DLANALYZER by Invariant Systems
3/11/2007
Version 5.2.2

Contents:
------------------------------------------------------------------------
Installation
Upgrade
New Features
Fixes
Download Location For Microsoft .Net Framework

------------------------------------------------------------------------
INSTALLATION: (New)

**NOTE: Make sure you have version 2.0 of the Microsoft .NET Framework 
Installed.  If You Do NOT have the Microsoft .NET Framework installed 
DLANALYZER will Not Install.
 
1.) Unzip the contents Of The DLAnalyzer522.zip file into a directory.
2.) Run The Setup.Exe Or DLAnalyzerSetup.MSI File To Install DLAnalyzer 
3.) Copy your existing DLAnalyzer License File (DLAnalyzer.xml) file into 
the directory where you installed DLAnalyzer.
4.) Run the DLAnalyzerConfig.exe GUI configuration utility.
5.) Launch DLAnalyzer through command line OR through the GUI configuration
utility.
-------------------------------------------------------------------------

-------------------------------------------------------------------------
UPGRADE:
To receive DLAnalyzer upgrades you must be within the first twelve months
of your initial purchase or have active service agreement.

**PLEASE NOTE VERSION 5.2.2 REQUIRES THE .NET 2.0 FRAMEWORK

1.) Backup your existing directory of DLAnalyzer. 
2.) Uninstall the previous version of DLAnalyzer.
3.) Unzip the contents Of The DLAnalyzer522.zip file into a directory.
4.) Run The Setup.Exe Or DLAnalyzerSetup.MSI File To Install DLAnalyzer 
5.) Copy your existing DLAnalyzer License File (DLAnalyzer.xml) file into 
the directory where you installed DLAnalyzer.
6.) Run the DLAnalyzerConfig.exe GUI configuration utility.
7.) Launch DLAnalyzer through command line OR through the GUI configuration
utility.


--------------------------------------------------------------------------
Version 5.2.2 (3/11/2008)

New Features:
1.) Tested against 4.3.46

Bug Fixes:
1.) Fixed reporting issues with Domain Summary Reports where domains would
    be excluded on systems that gateway domains.
2.) Fixed several index out of range issues with corrupted log entries.
3.) Fixed an issue with the antivirus report where the virus name would be
    reported as blank.
4.) Fixed several cosmetic issues in the GUI configuration utility.
5.) Fixed a DNS resolution issue where the hostname would be displayed
    on the wrong line in certain circumstances.


--------------------------------------------------------------------------
Version 5.2.1 (3/08/2007)

New Features:
1.) Added variables for the custom virus advanced report.
    %SCANNER0NAME% and %SCANNER0VIRUS%
2.) Tested against 4.3.x

Bug Fixes:
1.) Fixed reporting issues with Domain Summary Reports.
2.) Fixed inconsistent naming of labeling in the configuration utility.
3.) Fixed Recipient and Domain Recipient Reports Limiting Messages.
4.) Fixed several index out of range issues with corrupted log entries.
5.) Fixed several issues with inherit settings not sticking in the domain
    summary reports.
6.) Fixed inconsitent report names between the configuration utility
    and the actual report.


--------------------------------------------------------------------------
Version 5.2.0 (11/06/2006)

New Features:
1.) Support for the log file changes in Declude 4.3.x.
2.) Added Reporting for the ZEROHOUR test.
3.) Supported for the .Net 2.0 framework.

Bug Fixes:
1.) Fixed issue with reports not including results from log entries
that did not contain the "File(s) Infected" log entry.
2.) Fixed Column sizing issues with html reports.
3.) Fixed several index out of range issues with corrupted log entries.

--------------------------------------------------------------------------
Version 5.1.0 (6/1/2006)

New Features:
1.) Support for the log file changes in Declude 4.2.x.
2.) Added Reporting for the integrated AVG Virus Scanner.

