Changelog
2.4.10 - 20241203
- DNSBL list revisited
- refactor self-IP resolution
- updated dependencies
2.4.9 - 20241018
- fix #1089 remove zero bytes at startup
- fix #1086 separate version check outside cron file
- ES fix API key and HTTP basic authorization
- internal only redirects feature
- redirects to all domain's boxes (*@example.com)
- optional WebDAV
2.4.8 - 20240905
- fix missing DKIM when email was SRSed
- fix missing ARC/DKIM in cases when From header should be parsed
- remove redundant LMTP header in case of Dovecot local delivery
- add full mail regex filter to rspamd multimap
2.4.7 - 20240806
- Roundcube 1.6.8
- fix #1081 error 500 if box name is empty
2.4.6 - 20240702
- Node 22
- RSPAMD multimap filters
- removed nginx absolute redirects
2.4.5 - 20240610
- Roundcube 1.6.7
- fix DNS crash part 3
2.4.4 - 20240605
- fix obnoxious DAV debug PHP notice
- fix DNS crash part 2
2.4.3 - 20240604
- fix queryMx ESERVFAIL crash
- fix missing Haraka logs
- add option to debug DAV
2.4.2 - 20240530
- fix custom TLS settings for Haraka
2.4.1 - 20240524
- fix #1047: SPF check is always neutral
2.4.0 - 20240521
- ARC implementation
- BIMI implementation
- addedd customizable regex rspamd filter (via web ui)
- fix mixed charset score (rspamd)
- fix fuzzy learning (rspamd)
- more strict DMARC in wizard
2.3.21 - 20240315
- fix #1038 error in log viewer
- fix DNSBL test with public resolvers
- fix and test DAV for EM Client, iOS Apple mail
2.3.20 - 20240226
- Roundcube 1.6.6
- DAV redirect for Apple devices
- DAV fix auth
- internals cleaning and refactoring for Symfony update
2.3.19 - 20240129
- update FREE version NodeJS to prevent privs issue
- wide code refactor
- remove dead code at multiple places
2.3.18 - 20231214
- revert to NodeJS v18, details later
- add csv export to logs
- fixed typo in layer limits image
2.3.17 - 20231204
2.3.16 - 20231204
- fix #1022, ref #1018 get rid of statx enabled coretools interaction
- get rid of missing file error when installing
- fix invalid template in Quarantine controller
- fix #1024 show delivery logs to domain administrator
- fix #974 fuzzy check to actually work
- fix #998 add ElasticSearch index to delivery_result.type
- fix #1000 roundcube db update to container init
- fix #674 allow all local reverse proxies
2.3.15 - 20231107
- Node.js version 20
- Roundcube 1.6.5
- fix deprecated command message for le:renew
2.3.14 - 20230902
- fix #991 limiting realtime table size
- cipher list for legacy clients fix
- fix outbound submission TLS settings for failing connections
- multiple updated dependencies
2.3.13 - 20230502
- fix SMTP crash when peer has obsolete TLS
- fix MAIL FROM/RCPT TO parser error leak
- fix zero-bytes queue file crash
2.3.12 - 20230411
- updated Lescript to 0.3.0
- ref #973 fix domain forward in middle of the path
- fix missing roundcube config message
- fix #973 fix configuration of RSPAMD DMARC reporting
- red #974 add debug messages for sieve learn spam/ham
- php 7.4 + debian:stable
- fix paginator to add first row
- english language tuning
- remove Goutte and update some deps
2.3.11 - 20230203
- fix #955 remove / from valid domain characters
- fix missing discard flag
- fix invalid address in redirect target
- roundcube 1.6.1
- new feature: custom domain outbound ip&hello
- enhanced pagination
- multiple minor design fixes and changes
2.3.10 - 20221115
- fix #959 missing path at reconnect at p0f plugin
- fix #960 use INTL_IDNA_VARIANT_UTS46 and fix return codes of validations
- removed AUTH PLAIN authorization identity for smart delivery
- DQS implementation documented at https://poste.io/doc/dqs-implementation
- rewritten multiple internal plugins with async/await
- update deprecated Haraka plugin paths
- loading latest version tag info with additional checks
2.3.9 - 20220829
- prevent assuming Spamhaus's error as positive
2.3.8 - 20220614
- regular update
- Elasticearch integration
- fix Dovecot expunge (truncate mailbox)
- Roundcube 1.5.2
- fix attachment.js error handling with complex archive Haraka#3035
- Node.js 16
2.3.7 - 20220307
- fix hanging redis connections causing multiple internal problems
- fix prevent setting empty password when editing user
2.3.6 - 20220110
- fix prevent account self-disable
- fix #918 forbid domain admin manipulate rights
2.3.5 - 20211215
- update roundcube to 1.5.1
- fix #895 eliminate lmtp queue hook and process directly without side efects
- fix #899 handle situations where inodes not available (ex. brtfs)
