NowSMS Spring 2017 Update

Posted by on Apr 11, 2017 in Software Updates, Support Blog

Topic Keywords: , , , , ,

New releases of the Now SMS/MMS Gateway and NowSMS Lite are now available (Version 2017.04.07). Downloads are available at https://nowsms.com/download-free-trial. Customers with an active Maintenance Agreement can download the 30-day trial version to update a licensed installation. If you have questions about update eligibility or maintenance agreements, please contact us.

Highlights of the new features and enhancements in this release include:

New & Improved Connectivity for Android Modems

NowSMS now supports connecting to an Android phone as a modem using either WiFi or cellular data, providing connectivity options for remote devices and geographic distribution.

There are 3 ways to configure this connectivity:

1.) Local WiFi Mode – The Android device is connected to WiFi and is on the same network as the NowSMS PC. When running on the same local network, the NowSMS PC and Android device can find each other without requiring manual IP address configuration.

2.) Remote Direct Mode – The Android device is configured to maintain a constant connection to the NowSMS server, using WiFi or cellular data. The NowSMS PC must be accessible via a static/fixed IP address or internet host name. If using WiFi on the Android device, the NowSMS PC can use a static IP on the same LAN. If using cellular data, the NowSMS PC must be accessible over the internet (or via a VPN, which is beyond the scope of this guide).

3.) Remote via Cloud – This is the easiest option if you are not familiar with, or do not wish to be concerned with networking requirements. The Android device and NowSMS PC both maintain a connection to a secure cloud service which establishes a secure and encrypted tunnel for communication.

IPv6 Support

IPv6 is now supported for all product functionality with two very minor exceptions:

1.) Sending MMS via USB/serial GSM modem only supports IPv4 APNs (if IPv6 APN support is required, use an Android device as a modem

2.) The local WiFi interface for Android devices as modems requires IPv4.

Blacklist/Blocked Number List

System-wide Blacklist/Blocked Number support is accessible via the following interfaces:

1.) Web Interface under Admin/Blocked Numbers

2.) Text file Blacklist.TXT in the DLISTS directory

3.) Public distribution list named Blacklist can be updated via DList APIs.

USB GSM Modem Improvements

We understand that some of our customers are uncomfortable with the reliability of using Android devices as modems.

In this release, we have implemented support for simultaneous MMS transmission with multiple USB or serial GSM modems. In previous releases, simultaneous MMS trannsmssion could not occur when multiple USB/serial GSM modems were connected to the same mobile operator.

MMS sending and receiving is now supported for mobile operator settings that do not use a WAP gateway or proxy.

SSL/TLS Updates

We have recently completed an extensive review of current best practices for SSL/TLS, and web browser compatibility issues. The SSL/TLS driver has been updated to be based on OpenSSL 1.0.2k, and implements best practices to enable an “A” grade from sslLabs.com.

Key changes:

  • SSL 3 has serious vulnerabilities and is no longer supported (Microsoft Internet Explorer 6 and earlier no longer supported).
  • TLS 1.0 thru 1.2 are supported, with options available to disable TLS 1.0 and/or TLS 1.1.  Disabling TLS 1.0/1.1 is recommended for most installations. TLS 1.2 has the following minimum client version requirements: IE 11, iOS 6, OS X 10.9 or Android 4.4/KitKat.
  • Known weak ciphers, including RC4 and 3DES, have been disabled. (Supported ciphers can be manually configured if desired.)
  • Session caching and session tickets enabled
  • ECDH key reuse disabled
  • Forward secrecy enabled

To  disable TLS 1.0 and 1.1, create a CIPHER.INI file with the following content:

[Cipher]

DisableTLS1.0=Yes

DisableTLS1.1=Yes

To modify supported ciphers, use an OpenSSL format  cipher string in a Cipher= parameter setting of this same file. Use care when modifying cipher support, as proper configuration can be complex. As a starting point, the default cipher string for NowSMS 2017 is:

Cipher=!ECDHE-RSA-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:DHE-RSA-DES-CBC3-SHA:DES-CBC3-SHA:!aNULL:!eNULL:!RC4:!LOW:!MD5:!EXP:!PSK:!SRP:!DSS

 

Real World MM4 Interoperability Issues

This release addresses an issue where some operator MMSCs were not complaining that they were not receiving delivery reports from our MMSC. This issue was caused because the other MMSC was using the MM4 “X-Mms-Originator-R/S-Delivery-Report:Yes” header to request a delivery report independent of whether or not one was requested by the message originator. These delivery report requests are now supported.

A time conversion error was found that could occur when processing expiry dates on inbound MM4 messages. If an absolute expiration date is specified in the inbound MM4, in some cases, NowSMS would translate this as one hour earlier than intended. In one customer installation, an interconnect partner was setting the expiration date in MM4 messages to one hour ahead of the current time. As a result, the MMS notification to devices would contain an expiration date of the current time, or a time that had just passed, causing the device to ignore the notification as expired. (Note that these expiration times apply to how long delivery attempts should occur, they do not affect retention time on the receiving device.)

MMSC Denial Of Service Issue

This release fixes a denial of service issue that could be triggered by submission of an extremely large MMS message.

Customers who have not updated to this release are urged to apply the setting MmsMessageSizeLimit=4096 under the [MMSC] header of MMSC.INI. This sets a systemwide MMS size limit of 4MB (4096KB). Most MMS clients have limits of 1MB or 2MB.

 

For comments and further discussion, please click here to visit the NowSMS Technical Forums (Discussion Board)...