Bug Fixes:
1.) Added support for random Smartermail message id's.
2.) Fixed an issues with blank reports with Declude version 1.8.2
3.) Fixed the column header for the Domain Executive Report Showing "TEST"
instead of domain.
4.) Fixed an issue with the Domain Executive report not honoring properly
defined filters.
5.) Fixed an issue with the Recipient Spam Report not displaying the weight
range filter critera.
6.) Fixed an issue where the filters for the spam advanced report would not
display.
7.) Fixed an issue with not reporting banned file extensions in zips.
8.) Fixed a CSS issue with the advanced report table structure with IE.\
9.) Fixed an issue with the overall virus summary report truncating the 
last character in the virus name.


--------------------------------------------------------------------------
Version 5.0 (3/25/2006)

New Features:
1.) 4 new reports (Domain Executive Summary Report for Junkmail, Recipient Spam Report, Domain Recipient Spam Report, and Test Quality Report).
2.) Domain Executive Summary Report - Provides a column view report of all 
domains and how much spam and ham they received.
3.) Recipient Spam Report - Displays email addresses of the users who 
receive the most spam (server wide).
4.) Domain Recipient Spam Report - Displays email address of the users of
a specific domain who receive the most spam.
5.) Test Quality Report - Report detailing how effective each of your
configured spam tests are.
6.) Ability to ignore missing log files.
7.) Ability to configure separate paths for virus and spam logs.
8.) Ability to report on specific hours.
9.) Improved the performance of DNS PTR requests.
10.) Ability to display both the hostname and IP address in reports.
11.) Ability to customize the look and feel of the html report by modifying
the provided dlanalyzer.css style sheet.
12.) Ability to customize the report file name utilizing variables for the 
current data %YYYY%, %DD%, and %MM%. 
13.) Added new domain global options.  Includes the ability to specify local
ip addresses that send mail to limit their inclusion in the report.

Changes:
1.) Date Interval: In previous versions "0" meant the date interval was
disabled and DLAnalyzer would use the date range.  In version 5.0 a date
interval of "0" will process the current days log.
2.) All junkmail tests will now work on log level MID.  We no longer require
log level high for junkmail reports.  Virus reports STILL require log level
HIGH.
3.) Auto generated report name now defaults to dlayyyymmdd.txt from dlammddyy.txt.


Bug Fixes:
1.) Fixed several out of bounds issues caused by corrupted log files.


--------------------------------------------------------------------------
Version 4.1.2 (9/26/2005)

New Features:
1.) Support for new Declude Junkmail logging format introduced in version 3.0.5 Release.

Bug Fixes:
N/A

--------------------------------------------------------------------------
Version 4.1.1 (5/28/2005)

New Features:
1.) Support for new Declude Junkmail logging format introduced in version 2.0.6.x Beta's

Bug Fixes:
1.) Apply button would not enable when the date or interval ranges were selected in certain instances.
2.) Fixed Last Action Report issue where inherit box would be wnabled when the report was disabled.



--------------------------------------------------------------------------
Version 4.1.0 (4/7/2005)

New Features: 
1.) Support for new Declude Junkmail logging format introduced in version 2.0.6
2.) Added support for the %LASTACTION% and %WEIGHT% variables for the HTML and TEXT
    reports when using the external database.

Bug Fixes:
1.) Fixed possible "index out of bounds" errors when processing corrupted log file lines.
2.) Test Breakdown summary inclusion add button did not disable after adding a test.
3.) Fixed database tab not reflecting enabled options on GUI start.

---------------------------------------------------------------------------
Version 4.0.5 (1/20/2005)

New Features: N/A

Bug Fixes:
1.) Modify button would be enabled if all spool folder locations were removed.
2.) Fixed issue in GUI where inherit settings for last action test was enabled but GUI threw an error.
3.) Domain Virus Overview report sort by name format was not aligned properly.
4.) Fixed an issue in GUI where you could not enable the option to suppress domains with no viruses.
5.) Fixed an issue where the GUI could be configured with No spool file locations.
6.) Fixed an issue where the inherit checkboxes in various junkmail settings would not enable apply button.
7.) Fixed an issue where changing the date for the report would not enable the apply button.
8.) Test Breakdown summary inclusion add button does not disable after adding a test.

