS & PATENTS

Copyright (C) 2004 Networks Associates
Technology, Inc. All Rights Reserved. No part of
this publication may be reproduced, transmitted,
transcribed, stored in a retrieval system, or
translated into any language in any form or by any
means without the written permission of Networks
Associates Technology, Inc., or its suppliers or
affiliate companies. To obtain this permission,
write to the attention of the Network Associates
legal department at:
5000 Headquarters Drive, Plano, Texas 75024, or call
+1-972- 963-8000.


TRADEMARKS

Active Firewall, Active Security, Active Security
(in Katakana), ActiveHelp, ActiveShield, AntiVirus
Anyware and design, Appera, AVERT, Bomb Shelter,
Certified Network Expert, Clean-Up, CleanUp Wizard,
ClickNet, CNX, CNX Certification Certified Network
Expert and design, Covert, Design (stylized N), Disk
Minder, Distributed Sniffer System, Distributed
Sniffer System (in Katakana), Dr Solomons, Dr
Solomons label, E and Design, Entercept, Enterprise
SecureCast, Enterprise SecureCast (in Katakana),
ePolicy Orchestrator, Event Orchestrator (in
Katakana), EZ SetUp, First Aid, ForceField, GMT,
GroupShield, GroupShield (in Katakana), Guard Dog,
HelpDesk, HelpDesk IQ, HomeGuard, Hunter, Impermia,
InfiniStream, Intrusion Prevention Through
Innovation, IntruShield, IntruVert Networks,
LANGuru, LANGuru (in Katakana), M and design, Magic
Solutions, Magic Solutions (in Katakana), Magic
University, MagicSpy, MagicTree, McAfee, McAfee (in
Katakana), McAfee and design, McAfee.com, MultiMedia
Cloaking, NA Network Associates, Net Tools, Net
Tools (in Katakana), NetAsyst, NetCrypto,
NetOctopus, NetScan, NetShield, NetStalker, Network
Associates, Network Performance Orchestrator,
NetXray, NotesGuard, nPO, Nuts & Bolts, Oil Change,
PC Medic, PCNotary, PortalShield, Powered by
SpamAssassin, PrimeSupport, Recoverkey, Recoverkey -
International, Registry Wizard, Remote Desktop,
ReportMagic, RingFence, Router PM, Safe & Sound,
SalesMagic, SecureCast, SecureSelect,
SecurityShield, Service Level Manager, ServiceMagic,
SmartDesk, Sniffer, Sniffer (in Hangul), SpamKiller,
SpamAssassin, Stalker, SupportMagic, ThreatScan,
TIS, TMEG, Total Network Security, Total Network
Visibility, Total Network Visibility (in Katakana),
Total Service Desk, Total Virus Defense, Trusted
Mail, UnInstaller, VIDS, Virex, Virus Forum,
ViruScan, VirusScan, WebScan, WebShield, WebShield
(in Katakana), WebSniffer, WebStalker, WebWall,
What's The State Of Your IDS?, Whos Watching Your
Network, WinGauge, Your E-Business Defender, ZAC
2000, Zip Manager are registered trademarks or
trademarks of Network Associates, Inc. and/or its
affiliates in the US and/or other countries.
Sniffer(R) brand products are made only by Network
Associates, Inc. All other registered and
unregistered trademarks herein are the sole property
of their respective owners.


LICENSE INFORMATION

License Agreement

NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE
LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU
PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND
CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF
YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE
ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED
LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT
ACCOMPANIES YOUR SOFTWARE PACKAGING OR THAT YOU HAVE
RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A
BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE
AVAILABLE ON THE WEB SITE FROM WHICH YOU DOWNLOADED
THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF
THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL
THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE
PRODUCT TO NETWORK ASSOCIATES, INC. OR THE PLACE OF
PURCHASE FOR A FULL REFUND.


Attributions

This product includes or may include:

-   Software developed by the OpenSSL Project for
    use in the OpenSSL Toolkit
    (http://www.openssl.org/).

-   Cryptographic software written by Eric Young and
    software written by Tim J. Hudson.

-   Some software programs that are licensed (or
    sublicensed) to the user under the GNU General
    Public License (GPL) or other similar Free
    Software licenses which, among other rights,
    permit the user to copy, modify and redistribute
    certain programs, or portions thereof, and have
    access to the source code.  The GPL requires
    that for any software covered under the GPL
    which is distributed to someone in an executable
    binary format, that the source code also be made
    available to those users.  For any such software
    covered under the GPL, the source code is made
    available on this CD.  If any Free Software
    licenses require that Network Associates provide
    rights to use, copy or modify a software program
    that are broader than the rights granted in this
    agreement, then such rights shall take
    precedence over the rights and restrictions
    herein.

-   Software originally written by Henry Spencer,
    Copyright 1992, 1993, 1994, 1997 Henry Spencer.

-   Software originally written by Robert Nordier,
    Copyright (C) 1996-7 Robert Nordier. All rights
    reserved.

-   Software written by Douglas W. Sauder.

-   Software developed by the Apache Software
    Foundation (http://www.apache.org/).

-   International Components for Unicode ("ICU")
    Copyright (C) 1995-2002 International Business
    Machines Corporation and others. All rights
    reserved.

-   Software developed by CrystalClear Software,
    Inc., Copyright (C) 2000 CrystalClear Software,
    Inc.

-   FEAD(R) Optimizer(R) technology, Copyright
    Netopsystems AG, Berlin, Germany.

-   Outside In(R) Viewer Technology (C) 1992-2001
    Stellent Chicago, Inc. and/or Outside In(R) HTML
    Export, (C) 2001 Stellent Chicago, Inc.

-   Software copyrighted by Thai Open Source
    Software Center Ltd. and Clark Cooper, (C) 1998,
    1999, 2000.

-   Software copyrighted by Expat maintainers.

-   Software copyrighted by The Regents of the
    University of California, (C) 1989.

-   Software copyrighted by Gunnar Ritter.

-   Software copyrighted by Sun Microsystems(C),
    Inc.

-   Software copyrighted by Gisle Aas. All rights
    reserved, (C) 1995-2003.

-   Software copyrighted by Michael A. Chase, (C)
    1999-2000.

-   Software copyrighted by Neil Winton, (C)
    1995-1996.

-   Software copyrighted by RSA Data Security, Inc.,
    (C) 1990-1992.

-   Software copyrighted by Sean M. Burke, (C) 1999,
    2000.

-   Software copyrighted by Martijn Koster, (C)
    1995.

-   Software copyrighted by Brad Appleton, (C)
    1996-1999.

-   Software copyrighted by Michael G. Schwern, (C)
    2001.

-   Software copyrighted by Graham Barr, (C) 1998.

-   Software copyrighted by Larry Wall and Clark
    Cooper, (C) 1998-2000.

-   Software copyrighted by Frodo Looijaard, (C)
    1997.


Protected by US Patents 6,006,035; 6,029,256; 
6,035,423; 6,151,643; 6,230,288; 6,266,811; 
6,269,456; 6,457,076; 6,496,875; 6,542,943; 
6,594,686; 6,611,925; 6,622,150; 6,668,289