- fix #905 remove line before add at config.inc.php
- fix #904 OPTIONS WebDAV request forbidden
- fix privacy plugin to not remove X-MS-Exchange-SenderADCheck which might be included in DKIM hash (redirects might be affected)
- fix move auth/poste before karma punishments
- fix invalid domain quota view
- show redirects in log viewer
- fix #887 remove auth-ws from symfony firewall
- fix HTTP 500 when password is invalid
- initial implementation of elasticsearch for log search (PRO only)
- multiple typos and small changes
2.3.4 - 20210910
- fix invalid SRS when relaying emails without AUTH
- fix delivery MX resolution where invalid dns host appears
2.3.3 - 20210909
- fix #886 mail ending in wrong mailboxes when using domain bin (+test)
- fix CZ translation of quarantine count
2.3.2 - 20210907
- rewriten forwarding system - aliases/redirects are handled inside of haraka itself (not with sieve scripts)
- raised session lifetime for roundcube
- fix HTTP 500 at install instruction
- shorten healthcheck time to 30s
- fix missing bsdtar for attachment plugin
- added missing CZ login screen translation
- multiple minor improvements
2.3.1 - 20210809
- multiple form submit errors fixed
2.3.0 - 20210803
- fix #871 raw log is always cleaned, no matter the settings
- major rewrite to upgrade to latest stable Symfony
- update to latest Roundcube
- rewrite of build and testing system
2.2.32 - 20210507
- regular update
- removed SafeBrowsing at freshclam.conf
- fixed deprecation warnings by node
- build z-push download fix
2.2.31 - 20210329
- regular update due https://security-tracker.debian.org/tracker/CVE-2021-3449 (apt update && apt upgrade in container is also sufficient)
- fix info leakage of roundcube version
2.2.30 - 20210310
- fix domain administrator rights escalation
- fix list of domain leakage for domain administrators
2.2.29 - 20210126 hotfix
- fix automatical blocking of limited senders
2.2.27 - 20210121
- fix check amount of recipients with limits when it could send over quota
- fix numerous problems with cron failing on 'NUMBER OF HARD LINKS > 1'
- fix #820 add edit header
- fix #818 loop in rotated roundcube logs
2.2.26 - 20201124
- fix #813, #814 lower remote peer TLS config expectation
2.2.25 - 20201119 (revert quarantine)
- fix "statx" problem in older docker installations
2.2.24 - 20201116 (quarantine)
- fix #800 add new self-signed cert
- fix #802 adjust nginx healthcheck port according to env
- remove tls no-go feature for submission since it doesn't make sense anyway ref #807
- fix #808 allow changing box domain super admin only
- raise timeout for log search
2.2.23 - 20200925
- regularly clear redis pubsub connections
- fix "invalid IP address" message
- fix another outbound loop
- fix Haraka sending EHLO twice in special case
2.2.22 - 20200901 (back to the school)
- added discard option on mailbox (especially handy for bounced dmarc reports to prevent loops)
- fix #791 don't try deliver to invalid MX IPs
- introduced short term raw logs cleaning since summaries should be enough for long term
- fixed zero length queue file crash
- fixed multiple looping problems inside mailserver
- lowered redis idle timeouts
- raised timeouts for web log search
- relay hitting limit notice fix
2.2.21 - 20200604
- quckfix of cron check of latest version
2.2.20 - 20200603
- underlaying distribution upgraded to Debian bullseye
- PHP 7.4
- added notices for hiting relay limits
- fix redis subscribed connections overflow
- change freshclam to be `nice` to CPU
- fix #752 empty envelope FROM read receipt accept
- Symfony admin deps updated
- fix #762 move roundcube logs outside container
- fix #760 replace pgrep with more basic ps | grep, due bug in procps-ng
- Roundcube updated to 1.4.5
- fix #756 remove healthcheck on rspamd or clamd if disabled
- fix #751 IP Stats lack reverse DNS on 2.2.19
- fix DDOS of poste.io servers by version check
2.2.19 - 20200319
- fix #735 replace ssl_min_protocol in proper dovecots file
- fix #739, fix #740 longer wait for LE's verification
- fix #737 adjust clamav cron when clamav disabled
- major rewrite of testsuite
- fix broken charts
- add ability to change box address
- add DISABLE_RSPAMD env variable
- fix #695 remove multiple JS leaks
- fix #718 mark dmarc-records@ box reserved
- fix documentation and labels about port 465 according to latest RFC
2.2.2 - 20200212
- force nodejs to allow TLS lower than v1.2
- custom TLS settings docs at https://poste.io/doc/custom-tls
