2024-03-12: * Change default for MSISDNMatchRequiredForReceive=No 2023-12-07: * Add Web Admin option to restart the NowSMS service under System Configuration / Advanced Settings. 2023-12-06: * Fix for "Shutdown triggered by SIGSEGV" restarts related to a software bug that could be triggered processing the 2-way SMS (SMS-IN) queue when running in database mode. 2023-11-21: * Remove some recent additional information that was added to SMSDEBUG.LOG for recent troubleshooting. 2023-11-15: * Fixes related to the use of SHAREDVOLUME.INI, which is a documented setting for multi-server configurations on Windows. These settings are supported for Linux installations to ease migration. However, we encourage the use of backend SQL storage for multi-server configurations on Linux. This update fixes a problem where message queues did not use the SQL database if a SHAREDVOLUME.INI file existed. Additionally, customers using SHAREDVOLUME.INI settings should check their certificates after updating. Previous versions stored certificates in /var/lib/nowsms instead of the shared volume. 2023.11.14: * MM4/SMTP: When a message cannot be accepted (no route for recipient), instead of rejecting with a temporary 451 error, use permanent 554 error to prevent retries. * Additional logic related to previous fix: Fix for an MMS queueing issue where delivery reports for an MMSC connection defined only as an inbound connection can cause the MMS outbound queue size to grow. 2023.11.08: * Fix for an MMS queueing issue where delivery reports for an MMSC connection defined only as an inbound connection can cause the MMS outbound queue size to grow. * Fix for bug in the MMSC Connections configuration, which would not allow a new inbound connection to be defined with a route name that matches an existing outbound connection. This should be allowed. 2023.11.06: * Performance improvements for MMS queue processing for outbound MM4 & MM7 connections, especially when running in database mode. 2023.11.01: * Added support for additional SSL/TLS related configuration settings under the [SSL] section header in SMSGW.INI: Cipher= can specify an OpenSSL compatible list of acceptable ciphers. (The default setting is Cipher=HIGH) By default, NowSMS only enables support for TLS 1.2 and 1.3., with earlier security protocols disabled. To enable support for TLS 1.0 and/or TLS 1.1, use the settings DisableTLS1.0=No and DisableTLS1.1=No. (NOTE: Previous versions supported the Cipher= setting under a [Cipher] section header in a separate configuration file CIPHER.INI.) 2023.10.27: * Fix for socket handle leak that would occur on non-TLS connection attempts to MMSC SSL/TLS port. After many repeated occurrences, the service process could run out of handles, triggering a restart with the following event: "Shutdown triggered by System Error fileOpen-EMFILE" 2023.10.20: * Fix for a conflict that could occur when the "MMSC SSL/TLS Port" is enabled and the "MMSC Server IP Address" and "SMPP Server IP Address" are set to different values. The following text was reported repeatedly in the SMSDEBUG.LOG: "Closing SSL port 8888, opening SSL port 8888" / "Now MMSC server started on SSL/TLS port number 8888" 2023.10.10: * Fix for "Shutdown triggered by SIGABRT" restarts related to a routing callback where the HTTP keep-alive socket is unexpectedly closed. For more information, see https://support.nowsms.com/discus/messages/113328/114181.html * Fix for 2-way SMS keyword configuration problem where attempts to use the same keyword multiple times was not being blocked with an error message. 2023.09.19: * Diameter protocol: Reset connection to Diameter server when an invalid packet is received. 2023.08.24: * Fix for DLIST import function not working properly in the web interface. * Improvement to logic for 2-way command Remove from Group/DLIST functionality to handle removal when the inbound message sender is in international format, but the DLIST includes the number in national format, and vice versa. * Fix for issue where new trial installs would immediately report trial expired. 2023.08.09: * MM7: Add support for sender/recipient addresses that include a domain name, such as 99999999999/TYPE=PLMN@domain.name. Previously, the only supported format was 99999999999/TYPE=PLMN. 2023.07.19: * Fix for outbound MMS (MM4/MM7) queue processing in database mode, where only the oldest 20 messages in the queue were eligible for processing, causing severe transmission delays if an external MMSC route is not responding. * Fix for memory exceptions processing outbound MMS (MM4/MM7) messages to larger numbers of recipients. 2023.06.13: * Fix for some messages being transmitted twice in a multiple server database configuration. 