Commit Graph

58 Commits

Author SHA1 Message Date
Joshua Tauberer 3b6f7250ee v0.13
v0.13 (August 19, 2015)
-----------------------

Mail:

* Outbound mail headers (the Recieved: header) are tweaked to possibly improve deliverability.
* Some MIME messages would hang Roundcube due to a missing package.
* The users permitted to send as an alias can now be different from where an alias forwards to.

DNS:

* The secondary nameservers option in the control panel now accepts more than one nameserver and a special xfr:IP format to specify zone-transfer-only IP addresses.
* A TLSA record is added for HTTPS for DNSSEC-aware clients that support it.

System:

* Backups can now be turned off, or stored in Amazon S3, through new control panel options.
* Munin was not working on machines confused about their hostname.
* ownCloud updated to version 8.1.1, its memcached caching enabled.
* When upgrading, network checks like blocked port 25 are now skipped.
* Tweaks to the intrusion detection rules for IMAP.
* Mail-in-a-Box's setup is a lot quieter, hiding lots of irrelevant messages.

Control panel:

* SSL certificate checks were failing on OVH/OpenVZ servers due to missing /dev/stdin.
* Improve the sort order of the domains in the status checks.
* Some links in the control panel were only working in Chrome.
2015-08-19 16:37:18 -04:00
Joshua Tauberer 1b26632bb4 readme tweaks 2015-08-17 08:20:31 -04:00
Joshua Tauberer c23a34d475 tweak README 2015-08-14 17:11:32 -04:00
Joshua Tauberer 1b00184c89 v0.12c release to work-around Sourceforge outage 2015-07-19 08:30:03 -04:00
Joshua Tauberer 34b7638342 v0.12b 2015-07-04 11:31:51 -04:00
Joshua Tauberer b503ea1cf7 v0.12
--------------------

This is a minor update to v0.11, which was a major update. Please read v0.11's advisories.

* The administrator@ alias was incorrectly created starting with v0.11. If your first install was v0.11, check that the administrator@ alias forwards mail to you.
* Intrusion detection rules (fail2ban) are relaxed (i.e. less is blocked).
* SSL certificates could not be installed for the new automatic 'www.' redirect domains.
* PHP's default character encoding is changed from no default to UTF8. The effect of this change is unclear but should prevent possible future text conversion issues.
* User-installed SSL private keys in the BEGIN PRIVATE KEY format were not accepted.
* SSL certificates with SAN domains with IDNA encoding were broken in v0.11.
* Some IDNA functionality was using IDNA 2003 rather than IDNA 2008.
2015-07-03 10:34:33 -04:00
Joshua Tauberer 23d2df7a93 v0.11
---------------------

Advisories:
* Users can no longer spoof arbitrary email addresses in outbound mail. When sending mail, the email address configured in your mail client must match the SMTP login username being used, or the email address must be an alias with the SMTP login username listed as one of the alias's targets.
* This update replaces your DKIM signing key with a stronger key. Because of DNS caching/propagation, mail sent within a few hours after this update could be marked as spam by recipients. If you use External DNS, you will need to update your DNS records.
* The box will now install software from a new Mail-in-a-Box PPA on Launchpad.net, where we are distributing two of our own packages: a patched postgrey and dovecot-lucene.

Mail:
* Greylisting will now let some reputable senders pass through immediately.
* Searching mail (via IMAP) will now be much faster using the dovecot lucene full text search plugin.
* Users can no longer spoof arbitrary email addresses in outbound mail (see above).
* Fix for deleting admin@ and postmaster@ addresses.
* Roundcube is updated to version 1.1.2, plugins updated.
* Exchange/ActiveSync autoconfiguration was not working on all devices (e.g. iPhone) because of a case-sensitive URL.
* The DKIM signing key has been increased to 2048 bits, from 1024, replacing the existing key.

Web:
* 'www' subdomains now automatically redirect to their parent domain (but you'll need to install an SSL certificate).
* OCSP no longer uses Google Public DNS.
* The installed PHP version is no longer exposed through HTTP response headers, for better security.

DNS:
* Default IPv6 AAAA records were missing since version 0.09.

Control panel:
* Resetting a user's password now forces them to log in again everywhere.
* Status checks were not working if an ssh server was not installed.
* SSL certificate validation now uses the Python cryptography module in some places where openssl was used.
* There is a new tab to show the installed version of Mail-in-a-Box and to fetch the latest released version.