- fix #729 brand name greeting message
- fix #730: Queued items are invisible
- fix remove whitelisting localhost when roundcube user is authed
2.2.1 - 20200120
- update to Roundcube 1.4.2
- relieve on default minimal required TLS to v1.1 for Haraka & Dovecot
- fix #728 replace help line with openspf.org with open-spf.org
- fix #723 price PER YEAR
- fix #725 replace maxmind's geolite with https://github.com/analogic/ipgeo
- remove clamav ScanOnAccess deprecation warning
- fix subject view when inspection is on
- fix #713 add ability to set TLS settings (login requirements, minimal TLS version, allowed ciphers) through server.ini
- fix #720 disable rspamd dkin signing (we sign at Haraka)
- fix #716 Queue JS foreach on undefined
- fix #714 raise paging limit to more impossible number
- fix #712 invalid port in error message
- fix #719 add ident to roundcube to track real user IP address
- fix #709 check http code for new roundcube
- fix #708 sudo: setrlimit(RLIMIT_CORE): Operation not permitted
- add "force route" feature for domain
- fix #700 php-fpm security issue (not really an issue)
- temporary disable R_MIXED_CHARSET due https://github.com/rspamd/rspamd/issues/3156
2.2.0 - 20191113
- update to Roundcube 1.4
- update to Nodejs 12
- updated minimal TLS version to TLSv1.2 and ciphers to "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384" according to https://ssl-config.mozilla.org/ intermediate settings
- fix perms on /etc/cron.d scripts
- fix OpenBLAS blas_thread_init: pthread_create failed...
- fix default API sandbox body format to JSON
- set Roundcube elastic skin as default
- switch on some Roundcube plugins (notifications most notably)
- fix multiple http queue inspections responses content-type errors (mostly ff affected)
- fix #704 setting connect_timeout to 60 (Kerio connect waits 30s+ by default)
- fix #701 add stats to API
- fix #697 js use "substr" instead of "substring"
2.1.11 - 20191001
- fix logger for Lets encrypt
2.1.10 - 20190930
- fix #691, fix #690 ACMEv2 certificate generation
2.1.9 - 20190920
- Roundcube 1.3.10!
- fix search icons in FF in wrong place
- nicer messages for relay limits
- allow caldav OPTIONS call unauthenticated
2.1.8 - 20190722
- fix #544 rcpt_database blocking already reversed SRSed senders
- ref #544 add autoreply targets filter
- fix #655 properly connect to IPv6 when doing connection diagnosis
- fix http 500 when generating summary from invalid dmarc reports
- fix postmaster+letsencrypt tag when sending alerts
- dependencies ugprade
- adjusting sabre/dav config
- + multiple minor enhancements
2.1.7 - 20190624
- fix #665 Roundcube leaks smtp logs
2.1.6 - 20190620
- fix #651 force 40 redirects if there is 0 due historic reasons
- fix #652 restrict events catching to queue-box only
- fix #653 add fallback for browsers not supporting html5 type="date"
- ref #656 add tagging to faq
- fix #658 empty domain generates exception
- roundcube 1.3.9
- experimental CalDAV+CarDAV implementation (Settings>Advanced>DAV)
2.1.5 - 20190426
- fix #626 internal change in redirects/domain-bins handling + add test for bug case
- missing reply when password mismatch
- apply limits per recipient rather than queued email
2.1.4 - 20190409
- fix #625 invalid absolute path for multiple binaries (+add tests)
- fix #628 revert ssl_cipher_list to stable value
- fix #630 add diffie hellman params to dovecot config
2.1.3 - 20190329
- fix #624 redirected emails are not properly logged
- fix #620 delete domain dkim button
- fix #623 lower clamav plugin timeouts to prevent reject
- fix #607 fix dovecot ssl settings
- ref #624 move callback past redis expire call
- Node.js 10
2.1.2 - 20190328
- fix #587 [UX] filled search field via js is not showing right numbers
- fix #593 rcpt_database multiplies checks with every recipient
- fix #588 [UX] add "search logs" to quarantined items
- fix #591 [UX] queue: "no items found" should be after ajax done
- fix #592 [UX] queue: "search logs" should search target email when bounce at least
- fix #587 [UX] filled search field via js is not showing right numbers
- fix #612 don't react on dovecot's stderr so strictly
- fix #608 doc typo
- fix missing validator on box's domain
- fix erroneous limit's autoblock of box account/domain
- log results in JSON for conn&tx (for future use)
- karma treshold set from -8 to -10 to avoid false positives
- updated chart.js to latest
- added latest version check
- poste.io is now built with drone.io!