2023.05.04: * Admin: Fix for problems deleting the first message in the outbound MMS (MM4/MM7) queue. 2022.10.10: * MM4: Improve error messages recorded in log files to improve troubleshooting of connection problems. * MM4: Fix to allow connections to servers with broken STARTTLS implementations. * Add ability for SMS user accounts to change their own password. To enable this support, use the settings in the “Web Interface and Admin Settings” section of the admin interface. * Cosmetic fixes to the configuration user interface. * XML status report now adds a suffix of “_secure” to the connection type, to make it possible to determine whether or not an SMPP client is connected using SSL/TLS. Additionally, the SSL/TLS cipher used by an SMPP client when connecting to NowSMS is reported in the event log (Event-SMPPBind). 2022.09.02 * Fix for potential XSS issue with ReplyTo URL parameter in send message forms. 2022.08.10: * Additional HTTP headers added to web interface for potentially improved security: X-Permitted-Cross-Domain-Policies: none Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; Permissions-Policy: sync-xhr=(self) X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Cross-Origin-Embedder-Policy: require-corp Cross-Origin-Opener-Policy: same-origin-allow-popups Cross-Origin-Resource-Policy: same-origin * When the web interface is configured to redirect HTTP requests to HTTPS, the HTTP response now includes the following HTTP header: Strict-Transport-Security: max-age=63072000; includeSubDomains; preload * Additional HTTP header added to logout response: Clear-Site-Data: “*” * The admin web interface no longer allows concurrent logins to the same user account. * Intruder lockout settings added. By default, more than 10 login attempts during a period of 300 seconds (5 minutes) will lockout further login attempts for a particular username (whether or not the username exists) and from a particular IP address for 300 seconds. To change these default values, the following settings can be added to the [SMSGW] section of SMSGW.INI: IntruderLockoutAttempts=10 IntruderLockoutDelay=300 2022.08.01: * Fix for memory leak added in 2022.07.31 2022.07.31: * Fixes for SMPP server performance issues that would slow the rate at which the server accepts SMPP messages. * Fix for connectivity problems on some systems where IPV6 is disabled. * Fixes for recent changes that triggered exception restarts when opening several admin web pages (2-way SMS command configuration and licensing). * Fix for socket handle leak on non-TLS connection attempts to SMTP/MM4 SSL/TLS port, 2022.06.16: * Fix for issue editing 2-way commands using POST formats, where line breaks in the HTTP template were incorrectly replaced with "
". * Fix for, 2022.06.09 change that broke the ability to download log files via the web admin interface. * Fix for MMSC race condition that could trigger an exception with multiple simultaneous downloads of the same message. 2022.06.09: * “Percent encoding” was not being properly applied for some characters when encoding URL parameters used by accounting callbacks, 2-way SMS and HTTP SMSC connections. RFC 3986 defines the characters that should be percent encoded (a.k.a. URL escaped). This update adds encoding for the following characters that were not encoded in previous versions: ‘ $ ( ) / = @ [ ] { } | ^ ` 2022.06.01: * Fix issue where MMS Routing Callback response did not allow a Route=x response where “x” is a route with a type of “SMS with Web Link” or “Direct Delivery via MMSC”. (Route=Direct was supported, but not a named route that pointed to direct delivery.) * Increase maximum length of MSDSNICAPServer INI string from 149 to 1024 characters. 2022.05.01: * Internal change to improve the timing of reloading license settings after applying a new license. 2022.04.05: * MMSC: Add HTTP based callback for sender authentication as an alternative to ICAP. When the MMSC receives a client transaction, it is received via HTTP over TCP/IP. When the MMSC receives an MMS request via TCP/IP, it needs to be able to identify the MSISDN associated with the requesting IP Address. To configure the MMSC to use an HTTP based callback for MSISDN identification, under the [MMSC] header in MMSC.INI, add MSISDNCallback=http://server/path. The MMSC will append the IP address to the URL. (For example, if MSISDNCallback=http://server/path/misdn.php?ip= then to resolve the MSISDN associated with a request from IP address 10.11.12.13, the MMSC will request http://server/path/msisdn.php?ip=10.11.12.13) The script should return a text response containing HTTP headers to be applied to the request, such as X-MSISDN: +44444444444 2022.03.31: * Fix for recent update that caused MM7 authentication issues that resulted in “HTTP 400 Bad Request” responses to some valid requests. 