From 23d2df7a9311289bdfbd9b128a5c073fa35a2188 Mon Sep 17 00:00:00 2001 From: Joshua Tauberer Date: Mon, 29 Jun 2015 20:58:35 -0400 Subject: [PATCH] v0.11 --------------------- Advisories: * Users can no longer spoof arbitrary email addresses in outbound mail. When sending mail, the email address configured in your mail client must match the SMTP login username being used, or the email address must be an alias with the SMTP login username listed as one of the alias's targets. * This update replaces your DKIM signing key with a stronger key. Because of DNS caching/propagation, mail sent within a few hours after this update could be marked as spam by recipients. If you use External DNS, you will need to update your DNS records. * The box will now install software from a new Mail-in-a-Box PPA on Launchpad.net, where we are distributing two of our own packages: a patched postgrey and dovecot-lucene. Mail: * Greylisting will now let some reputable senders pass through immediately. * Searching mail (via IMAP) will now be much faster using the dovecot lucene full text search plugin. * Users can no longer spoof arbitrary email addresses in outbound mail (see above). * Fix for deleting admin@ and postmaster@ addresses. * Roundcube is updated to version 1.1.2, plugins updated. * Exchange/ActiveSync autoconfiguration was not working on all devices (e.g. iPhone) because of a case-sensitive URL. * The DKIM signing key has been increased to 2048 bits, from 1024, replacing the existing key. Web: * 'www' subdomains now automatically redirect to their parent domain (but you'll need to install an SSL certificate). * OCSP no longer uses Google Public DNS. * The installed PHP version is no longer exposed through HTTP response headers, for better security. DNS: * Default IPv6 AAAA records were missing since version 0.09. Control panel: * Resetting a user's password now forces them to log in again everywhere. * Status checks were not working if an ssh server was not installed. * SSL certificate validation now uses the Python cryptography module in some places where openssl was used. * There is a new tab to show the installed version of Mail-in-a-Box and to fetch the latest released version. System: * The munin system monitoring tool is now installed and accessible at /admin/munin. * ownCloud updated to version 8.0.4. The ownCloud installation step now is reslient to download problems. The ownCloud configuration file is now stored in STORAGE_ROOT to fix loss of data when moving STORAGE_ROOT to a new machine. * The setup scripts now run `apt-get update` prior to installing anything to ensure the apt database is in sync with the packages actually available. --- CHANGELOG.md | 5 +++-- README.md | 2 +- setup/bootstrap.sh | 2 +- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 972c69fb..20552339 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,12 +1,13 @@ CHANGELOG ========= -In Development --------------- +v0.11 (June 29, 2015) +--------------------- Advisories: * Users can no longer spoof arbitrary email addresses in outbound mail. When sending mail, the email address configured in your mail client must match the SMTP login username being used, or the email address must be an alias with the SMTP login username listed as one of the alias's targets. * This update replaces your DKIM signing key with a stronger key. Because of DNS caching/propagation, mail sent within a few hours after this update could be marked as spam by recipients. If you use External DNS, you will need to update your DNS records. +* The box will now install software from a new Mail-in-a-Box PPA on Launchpad.net, where we are distributing two of our own packages: a patched postgrey and dovecot-lucene. Mail: * Greylisting will now let some reputable senders pass through immediately. diff --git a/README.md b/README.md index fc4eaaa2..b7a84e78 100644 --- a/README.md +++ b/README.md @@ -57,7 +57,7 @@ I sign the release tags on git. To verify that a tag is signed by me, you can pe $ cd mailinabox # Verify the tag. - $ git verify-tag v0.10 + $ git verify-tag v0.11 gpg: Signature made ..... using RSA key ID C10BDD81 gpg: Good signature from "Joshua Tauberer " gpg: WARNING: This key is not certified with a trusted signature! diff --git a/setup/bootstrap.sh b/setup/bootstrap.sh index 65a37d9b..968a2821 100644 --- a/setup/bootstrap.sh +++ b/setup/bootstrap.sh @@ -7,7 +7,7 @@ ######################################################### if [ -z "$TAG" ]; then - TAG=v0.10 + TAG=v0.11 fi # Are we running as root?