2.1.1 - 20190203
- revert enabling Haraka outbound pools - in some cases it might block delivery
- fix #582 remove passwords even from debug
- fix #583 invalid escape at username regex html add form
- fix #581 set last selected domain to session
- fix #584 "submit & new" buttons at multiple place
- fix #585 don't except connections not sending rcpt
- move limits counter to hook_data not hook_mail
2.1.0 - 20190129
- fix #522 parse only one default interface
- fix #548 cont-init: proper chown server.ini
- fix #558 remove useless sieve_path getter
- fix #562 remove "0 = unlimited" notice from sieve settings label
- ref #559 randomize route results if there are multiple same routes
- fix #569 proper rights for /var/log/admin-app at cont-init
- fix #566 add missing dot to FQDNs at DNS diag
- fix #563 remove /webmail/ if -e DISABLE_ROUNDCUBE=true
- fix #546 allow download dmarc reports
- fix #543 sort and parse multiple deliveries to array at delivery log viewer
- fix #550 load multiple FS dependent counters only with ajax to make loading faster
- fix #549 advanced DMARC reporting
- fix #574 don't ever log passwords in communication debug
- fix #564 don't be strict on non-bruteforce and connect only clients
- fix error when listing non-existing DMARC directory as domain admin
- ability to set up custom reference ID per email box (for PRO only)
- make connection tests available to FREE
- add "me" SPF to dns server diagnostics
- fix relay limits transaction counting problem
- rspamd patch to make DMARC reports DKIM valid
- Dovecot 2.2 -> Dovecot 2.3
- more strict usernames, only characters allowed: A-Z, 0-9, _ and dot
- Queue manager
2.0.23 - 20181219
- fix not showing form errors for multiple fields #551 and #548
- fixed build errors with FREE image
2.0.21/22 - 20181218
- fix #542 disable karma for authenticated senders on port 25
- fix #545 filter only .xml files and delete *.gz
- fix #539 hset instead of hincr at guard to properly set lastseen
- fix #538 skip dmarc-reports rspamd check to
- fix #536 overlimit user is blocked but in invalid way
- fix #537 add bounce tag for missing mail from
- fix #523 add inspection plugin (add Subject to logs and can copy every email to some address)
- fix #533 add last seen to guard items
- fix #535 allow to produce and send DMARC reports
- fix #509 continue with checks after we forward domain (priv customer configuration)
- fix #528 multiple deleting problems - clearstatcache before creating symlink
- fix #529 config option to quarantine for misbehaving connections or disable entirely
- ref #531 multiple fixes of search ui
- fix #512 removing subnet from ip address from link in blocking email report
- fix #518 remove nginx auth subrequest body and length and properly link var/rspamd for saving rules
- fix #526 don't do SRS on bounce
- fix #522, #525 add HTTPS_PORT and HTTP_PORT settings to internal redirects also
- ref #520 add redis statistics cmd
- fix #524 forbid disabled users to use 587
- fix #515 missing /data/var/clamav directory creation
- fix #471 Sieve limits settings
- fix #508 add tooltips over flags with country name and code
- temporary disabled outbound polling (until queue and pools inspection will be done)
- missing dkim_verify haraka plugin enabled
- raised default value for block bad connections
- lot of small details
2.0.20 - 20181119
- ref #492 add missing validation for multiple fields
- fix #493 perms fixing for logrotate
- fix #494 don't change subject if email is going to be quarantined
- fix #492 match semicolon at munge_subject init also
- fix #495 add additional action for out of office filter
- add referenceId to user,domain (API only)
- prevent merging DMARC records with same IP but different results
- fix #491 [Haraka] removed huge penalty per email line