Version 4.0.3

New Features (4.0.0):
1.) Can process logs from multiple servers on one pass producing combined Reports.
2.) Support for custom log file names.  Implements the functionality as the logging configuration in your global.cfg / virus.cfg files.
3.) Global Inheritence - Ability to define Tests (Inclusion and Exclusion), Domains (Inclusion and Exclusion), and Last Actions at a global level and inherit them in reports.
4.) Virus Log Processing.
5.) Overall Server Virus Summary Report - will display an overall list of viruses and how many were sent to your server.
6.) Virus Scanner Report - will produce a report of which viruses were detected by your virus scanners.
7.) File Extension Report - will display a list of file extensions of attachments that were sent through your server.
8.) File Extension Virus Report - will display a list of file extensions that were used by virus infected files.
9.) IP Virus Summary Report - will display a list of IP addresses and how many viruses were sent by them.
10.) Recipient Virus Report - will display a list of recipients and how many viruses they received.
11.) Sender Virus Report - will display a list of senders and how many viruses they sent.
12.) Banned File Extension Report - will display a list of Banned File Extensions and how many files were blocked because of them.
13.) Domain Virus Reports - Ability to produce domain based virus, recipient, and ip summary reports.
14.) Virus Advanced Reporting - Generate highly detailed and granular reports based on email address, domain name, virus, vulnerability, banned file extension, and filename.
15.) Different custom format files for both html and text based advanced reports for Virus and Junkmail processing.
16.) The GUI Utility will check for DLAnalyzer updates.  NOTE:  This does not send any information to our servers other than the version you are running.  You can also disable this feature by setting the auto update key in the dlaconfigutil.exe.config to false.

New Features (4.0.3)
17.) Domain Virus Overview Report


Changes:
1.) The TAB report will save the filename with an extension of .txt opposed to .xls.
2.) The advanced reports now support different custom output format files.
2a.) AdvancedReport.format - DLAnalyzer Junkmail Text Format File.
2b.) AdvancedReportHTML.format - DLAnalyzer Junkmail HTML Format File.
2c.) AdvancedReportVirus.format - DLAnalyzer Virus Text Format File
2d.) AdvancedReportVirusHtml.format - DLAnalyzer Virus HTML Format File.
3.) SMTP AUTH users are now counted.  IP address will default to UNKNOWN and the LAST Action will be set to IGNORE.

Changes: 4.0.3
1.) Removed the "Total Messages Processed(Server)" Total From Domain Virus Summary Reports.



Bug Fixes: 4.0.0
1.) Fixed IP Summary Report Heading Label.
2.) Fixed CSV Report Missing Comma's in IP Summary Report.
3.) Fixed issue with zero byte temp file was created and not deleted if the Junkmail advanced report was not enabled.
4.) Fixed formatting issue when reverse dns lookups were enabled, but none of the queries resolved correctly.
5.) Fixed Outgoing Domain Summary Report would not display any results if only a domain was specified to be excluded from the report.

Bug Fixes: 4.0.3
1.) Added The Missing "Inherit Global Tests" For The Junkmail Domain Summary Reports
2.) Fixed issue where if a message had a null recipient an extra line of no information was added to domain virus reports.
3.) Fixed issue where Junkmail Advanced Report Test Filter Add Button Was Always Disabled.

