Back to Community Threads
Build 9560 (Mar 5, 2026)
Question asked by kevind - 3/5/2026 at 7:27 PM
Unanswered
Share your experience with this new build.
Lots of fixes and a few security patches: Release Notes
J
J. LaDow Replied
3/5/2026 at 7:41 PM
FWIW - notes like this:

Security: Fixed a few obscure authentication bypass, privilege escalation, denial of service, and path traversal issues we found during our security audit.

These "fixes" being passed off as "obscure".

There's nothing about those vulnerability types that should ever be considered obscure. 

It really makes me wonder just how much of a ticking time bomb this experiment really is...
MailEnable survivor / convert --
Sébastien Riccio Replied
3/5/2026 at 8:57 PM
Security fixes... let's then upgrade right away... Crossing fingers that no new obscure issues appears.
Sébastien Riccio System & Network Admin https://swisscenter.com
Sabatino Replied
3/6/2026 at 2:02 AM
Yes, guys.
But here we're talking about escalation problems from IPs that have been whitelisted by Auth.

Honestly, if we whitelist an IP, it means we completely trust that IP. Otherwise, it would be exposing ourselves...
Sabatino Traini Chief Information Officer Genial s.r.l. Martinsicuro - Italy
Sabatino Replied
3/6/2026 at 2:08 AM
What I didn't understand was this:

Fixed: "From address must match authenticated address" when sending IP in auth bypass.

But if ip auth bypass is enabled, the authenticated address doesn't exist.
Sabatino Traini Chief Information Officer Genial s.r.l. Martinsicuro - Italy
rick Replied
3/6/2026 at 5:42 AM
Can we make a separate thread called Whiners & Complainers and keep all the annoying posts in there? SMH
D
Dave Replied
3/6/2026 at 9:01 AM
Fixed: "From address must match authenticated address" when sending IP in auth bypass.

But if ip auth bypass is enabled, the authenticated address doesn't exist.
Yes and no. Without knowing what was actually fixed we can only guess. But I do have a few whitelisted IPs for offices that have copiers that are probably old enough to vote that still do scan to email but have no idea on how to authenticate. BUT, the PCs in the office and other equipment does and they do.

Edge case but I could see things like that.
Stefano Replied
3/6/2026 at 9:35 AM
Is there anyone brave enough to have installed this latest version? 😉
D
Dave Replied
3/6/2026 at 9:39 AM
Is there anyone brave enough to have installed this latest version? 😉

Did last night on 6 servers. No calls as of yet.
Daniele (TDBnet) Replied
3/6/2026 at 11:02 AM
All right here for 5 hours...
Upgraded from 9526.

Daniele
J
Jay Dubb Replied
3/6/2026 at 3:13 PM
8 hours, no calls.
 
B
Bruce Replied
3/7/2026 at 1:53 AM
24 hours, no issues reported so far.
Installed 6 hours ago, no issue so far
Gabriele Maoret - Head of SysAdmins and CISO at SERSIS Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)
bong.sapasap Replied
3/7/2026 at 8:54 AM
I've installed it

webmail interface initially loaded
but the moment I logged in
It hangs
CPU and Memory spiked to 100%
J
J. LaDow Replied
3/7/2026 at 9:25 AM
@bong 

Was the version upgraded from relatively old?

Is the system still converting or re-indexing accounts?

Possibly try deleting all cookies and stored data from the browser cache and try again incase "local storage" is corrupted?

Anything in the log files? (Administrative / General Errors)
MailEnable survivor / convert --
bong.sapasap Replied
3/7/2026 at 10:18 AM
I've stopped the Smartermail Services and renamed the Archived directory
Restart the service and the Server was normail again.
Hence, the spike is caused by the Archiving process
Michael Replied
3/7/2026 at 12:50 PM
We had same issue CPU and Memory spiked to nearly 100% and SmarterMail service crashed.
We came up with the idea to delete the cookie for webmail that we had on the machine connecting to the admin. After deleting the cookie (without logging back in) the admin site appeared immediately. Memory and CPU went back to normal. Odd. 
echoDreamz Replied
3/8/2026 at 3:40 PM

We applied the update the evening of the 5th. Around 4:00 AM Mountain time this morning (8th), the SM service became unresponsive. The process was still running, but it was refusing connections (timing out). CPU usage was at 0%, memory usage appeared stuck, and the thread count was not changing, indicating the service had stalled.