- [Haraka] don't send RST to dovecot LMTP (multiple fatal crashes)
- [Haraka] add rspamd, clamd local_ip exemption availability
2.0.19 - 20181101
- fix #486 and #487 added source IP test, connection testing at installation form
- ref #481 add HTTP_PORT and HTTPS_PORT env vars
- fix #485 add basic exception error 500 page for better support
- fix #483 add GeoIP flags
- fix #479 fully use localizednumber filter, in transchoices also
- fix #484 hide memory chart on older kernels without MemAvailable
- fix #475 [Cron] NUMBER OF HARD LINKS > 1
- fix #472 p0f find default interface
- fix #473 fix ajax loads and IP reverses
- fix #474 add default domain to roundcube
- ref #474 fix default domain loading
- fix #453 dashboard rework
- fix #424 more precise last message parsing
- fix #455 add xlist capability
- fix #461 use free_space < sqrt(total_space * 0.07) to trigger space warnings
- ref #461 move "email.regards" from pro to free translations
- fix #464 invalid order of folder GeoIP creation
- fix #466 properly purge all emails and attachments
- fix #470 /etd/dovecot/sieve permissions
- ref #441 initial implementation of login policy (http admin)
2.0.18 - 20180924
- IMPORTANT fix #450 cron is not running daily jobs (notices, cleaning...)
- fix #449 admin DNSBL check is not working
- fix #442 fix ownership only if parent directory has different owner → faster startup time
- fix #434 button to empty box
- fix #443 save last search through session
- fix #444 add used/available memory to status
- adding option to download and use MaxMind's GeoLite2
- send LE notice email immediately after cert renew before daemons restart
- smaller build due removing apt upgrade from top build layer (~11MB)
- design nitpicks
2.0.17 - 20180919
- fix #445 inaccessible new box link due js mutable variable
2.0.16 - 20180918
- fix #431 incorrect quota report when disabling
- fix #436 Rename vacation to "out of office"
- fix #415 lowercase all "email" keys in stats
- fix #417 RSPAMD UI requires password when accessed through reverse proxy
- fix sort DMARC summary report
- fix sum of DMARC summary reports
- fix invalid counting for "*" relay limits
- fix automatic build due failing sid-slim update
- spelling&typos
2.0.15 - 20180803
- fix #410 push relay subnets to submission also
- fix #410 raise sieve_max_redirects
- fix #412 broken log download
- fix #414 Add RSPAMD UI to administration
- fix #406 allow limiting IP ranges
- fix #411 move blacklist from IP to CIDR subnets
- fix #413 check if user is disabled at rcpt_database.js
- re-add port 465 for some legacy installation
- add default auth domain for haraka&dovecot
2.0.14 - 20180724
- fix #391 use combined cert with intermediate for Haraka
- fix #393 change headings font to Roboto slab
- fix #394 add checks if dmarc dir exist
- fix #359 ignore whitelisting for rcpt_database plugin
- fix #404 relaying limit search not working
- fix #403 add missingok for clamav logrotate
- fix #408 remove link to host_list to properly detect changes
- fix #6 add simple DMARC summary report
- fix spam untrain when moving to trash
- lot of text corrections
2.0.13 - 20180712
- fix #366 failing LMTP delivery keeps crashing worker
2.0.12 - 20180711
- fix #389 user unable to change password + test
- fix #385 added connection diagnostics
- fix multiple cron errors
- a lot of cosmetic and internal-only changes
2.0.11 - 20180703
- fix html escaping at Haraka bounce messages
- fix #333 adding low free space alert
- fix #334 adding low user quota alert
- fix #335 wording corrections
- fix #375 option to create 1024 bit dkim key
- fix #339 regular DNSBL test
- fix #379 sender blacklist/whitelist stat hook
- fix #378 wording corrections (Thanks again Scott, you are awesome!)
