A new SEPPmail Appliance hotfix release has been published.
Version 15.0.4 introduced a bug in the SEPPmail appliance where a missing waitpid call after a fork caused the child processes not to terminate, gradually exhausting the maximum number of process IDs allowed for the user running the RuleEngine. This effectively caused the appliance to freeze.
Please see the revision history and the extended release notes for further details.

In order to ensure that the automatic renewal of the SwissSign Silver Certificate revocation goes smoothly for the SEPPmail Appliances, we recommend the following setting changes to be in effect as soon as possible (and not later than 22.04.2026 at 15:00 GMT+2):
Under MPKI Settings, enable the following:

• “Automatically renew expiring certificates if validity days left less than”
• “Automatically create certificates for active users without certificates” (This will ensure that the...

In order to ensure that the automatic renewal of the SwissSign Silver Certificate revocation goes smoothly for the SEPPmail Appliances, we recommend the following setting changes to be in effect as soon as possible (and not later than 22.04.2026 at 15:00 GMT+2):
Under MPKI Settings, enable the following:

• “Automatically renew expiring certificates if validity days left less than”
• “Automatically create certificates for active users without certificates” : This will ensure that the...

Swisssign informs that S/MIME certificates generated between July 15 2025 and April 17 2026 have a formal error as viewed by the CA/Browser forum as the regulatory body on certificates. According to Swisssign, the formal errors are not a security risk.

Affected certificates (of type “SwissSign Personal S/MIME E-Mail ID Silver”, ie domain validated certificates) will be revoked by Swisssign on April 22 2026 at 15:00 CET.

The lifecycle of certificates of customers using SEPPmail appliances...

A new SEPPmail Appliance release has been published.
With this release we closed another batch of the ETH Zurich findings:

• High: S/MIME Signature Additional Certificate CVE-2026-29140
• High: Bounded Subject Tag Sanitization CVE-2026-29141
• High: Plaintext secure-mail.html CVE-2026-29142
• High: S/MIME Decryption Impersonation CVE-2026-29143
• High: Unicode Subject Tags CVE-2026-29144
• High: GINA State Confusion Account Takeover CVE-2026-29139
• Medium: PGP Decryption Recipient LDAP...

Swisssign reduces the period for the domain validation from 365 to 198 days as of March 8th 2026 (and further reduction is planned for March 2027).

As a consequence, all previously validated domains where the validation period is more than 198 days ago would become non-validated on March 8th, and thus no new certificates could be issued.

To avoid the sudden change, re-validation for domains of customers in seppmail.cloud which have been last (re-) validated more than 180 days ago have been...