When the service was stopped, it took nearly three minutes to shut down. During the shutdown, CPU usage spiked and memory usage increased significantly for about 30 seconds. Monitoring then returned to normal and the SM process terminated cleanly.

After restarting the service, it has been operating normally since. Very weird, havent had that happen in quite a long time.
Brian Replied
3/8/2026 at 7:40 PM
Missing all emails from AquaMail EWS (except one acccount shows a handful of emails from a bank with a daily balance). I personally have about 15 email accounts on various domains. They all seem to work fine using eM Client EWS and Outlook MAPI... but all of them on AquaMail via EWS show no messages (except the one account showing a few).
J
J. LaDow Replied
3/8/2026 at 9:01 PM
24 hours - no tickets - 

Features in use:
IMAP / SMTP / XMPP / Webmail

~100 domains / ~400 users
MailEnable survivor / convert --
D
Dave Replied
3/9/2026 at 6:10 AM
I take back what I said above. I just started to get some issues in this morning. Opened a ticket but am seeing a lot of these until that IP gets blocked. Once I unblock the IP all is good again.

[2026.03.07] 02:41:01.190 [x.x.x.x] IMAP NtlmAuthenticate Login failed: Authenticate parse failed for <user@domain.com>.
[2026.03.07] 02:41:01.202 [x.x.x.x] IMAP Attempting to login user: user@domain.com
[2026.03.07] 02:41:01.202 [x.x.x.x] IMAP Login failed: Incorrect password for user [user@domain.com]
[2026.03.07] 02:42:16.362 [x.x.x.x] IMAP NtlmAuthenticate True IDS counting for NTLM failures over IMAP at this IP is throttled.
[2026.03.07] 15:36:18.093 [x.x.x.x] Login failed: Token has expired.
[2026.03.07] 15:37:12.551 [x.x.x.x] Login failed: Token has expired.
JerseyConnect Team Replied
3/9/2026 at 12:35 PM
A bit concerning to see several reports of CPU and memory issues with the SM service getting hung.
Sébastien Riccio Replied
3/9/2026 at 12:45 PM
Build up since a few days here, no support tickets or strange things detected for now. I feel lucky for once :)
Sébastien Riccio System & Network Admin https://swisscenter.com
D
Dave Replied
3/9/2026 at 3:30 PM
And....I just had the hanging issue.
Richard Laliberte Replied
3/9/2026 at 8:22 PM
So basically, wait to update lol
Nathan McKAy Replied
3/10/2026 at 12:06 AM
Encountered RAM ballooning issue in under a hour after update. Memory Demand exceeded assigned ram by 8+ GB. Issue persisted after service restart, machine restart, and another service restart. Ended up reverting to prior version with the IMAP fixes.

FYI, THE UPDATE IS BELIEVES ITS NON-REVERSABLE, be aware of the archived service setting trick if you want to try it, so you can revert if needed.

@Smartertools -- It would be appreciated to have that in notes, that if I update and decide to downgrade, its inadvisable. 
No issues so far. Memory is not ballooning at all.
J
J. LaDow Replied
3/10/2026 at 10:19 AM
We're seeing these now too:
 Login failed: Token has expired.
	Brute force attempts increased to 2 of 5 in 4320 minutes.
	Next clean available at 3/10/2026 10:03:44 AM
An expired token shouldn't be triggering IDS counts - failed logins should be - and there's no corresponding failed login with this entry. Additionally, this becomes a REAL issue when there are multiple users on a shared IP.
MailEnable survivor / convert --
Where?
J
J. LaDow Replied
3/10/2026 at 1:21 PM
Administrative log -- looks like it's from webmail interface --
MailEnable survivor / convert --
D
Dave Replied
3/10/2026 at 1:22 PM
Check the admin logs.
Not seeing anything that is related to tokens at all
D
Dave Replied
3/10/2026 at 1:28 PM
Do you have people using Outlook & IMAP?
All of them. All of the users are on MAPI. Not a single one on IMAP/webmail.
t
terry fairbrother Replied
3/11/2026 at 2:37 AM
I use IMAP at home and been getting a lot of lockouts, but this morning I'm bombarded with password requests from mapi users on a different server 
Scarab Replied
3/11/2026 at 8:22 AM
We had the 100% CPU & Memory Usage after upgrading from Build 9546 as well. Server could no longer be managed remotely as CPU0 was too busy to respond to RDP, PowerShell, SC, NET, Taskkill, PsService, PsExec, etc. (Lesson learned to set Smartermail.exe affinity to CPU1+ and not allow it access to CPU0 at all if running on bare metal without an iDRAC and can't easily be recovered like a VM or VPS.). Had to drive out to location at 3AM and reboot server in Safe Mode, disable the SmarterMail service, reboot, uninstall Build 9560 and reinstall Build 9546 as renaming \SmarterMail\Service\Settings\Archived_Data and restarting the service didn't remedy the problem for us as it did others.