- fix tls port 587 autodiscovery for outlook
- move to debian:sid
- fix rights for compilable sieve scripts at /etc/dovecot/sieve (autolearn)
- fix #372 remove fixstates commands due breaking sync after restart
- storage usage for domains
- a lot of cosmetic and internal-only changes
2.0.9 - 20180618
- fix #362 path of s6-svc at logrotate
- fix #361 missing subtitle
- fix #364 block ylmf-pc clients
- fix #365 don't apply quota to localhost messages
- fix transaction log linking
- complete czech translation
- a lot of minor changes
2.0.8 - 20180606
- fix #356 rspamd not really rotating
- fix #355 privacy plugin strips headers for local targets
- fix #349 skip privacy plugin when delivering from remote source
- fix #353 off by one find interval fix at cronned tasks
- fix #345 separate outbound cipher list
- ref #347 disable rspamd graylisting entirely
- fix #350 missing user .dovecot.sieve cause 500 when editing
- fix #343 restrict forwarding/domain-bin to local domains only
- fix #345 optionally disable bad connection blocking
- fix #341 loading invalid settings
- add headers from p0f to email
- dovecot change antispam plugin to imap_sieve for spam learning
- remove relay networks and authed users from munge_subject
- added rspamd stats output
- translations moved to translation.keys (czech tranlation temporarily removed)
- early_talker disabled when relaying
- a lot of minor changes
2.0.7 - 20180521
- fix #330 cron errors
- fix #332 separated junk and trash cleaning
- fix #331 suggest hostname from system and add docker -h to getting started
- fix #311 ability to add custom haraka plugins (see https://poste.io/doc/extending-mailserver)
- fix #320 more consistent terminology (thanks Scott!)
- bump chartjs version, fixed charts direction + adding arrow
- fix #329 non-cached reverses moved to ajax
- fix #321 block_bad_connections has its own counters instead of depending on karma; plugin now counts wasted connections without sending emails only
- fix #328 admin notices system
- fix #326 implemented safety autoblock after reaching relay limit + notice to admin
- lot of minor changes
2.0.6 20180511
- fix #316 get rid of no such directory message when dir not exist
- fix #317 change labels, add suffixes, revisit tab javascript behaviour
- fix #225 in case of freshclam fail try to remove mirrors.dat and start again
- fix #318 error reporting on multiple cronjobs
- fix #277 fully implemented IDN + couple tests, Huray
2.0.5 20180510
- fix #306 write to localised date log filename
- fix #310 sanitize reverse hostname at logs
- fix #309 wording / phrasing
- fix #314 outlook autoconfig port
- fix #312 invalid API post box description
- fix #305 make privacy great again
- simplified and fixed docker cloud build with hooks
2.0.4 20180508
- fix #298 make cleaning configurable
- fix #132 maximal attachment size configurable
- fix #213 Trash and Junk are automatically deleted after configurable period
- fix #300 missing @Expose on domainAdmin variable
- fix #303 disable blocking for relaying
- fix #302 add pagination to quarantine + fix search
- fix #307 move button + add link to redirect add
- partially fix #305 set received_header to current hostname
- fix not working doveadm -A
- added link to changelog
- fix strict return types on some API calls causing internal error
- fix validation to allow asterisk for IP relay limits
- multiple build fixes
- typos
2.0.3 20180502
- fix #289 typos
- fix #297 invalid SMTP route port parsing
- fix #295 managesieved doesn't start due missing sieve in protocols
- fix build versioning for PRO version
2.0.2 20180427
- fix #231 strict "From:" vs "MAIL FROM:" vs username check - functionality which prevents forged From email header for authenticated users
- fix #285 roundcube autotest working again
- fix #224 API for checking email delivery status
- fix #76 API for Lets Encrypt control
2.0.1 20180423
- fix #279, #282 not working z-push and missing z-push test
- fix #278 change "block" label to "quarantine"
- fix #275 fixed paging at API
- fix #273 fixed outlook autodiscovery (thanks pcjmfranken!)