2022.03.23: * Fix for incorrect encoding of 3GPP-MS-TimeZone parameter in Diameter charging requests. 2022.02.22: * Add support for “operator” accounts, which have the ability to login to the web interface to view logs and statistics, but do not have the ability to make configuration changes. Accounts are defined in “SMS Users”. * Fix for “ERROR - File does not contain a license key” when attempting to install a serial number. (Work around to install serial number without updating is to copy serial number and activation code manually to the “Serial Number / License” form, and then press “Add Serial Number”.) * Fix for buffer overflow that occurs if MMS messages are submitted via an MMSFILE=http:// URL reference, and the URL returns a redirect response that redirects to a URL that is longer than approximately 2000 characters. 2022.01.14: * Fix for MMS default route setting not working. (Setting * as outbound routing prefix for a connection did work, and will continue to override this setting.) 2021.12.14: * Fix for 2-way SMS command returning command URL in text response instead of parsing the text returned by the command. * Fix for restart triggered by an MM4 message addressed to a large number of recipients. 2021.10.29: * Fix for issue where MMS messages are sent via the web interface, the sending user account was not recorded in the log. * User activity log now includes MMS messages. * Always include server name or IP address in alert e-mail messages. * Add configuration setting to override alert e-mail subject prefix, which defaults to “NowSMS Alert”. To enable override, use AlertEMailSubjectPrefix= setting under [SMSGW] section of SMSGW.INI. * Add log database indexes to improve performance when searching the log for phone numbers. 2021.10.20: * The login form has been changed to use HTTP POST instead of HTTP GET. (If login problems are encountered after applying this update, add LoginOldFormat=Yes to the [SMSGW] section of SMSGW.INI to revert to the previous HTTP GET based login.) * For customers that want to try preventing browsers from remembering login credentials, there is a setting that can add the attribute autocomplete=‘off’ to the login form and associated input fields. To apply this setting, under the [SMSGW] section of SMSGW.INI, add LoginAutoComplete=autocomplete='off' * Previous versions included the HTTP header “Access-Control-Allow-Origin: *” in most HTTP responses, which could be a potential security concern opening the possibility for cross site scripting. This header has been removed. * SSL/TLS - Update ciphers and improve error message detail. TLS v1.0 and v1.1 continue to be disabled by default, however configuration parameters are available to enable these protocols to connect to older services, if necessary. Create or update CIPHER.INI, and under a [Cipher] header, add DisableTLS1.0=No and/or DisableTLS1.1=No to enable TLS v1.0 and/or TLS v1.1. 2021.10.18: * Fix for restart triggered by an MM4 message addressed to a large number of recipients. 2021.10.11: * Fix for MM4 outbound connection “Max Recipients Per Message” setting. A bug caused non-default values to fail. The default value is 1. This does This does not block messages to multiple recipients, it just sends a separate copy of the message for each recipient (To/CC headers are maintained, so recipients still see the complete group). 2021.09.30: * SMS User “Forced Sender Address” configuration setting was being truncated to a limit of 20 characters, when it should have been limited to 50 characters. (This field can contain a comma delimited list of allowed sender addresses.) 2021.09.05: * MMSC: Fix for “MM4 Ack Route” setting not being applied to the configuration correctly. The server was expecting the setting to be saved as MM4AckRoute=, however it was being saved as MM4AckRouting=. This caused problems routing MM4 “FORWARD.RES” acknowledgments, as well as delivery reports. * Fix for image conversion issues and /tmp/magick* files left behind. 2021.08.17: * MMSC: Performance improvements when submitting MMS messages via the proprietary URL interface (which is used by PHP and Java examples on the NowSMS web site). This change resolves an "Internal Error" report that could sporadically occur under heavy load, related to localhost connections stuck in a TIME_WAIT state. 