--------------------------------------------------------------------------
Version 3.0.1 - 3.0.3
NEW FEATURES:
NONE

BUG FIXES
1.) Fixed a bug where the overall test summary could report higher values (3.0.1)
for certain tests when lower case characters were in the test name.
2.) Removed the Line "Average Message Weight From Domain Summary" text 
report. (3.0.2)
3.) Advanced Report Would Generate An Error In Certain Configurations. (3.0.3)
 

Version 3.0 (6/28/2004)
NEW FEATURES:
1.) Added Last Action Summary Report
2.) Added "-c" command line parameter for alternate configuration files
3.) Added "TestListExclude" - Ability To Exclude A Test From The Server Test Summary Report
4.) Added SMTP AUth Support
5.) Added SMTP Username & Password
6.) Added Ability To Do Multiple To: Addresses
7.) Added Ability To Do Multiple BCC: Addresses
8.) Added Ability To Do Multiple CC: Addresses
9.) Advanced Report Last Action Filter
10.) Customized Advanced Reports (TEXT & HTML)
11.) Changed Advanced Report Final Output To Report Unique Messages Opposed To Rows Filtered
12.) Test Breakdown Summary Report
13.) Weight Range Summary Report
14.) Weight Range Advanced Report Filter
15.) IP Summary Report
16.) Domain Summary Last Action Filter
17.) Domain Summary Weight Range Filter
18.) Changes in headings for domain summary
19.) Added Zero domain suppression
20.) Added DNS Resolution For IP Summary Reports
21.) Added Weight Range Filter To IP Summary Reports
22.) Added Last Action Filter To IP Summary Reports

Configuration Utility
1.) - Save As Configuration
2.) - Open Configuration
3.) - Launch DLAnalyzer From The GUI Utility
4.) - Open Reports When DLAnalyzer Completes

Version 2.0.6 (1/12/2004)
1.) Added Average Message Weight For All Messages
2.) Added Average Message Weight For Messages That Failed At Least One Test
3.) Added Support For New Declude Logging For Declude 1.77i15+

Bug Fixes:
1.) Configuration Utility: Fixed Instances Where Data Would Be Exported To The
Configuration File For Domain Summaries and Advanced Test Reports When These
Tests Contained Data, But Then Were Disabled.


Version 2.0.2
N/A (Only Bug Fixes)

Version 2.0 - 11/16/2002
1.) ProcessPrevious Days - DLAnalyzer Will Process The Last Amount Of Days
You Have Set.
2.) New Email Options For Configuring Subject and Message Body
3.) OverWrite Report File - Previous Behavior Was Always To Append.  Now You
Can Overwrite
4.) Incoming And OutGoing Domain Summaries Have Been Broken Into Two Different
Tests.

---------------------------------------------------------------------------

---------------------------------------------------------------------------
FIXES

2.0.2 - 12/16/2003
1.) (DLAnalyzer) - Changed database timeout to prevent timeouts on large log files.
2.) (DLanalyzer) - Fixed Exception When a Message Contained an invalid character set.
3.) (DLAConfigUtil) - Advanced Report Tab Would Not Display "Test" As A Valid Sort
     Option On Program Load.
4.) (DLAConfigUtil) - Advanced Report Tab - Disable Advanced Report Would Not Be Saved
     To Configuration File On Exit.
5.) (DLAConfigUtil) - Enable Email Tab - Enable Email Option Not Saved To Configuration File In
     Certain Cases.
6.) (DLAConfigUtil) - Advanced Report Tab - Filter Options Could End Up Disabled in certain cases.

2.0 - 11/16/2003
1.) Fixed International issues related to dates
2.) Fixed gibberish displayed in domain reports.

---------------------------------------------------------------------------
DOWNLOAD LOCATION FOR MICROSOFT .NET FRAMEWORK
In general you can download the microsoft .net framework from Windows Update.

Or you can download the redistributable of the framework.
http://www.microsoft.com/downloads/details.aspx?FamilyID=0856eacb-4362-4b0d-8edd-aab15c5e04f5&displaylang=en

============================================================================

For any questions please contact support@invariantsystems.com
Thank You
Invariant Systems