mirror of
https://github.com/mail-in-a-box/mailinabox.git
synced 2024-11-26 02:57:04 +00:00
v0.14
v0.14 (November 4, 2015) ------------------------ Mail: * Spamassassin's network-based tests (Pyzor, others) and DKIM tests are now enabled. (Pyzor had always been installed but was not active due to a misconfiguration.) * Moving spam out of the Spam folder and into Trash would incorrectly train Spamassassin that those messages were not spam. * Automatically create the Sent and Archive folders for new users. * The HTML5_Notifier plugin for Roundcube is now included, which when turned on in Roundcube settings provides desktop notifications for new mail. * The Exchange/ActiveSync backend Z-Push has been updated to fix a problem with CC'd emails not being sent to the CC recipients. Calender/Contacts: * CalDAV/CardDAV and Exchange/ActiveSync for calendar/contacts wasn't working in some network configurations. Web: * When a new domain is added to the box, rather than applying a new self-signed certificate for that domain, the SSL certificate for the box's primary hostname will be used instead. * If a custom DNS record is set on a domain or 'www'+domain, web would not be served for that domain. If the custom DNS record is just the box's IP address, that's a configuration mistake, but allow it and let web continue to be served. * Accommodate really long domain names by increasing an nginx setting. Control panel: * Added an option to check for new Mail-in-a-Box versions within status checks. It is off by default so that boxes don't "phone home" without permission. * Added a random password generator on the users page to simplify creating new accounts. * When S3 backup credentials are set, the credentials are now no longer ever sent back from the box to the client, for better security. * Fixed the jumpiness when a modal is displayed. * Focus is put into the login form fields when the login form is displayed. * Status checks now include a warning if a custom DNS record has been set on a domain that would normally serve web and as a result that domain no longer is serving web. * Status checks now check that secondary nameservers, if specified, are actually serving the domains. * Some errors in the control panel when there is invalid data in the database or an improperly named archived user account have been suppressed. * Added subresource integrity attributes to all remotely-sourced resources (i.e. via CDNs) to guard against CDNs being used as an attack vector. System: * Tweaks to fail2ban settings. * Fixed a spurrious warning while installing munin.
This commit is contained in:
parent
3fd1279e7d
commit
57b4c685df
@ -1,8 +1,8 @@
|
|||||||
CHANGELOG
|
CHANGELOG
|
||||||
=========
|
=========
|
||||||
|
|
||||||
In Development
|
v0.14 (November 4, 2015)
|
||||||
--------------
|
------------------------
|
||||||
|
|
||||||
Mail:
|
Mail:
|
||||||
|
|
||||||
|
12
README.md
12
README.md
@ -54,23 +54,25 @@ Clone this repository:
|
|||||||
$ cd mailinabox
|
$ cd mailinabox
|
||||||
|
|
||||||
_Optional:_ Download my PGP key and then verify that the sources were signed
|
_Optional:_ Download my PGP key and then verify that the sources were signed
|
||||||
by me. You'll get a lot of warnings, but the fingerprint should match the
|
by me:
|
||||||
fingerprint in the key details at [https://keybase.io/joshdata](https://keybase.io/joshdata)
|
|
||||||
and on my [personal homepage](https://razor.occams.info/). (Of course, if this repository has been compromised you can't trust these instructions anyway.)
|
|
||||||
|
|
||||||
$ curl -s https://keybase.io/joshdata/key.asc | gpg --import
|
$ curl -s https://keybase.io/joshdata/key.asc | gpg --import
|
||||||
gpg: key C10BDD81: public key "Joshua Tauberer <jt@occams.info>" imported
|
gpg: key C10BDD81: public key "Joshua Tauberer <jt@occams.info>" imported
|
||||||
|
|
||||||
$ git verify-tag v0.13b
|
$ git verify-tag v0.14
|
||||||
gpg: Signature made ..... using RSA key ID C10BDD81
|
gpg: Signature made ..... using RSA key ID C10BDD81
|
||||||
gpg: Good signature from "Joshua Tauberer <jt@occams.info>"
|
gpg: Good signature from "Joshua Tauberer <jt@occams.info>"
|
||||||
gpg: WARNING: This key is not certified with a trusted signature!
|
gpg: WARNING: This key is not certified with a trusted signature!
|
||||||
gpg: There is no indication that the signature belongs to the owner.
|
gpg: There is no indication that the signature belongs to the owner.
|
||||||
Primary key fingerprint: 5F4C 0E73 13CC D744 693B 2AEA B920 41F4 C10B DD81
|
Primary key fingerprint: 5F4C 0E73 13CC D744 693B 2AEA B920 41F4 C10B DD81
|
||||||
|
|
||||||
|
You'll get a lot of warnings, but that's OK. Check that the primary key fingerprint matchs the
|
||||||
|
fingerprint in the key details at [https://keybase.io/joshdata](https://keybase.io/joshdata)
|
||||||
|
and on my [personal homepage](https://razor.occams.info/). (Of course, if this repository has been compromised you can't trust these instructions.)
|
||||||
|
|
||||||
Checkout the tag corresponding to the most recent release:
|
Checkout the tag corresponding to the most recent release:
|
||||||
|
|
||||||
$ git checkout v0.13b
|
$ git checkout v0.14
|
||||||
|
|
||||||
Begin the installation.
|
Begin the installation.
|
||||||
|
|
||||||
|
@ -7,7 +7,7 @@
|
|||||||
#########################################################
|
#########################################################
|
||||||
|
|
||||||
if [ -z "$TAG" ]; then
|
if [ -z "$TAG" ]; then
|
||||||
TAG=v0.13b
|
TAG=v0.14
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Are we running as root?
|
# Are we running as root?
|
||||||
|
Loading…
Reference in New Issue
Block a user