2021.07.07: * Fix for circular rerouting that could occur when SMSC connections are configured with both ReRouteOnError and BackupForRouteLive settings. More detail at https://support.nowsms.com/discus/messages/1/113910.html 2021.06.24: * MMSC Diameter Charging Fix: When using Diameter for charging, the MMSC was looking for some settings in SMSGW.INI instead of MMSC.INI. All Diameter related settings should be configured in MMSC.INI. * MMSC Diameter Charging Fix: 3GPP-SGSN-ADDRESS and 3GPP-SGSN-MCC-MNC values were not being properly parsed. * Fix: DebugMaxSize=#### setting was not implemented. This setting is used to specify a size limit (in MB) for debug logs, and is intended to default to 512. 2021.06.15: * Fix: The server was not properly detecting when MMSC configuration changes were applied to the MMSC.INI file. Configuration changes were only being reloaded if the service was restarted or if an update was also made to the SMSGW.INI configuration file. 2021.06.09: * Fix for issue when adjusting the connection count for an HTTP SMSC connection. If the settings are changed to increase the number of connections, the server would properly increase the number of connections. If the number of connections were decreased, the server would not decrease the number of connections until the server is restarted. * Extra care is taken to ensure segments of a multipart message are sent over the same SMPP bind. Previously, controls were in place to use the same SMSC connection, but if multiple binds were defined for the connection, different segments could be sent via different binds. 2021.05.20: * Fix for MM4 decoding issues causing crash loops. 2021.04.28: * Fix for problems sending MMS with a large number of outbound MMSC connections. 2021.04.09: * Fix for @@MSGDATE@@ and @@MSGTIME@@ being blank in 2-way command substitution. * Fix for event log format errors with some 2-way commands. 2021.04.07: * Fix for inbound MM4 authentication by IP address when the account name is not the IP address. (When a VASP account has no password, but has at least one restricted IP address, the MMSC will authenticate an inbound MM4 connection by its IP address.) 2021.04.06: * Add ModemIRC setting to allow upgrading from NowSMS Windows without requiring individual confirmation on each Android modem app. * Changes to allow customer to override web interface templates by storing template overrides locally in a UI/HTML directory. 2021.04.02: * Add statistic centers to display the number of messages queued and waiting pickup by SMPP client accounts. * When an SMSC connection is marked off-line, stop routing messages to the connection. * Fix for log entries showing duplicate entries when the current day’s log is empty. (Does not apply to configurations using database.) 2021.03.31: * Fix for slow sending with Android modems. 2021.03.30: * Fix for updated INI files not updating in database configuration. * Fix for SMSC setting “Route All Received SMS to Local User Account” not working properly in most environments. 2021.03.16: * Create HTTPSMSCDEBUG.LOG to log the complete HTTP Request and Response codes associated with HTTP SMSC connectivity errors. 2021.03.15: * Fix for service shutdown delay associated with an SMPP connection configured for transmit only. * Starting with this version, the installer for this version is archived to /var/lib/nowsms/PreviousVersions/NowSMSInstall-yyyy.mm.dd. In the event of problems with an update, it is possible to rollback to a previously installed version by using this archived installer. 2021.03.11: * The MSISDNICAPServer setting now supports a comma delimited list of ICAP server addresses. The MMSC will loop through the servers until it finds one that can identify the subscriber. * HTTP SMSC: Fix for inability to save SMSC connections where the URL does not include an explicit port number (example: http://provider and https://provider would not save, but http://provider:80 or https://provider:443 would save) * Install: Fix for a browser connection error that could occur at the end of the install process while waiting for the login page to become available. 2021.03.03: * Fix delay when loading the “System Configuration” page that could occur if the server does not have internet access. 2021.03.01: * Add support for database connections on non-standard port. In the Database Server setting, use the format ip.address:port (or host.name:port). Example: 127.0.0.1:3307 * Add SNI (Server Name Indication) for SSL/TLS to fix problems connecting to servers that require this support. 2021.02.26: * Fix for error removing database connection. 2021.02.25: * Fix for SMPP receive connection being created when “Receive SMS” and “Bind Transceiver” are both disabled. With these settings, NowSMS should create only a transmitter connection, but it was creating both transmitter and receiver connections. * Fix for problem saving e-mail addresses in the “Authorised E-Mail to SMS/MMS Senders” list. * Fix for invalid cloud server ID assignment problems where the ID would be all 0’s or mostly 0’s with one or more A values. (Cloud server IDs are used for connecting Android modems via the cloud.) 