I'm going to skip this version entirely and wait till the next version has been fully tested by others before upgrading again during Monthly Scheduled Maintenance.
JerseyConnect Team Replied
3/17/2026 at 12:15 PM
Is there anyone with a stable install on 9560 or has everyone had to downgrade eventually?
Running very stable here with all users on MAPI/EWS.
Michael Wallace Replied
3/17/2026 at 12:45 PM
Running stable here as well with Build 9560. Using Linux. Most users are on MAPI/EWS with a few using IMAP. CPU and Memory are all running normal.
I have 9560  for days, no issue...
Gabriele Maoret - Head of SysAdmins and CISO at SERSIS Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)
J
Jay Dubb Replied
3/17/2026 at 2:32 PM
Still fine on 9560.  We've noticed slightly higher CPU utilization after updating (trend data shows approx 3-5% increase from prior builds) but nothing that causes us any concern.
 
J
J. LaDow Replied
3/17/2026 at 3:51 PM
We've been on since earlier post with no issues other than the IDS complaints we already have.
MailEnable survivor / convert --
E
Edhy Rijo Replied
3/20/2026 at 1:39 PM
So far, the only thing I noticed is that starting about March 9, 2026, I am getting a whole lot more spam emails and even though I blocked them, they keep coming back with vengeance.
Richard Laliberte Replied
3/20/2026 at 1:51 PM
@Edhy, i'm not sure if that's a smartermail thing or just in general. We are still on 9540 and have noticed an uptick in spam lately as well.
J
J. LaDow Replied
3/20/2026 at 1:54 PM
There's been a very large uptick in spam lately - coming from a handful of providers and then there's a couple rogue ASNs as well that have become an issue.
MailEnable survivor / convert --
E
Edhy Rijo Replied
3/20/2026 at 2:49 PM
Thanks Richard, J. LaDow for your comments.  Since latest updates were focused on security, I thought that maybe some of the spam settings may have been affected.
I find myself constantly clicking the "Block Sender" and "Move to Junk" more frequently on a daily basis.
t
terry fairbrother Replied
3/20/2026 at 3:34 PM
started getting this on random pcs. seems to occur when an email is programmatically created from 3rd party software. first time I fixed it by rebuilding the outlook profile but today I had to whitelist their ip and allow SMTP Auth bypass which allowed them to send. There's an old thread on here which refers to mime Auth which I enabled, but would like to nail this without having to make system changes.

From: System Administrator 
Sent: 20 March 2026 15:11

snip


xxxxx@gmail.com' on 20/03/2026 15:11
           This message could not be sent. You do not have the permission to send the message on behalf of the specified user. 

__________________________________________________

Diagnostic information for administrators:
__________________________________________________

Error is [0x80070005-0x000004dc-0x00000524].

Exchange response headers:
request-id: 11ba940b-8657-43fb-be25-62e709d69b3d
X-ServerApplication: Exchange/15.01.1847.001
X-FEServer: SMARTERMAIL
X-BEServer: SMARTERMAIL
X-CalculatedBETarget: mail.ourdomain.com
X-RequestId: {FB109A3F-A5BF-4183-B39B-ADACD2AD35C3}:793
X-ClientInfo: {DF035063-6EF5-4451-8231-4D5073CD4C98}:70800032
X-ElapsedTime: 0
X-ResponseCode: 0
X-DiagInfo: SMARTERMAIL
X-RequestType: Execute
__________________________________________________

ROPs Summary:

0: ropSetProps (10) Processed(1) Completed(0)
ROP result: 0
Response codes: 0
1: ropFlushRecipients (14) Processed(1) Completed(0)
ROP result: 0
Response codes: 0
2: ropSetProps (10) Processed(1) Completed(0)
ROP result: 0
Response codes: 0
3: ropTransportSend (74) Processed(1) Completed(0)
ROP result: 0
Response codes: 1244
__________________________________________________


Transport-Send failed: failure enum(25), HResult(0x00000000), EC(1244).
Transport-Send failed: failure enum(22), HResult(0x00000000), EC(1244).
Submit-Message failed: message id(29), failure enum(13), HResult(0x80070005), EC(1244).
Brian Replied
3/20/2026 at 10:34 PM
On 9560. Large uptick in SPAM also. But not necessarily anything to do with 9560.

9560 still doesn't work with AquaMail - confirmed with support. 🥵
Michael Wallace Replied
3/21/2026 at 8:11 AM
On our Spam filter server, nothing to do with Smartmail, there has been a huge increase of spam and spammers getting smarter and clever on ways to bypass the spam filters. 

There has been a few reports that the spammers and scammers are now using AI to help with this.

We may need to come up with a AI tool to defeat the AI Spammers! 

But to discuss this in more detail here, we should create a new Thread and keep this only for issues with new SmartMail builds.
Michael Replied
3/21/2026 at 11:22 AM
Similar CPU and Memory issue on upgrade to Build 9575. At least it hasn't crashed but CPU is in the 97% area and Memory hovering around 7GB. It's doing something after upgrade. Not clear. Running about 30 mins at this level so far. My best guess it's it's cleaning up logs or perhaps indexing. But if that's the case there should really be a step in the installer showing what's done and what progress. If not, there's some sort of issue in the past two builds. From what I can tell no official word about this from ST. And several reports above about memory and CPU.
D
Dave Replied
3/21/2026 at 3:37 PM
Did not even get an email from them about the new release :(
Michael Replied
3/21/2026 at 3:59 PM
Several crashes. Tried to roll back to 9560 and still getting spiking CPU. Opening emergency ticket.
Sébastien Riccio Replied
3/21/2026 at 10:00 PM
For now, I postponed update to Build 9575 due to:

  • Security: Hardened a few API calls.
As we use API to manage SmarterMail from our home made control panel.
It would be cool to known which API calls we can know if we use them and check if everything still working after the upgrade.

I hope that you will be able to fix the CPU spikes Michael.
Sébastien Riccio System & Network Admin https://swisscenter.com
Zach Sylvester Replied
3/21/2026 at 10:00 PM
Employee Post
Hey Everyone,

On startup, SmarterMail runs several one time tasks at once. It checks and updates all domains and mailboxes, handles a surge of client reconnects, and applies changes from the new build. This causes a temporary spike in CPU and memory.
Once it finishes, usage returns to normal.

The most important thing to check is Windows Defender exclusions. If SmarterMail data paths are not excluded, Defender can significantly increase resource usage.

Do not restart the service during this time, as it resets progress and makes it take longer.
You can monitor progress in Event Viewer under Application logs. Look for “Preload finished” and “SmarterMail Started” to confirm it’s done.
Rolling back is not recommended since the upgrade may change data structures.

If usage is still high after startup completes wait some time for it to settle and open a support ticket with logs, server specs, and domain and user counts. To investigate further, we would need a dotTrace capture for CPU issues or a dotMemory capture for memory usage.

Kind Regards,
Zach Sylvester Software Developer SmarterTools Inc. www.smartertools.com
Sébastien Riccio Replied
3/21/2026 at 10:03 PM
Opened a new thread for 9575 as this one seems to derivate to it :)
Sébastien Riccio System & Network Admin https://swisscenter.com
Back to Community Threads

Reply to Thread

Enter the verification text
Related Knowledge Base Articles
Key Feature and Version Milestones in SmarterMailSmarterMail
SmarterTools Licensing InformationGeneral Topics
Email Migration Options to SmarterMail from an External MTA.SmarterMail > Installation and Configuration
SmarterMail, LDAP, and Active DirectorySmarterMail > Server Configuration and Management
Automatic SSL Certificates on a New SmarterMail ServerSmarterMail > Server Configuration and Management