- fix #240 removed extra cert
- better build - smaller image size
2.0.0 20170119
- QPSMTPD → Haraka
- Qmail → Haraka
- Spamassassin → RSPAMD
- Better statistics (Haraka + Redis)
- More descriptive logs (thanks Haraka)
- Addedd relay limits (thanks Haraka)
- Addedd blacklist&whitelist (thanks Haraka)
- Addedd Quarantine (thanks Haraka)
- SRS
- lot of minor changes
1.0.7 20171120
- fix #238 Let's encrypt missing agreement
- minor fixes
1.0.6 20170703
- fix #150 adding default smtp route configuration (aka smarthost)
- fix #205 removing karma recipients check
- fix #207 DMARC parser
- fix #209 grep falsely marks some logs as binary
- added DCC and PYZOR
- fix #5 "?" in delivery logs mailaddress
- s/qmail used now for delivery
- a lot of minor fixes
1.0.5 20170620
- fix #202 server domains leaking to domain administrator redirect create form
- privacy plugin (removes client info for outgoing emails)
- smtp auth moved to database
- added stack test for roundcube and couple email headers
- updated to Ubuntu Zesty, hello to smaller image
- removed unnecessary packages to reduce attack surface
1.0.4 20170611
- fix #197 missing DKIM signatures
1.0.3 20170609
- fix #196 recipient log missing when sending through 587/465 introduced in previous version
- fix #80 domain forwarding
- fix #71 domain bin aka catch all address
- fix #133 recognizing filters inconsistency
1.0.2 2017067
- submission port separated to another qpsmtpd service with different setting (#192)
- RoundCube 1.2.5, SMTP set to port 587
- fix #191 slow loading of dashboard - moved to ajax
- fix #189 remember domain of last added box
- fix #188 better domain select drop down
1.0.1 20170411
- optimized administration loading speed
- #130: redirects not working created from API, removed requirement for passwordPlaintext
- #180: poste.c compilation warnings
- #181: CMD quota fix
- #182: leaking formating from CMD API
- #179 added link to administration from roundcube default template
- rewritten build system, added multiple functional tests of whole stack
1.0-beta-8 20170203
- updated to latest Ubuntu (OpenSSL vulnerabilities)
- RoundCube 1.2.3
- #143: RoundCube attachment size
1.0-beta-7 20161001
- #120: charts for SMTP&delivery on dashboard
- #108: added redirect field to API to allow "alias" creation
- #109: command line option to disable/enable account
- #112: removed IP from dashboard logs for better grouping
- #114: make spamassassin persistent
- #115: spelling
- #116: fixes some error messages when restarting container
- #126: added reverse DNS for IP in logs and log viewer
- #122: fixed error message in rcpt_database plugin
1.0-beta-6 20160830
- added attachments logging module for future blocking
- removed headers plugin from filters since it have no effect on spam
- sieve autoreply directed to SMTP for signing with DKIM
- reverted to forkserver since there are some strange situations where mailserver stop responding
- #113: adding missing modules for spamassassin
- #111: fixing regexps for chrome
- removed recent.spam.dnsbl.sorbs.net zone from dsnbl - banned proper mailservers like gmail
1.0-beta-5 20160808
- #96: moving DNSBL filter after AUTH
- #98: removing errornous weekly cron messages
- #103: removing errornous daily cron messages
- #102: Enigma plugin: Keys directory isn't writeable
- updating admin dependencies (mainly lescript)
1.0-beta-4 20160715
- fix #95: properly restart mail daemons
- fixing missing exposed port 80, 443
- fix #92: adding redirect from "/admin" to "/admin/"
- fix #97: wrong container IP message after start
1.0-beta-3 20160713
- #92: missing bootstrap.php.cache
- #93: no-penalty arg for socket auth communication (http://wiki2.dovecot.org/Design/AuthProtocol)
- #93: qpsmtpd forkserver -> prefork
- #93: enabled karma plugin for quicker pass earlytalker plugin if enough karma
- added robots.txt
- fixed croned processes (run-parts are not accepting *.sh files)
- disconnect immediately if client in DNSBL
1.0-beta-2 20160708
- #90: missing poste command
- #91: poste email:list, domain:list not working
- #47: Support for GPG, S/MIME in webmail
- fixed Let's encrypt auto-renew (limit set to 14 days)
1.0-beta 20160704
- fixed minor bugs and typos
- underlaying system changed to xenial
- removed Supervisor, added S6 provisioning layer
- simplified build process (-120MB on image)
- PHP5 → PHP7
- added changelog :)
0.1.1