2021.02.22: * Fix for "ERROR - File does not contain a license key” on any attempt to install a license. Licenses could still be installed by using copy & paste to manually enter the serial number and auth key, but license files could not be applied properly. 2021.02.16: * Fix for issue introduced in 2021.02.10 update where the “Delete All” button stopped working in the received message and message queue lists. Also a fix for problems selecting individual messages in these lists. 2021.02.14: * Fix for issues with the “Blocked Numbers” and “Blocked Senders” lists. 2021.02.10: * Fix for Android modem connectivity issues and related crash, especially when connecting via cloud. * Reduce CPU usage, especially for SMPP connections and when idle. * Statistics: Fix for queue sizes reporting empty. * Fix for crash related to broken link with redirect loops for downloading an update. * Fix for service shutdown issues where shutdown was not always graceful. * Fix for some problems related to INI file synchronization, where some updates were not automatically pushed to other servers operating from a shared database. * Daily/monthly message limits, quiet hours, and message speed throttling for modem connections previously applied to SMS messaging only. This has now been extended to apply to both SMS and MMS messaging. Daily/monthly limits apply to combined SMS and MMS totals, while the messages per second throttling is enforced independently with SMS and MMS each having a separate throttle. * MMSC/Inbound MM4: Loosen requirement that RCPT TO addresses in inbound messages must match the configured MMS domain name. * Various improvements related to using Android modems and/or USB GSM modems in multiple server configurations operating from a shared database. * PHP 7.3 uses a different default Unix socket name than previous versions. Additional logic added to locate the php-fpm socket if PHP support is enabled. * User interface updates for outbound message queue, user inbox and received messages queue, including proper display of SMS messages that include a line break, and a “Forward” button. * For web browser performance reasons, reduce the number of log entries displayed by default. * Fix for invalid dates in the outbound message queue, and for some messages in the queue not being displayed. * Debug log file display in the web interface now uses plain text to improve browser performance. 2021.01.29: * Fix for stray text (usually an extra “>” character) appearing in some HTML admin templates. When this error occurred, it was usually in the serial number/license code display. * macOS version updated to universal app, supporting both Intel x64 and Apple Silicon M1/ARM64. * HTML admin fix for UI window sizing when adding a new USB GSM modem. 2021.01.28: * Fix for error handling and timeout issues related to MMS over data connections. 2021.01.27: * Fix for log file downloads reporting filename as “HTTP/1.1 200 OK” instead of the proper filename. * Fix for "Error: MMSC Service Not Active" error occurring when submitting an MMS message via the web interface when the MM1/MM7 port is not active. * Fix for “invalid host name” error occurring on most Linux platforms when attempting to test MMS settings for USB GSM modems. 2021.01.24: * Fix for issue in some web browsers where it was not possible to add more than one license code. * Logging to a Database: NowSMS maintains a persistent connection to the log database. In previous versions, if this connection is idle and the database server drops the connection, the next log entry might not be recorded. * USB GSM Modem: Fix for an HTML error that prevented the “Save” button from working properly when modifying settings for this type of modem. In previous versions, the settings were saved, but the modem settings window was not closed. * SMPP SMSC Connection: In previous versions, the configuration setting “Use 7-bit Packed Encoding for long text messages” was applying the opposite behavior from what was intended. (Turning the setting on actually turned it off, and vice versa.) * 2-way SMS/Forward to E-Mail: Fix for an issue that caused corrupt subject lines. * E-Mail Settings: Fix user interface issues related to these configuration settings. * Fix for throttling delay which limited some SMPP connections to one message per second, even when a larger license was installed. * Logging to a Database: Fix for a variety of issues related to messages that contain variations of quote characters: ‘, “ and `