System:
* The munin system monitoring tool is now installed and accessible at /admin/munin.
* ownCloud updated to version 8.0.4. The ownCloud installation step now is reslient to download problems. The ownCloud configuration file is now stored in STORAGE_ROOT to fix loss of data when moving STORAGE_ROOT to a new machine.
* The setup scripts now run `apt-get update` prior to installing anything to ensure the apt database is in sync with the packages actually available.
2015-06-29 20:58:35 -04:00
Joshua Tauberer 1cd97d46a2 press hit 2015-06-27 10:10:33 -04:00
Joshua Tauberer d152603abd changelog entries and mention our forks of postgrey and dovecot in the README 2015-06-10 09:27:29 -04:00
Joshua Tauberer a1c7bf0883 add munin to readme 2015-06-06 12:55:13 +00:00
Joshua Tauberer 47a5a44b9e v0.10
* SMTP Submission (port 587) began offering the insecure SSLv3 protocol due to a misconfiguration in the previous version.
* Roundcube now allows persistent logins using Roundcube-Persistent-Login-Plugin.
* ownCloud is updated to version 8.0.3.
* SPF records for non-mail domains were tightened.
* The minimum greylisting delay has been reduced from 5 minutes to 3 minutes.
* Users and aliases weren't working if they were entered with any uppercase letters. Now only lowercase is allowed.
* After installing an SSL certificate from the control panel, the page wasn't being refreshed.
* Backups broke if the box's hostname was changed after installation.
* Dotfiles (i.e. .svn) stored in ownCloud Files were not accessible from ownCloud's mobile/desktop clients.
* Fix broken install on OVH VPS's.
2015-06-01 18:05:41 -04:00
BrianZachary 603fb1c698 Update README.md
Added latest front page appearance of Mail-In-A-Box to README.md
2015-05-29 16:43:14 -04:00
Joshua Tauberer 69de67b1c2 link security.md from the readme 2015-05-28 21:41:23 -04:00
Joshua Tauberer 8ba5f2ffa7 add security.md and clean up README 2015-05-22 16:53:13 -04:00
Joshua Tauberer c999c6082f tweak unhackable language, see #402 2015-05-19 11:18:53 -04:00
Joshua Tauberer 5aa0bf2d14 add instructions for verifying the signed tags to the README 2015-04-01 10:38:09 -04:00
Joshua Tauberer 145186a6b6 link to Modoboa in README 2014-09-26 08:20:13 -04:00
Waldir Pimenta 48bb8a90d2 add link to contributors, remove duplicate "to"s 2014-09-14 01:45:10 +01:00
Joshua Tauberer 85d4fad030 add Hacker News links to README 2014-09-07 10:59:20 -04:00
Joshua Tauberer 954a234aa9 move website link to the top of README 2014-09-07 07:24:50 -04:00
Joshua Tauberer c7a2aad0f8 tweak readme to emphasize not being customizable 2014-09-03 11:10:30 -04:00
Joshua Tauberer 10a37cd033 add SSHFP records to DNS 2014-08-27 12:59:40 +00:00
Joshua Tauberer 5d42c125eb update the first goal to match what's on the website: s/email appliance/easy email/ 2014-08-23 18:09:07 -04:00
Joshua Tauberer de864b998b fix double negation in README, fixes #154 2014-08-23 18:08:03 -04:00
Joshua Tauberer 6b52105b62 update features list in README 2014-08-19 15:11:52 +00:00
Joshua Tauberer b30d7ad80a web-based administrative UI
closes #19
2014-08-17 22:46:06 +00:00
Joshua Tauberer 04454b35c6 (merge) CardDAV, CalDAV via ownCloud and move to z-push fork fork
Merges branch 'owncloud' of github.com:jkaberg/mailinabox
which is pull request #135, closes #135

thanks @jkaberg, @fmbiete, @owncloud
2014-08-17 15:31:08 -04:00
Joshua Tauberer 73b2751dc4 credit myself since it's not apparent who runs the project once it's been forked 2014-08-16 10:20:57 -04:00
Joshua Tauberer e1606df237 s/joshdata/mailinabox/ due to repo moving to the org account 2014-08-16 13:16:01 +00:00
Joshua Tauberer ce4505b72b remove owncloud step from README, no longer needed since 398b538e2b 2014-08-16 12:14:57 +00:00
Joshua Tauberer 791e68a3af automate more of the initial configuration 2014-08-12 13:29:44 +00:00
Joshua Tauberer 9d6dc78b15 keep Roundcube working too, put owncloud at /cloud rather than at / 2014-08-12 13:29:43 +00:00
jkaberg 31dda3b425 update readme to advise user on what to do next 2014-08-12 12:34:02 +02:00
Joshua Tauberer 05664f0a3b have the README refer to the website for details 2014-07-06 11:31:17 -04:00
Joshua Tauberer e70bc50432 README parallel sentence structure 2014-06-22 00:34:49 +00:00
Joshua Tauberer 94a140a27a linkify README 2014-06-18 23:04:06 -04:00
Joshua Tauberer 0f72f78eea add DNSSEC/DANE TLSA to the README 2014-06-19 02:23:07 +00:00
Joshua Tauberer e18c51293d update News Challenge status in README 2014-06-10 18:48:12 -04:00
Joshua Tauberer da15ae5375 rename the scripts directory to setup 2014-06-03 11:12:38 +00:00
Joshua Tauberer f91830f0e3 clean up README a bit; moving the bit Rationale into the github wiki 2014-05-15 08:57:44 -04:00
Joshua Tauberer 52fe6922ee add warnings about using a fresh machine because I wont support installing this on an existing machine 2014-04-26 12:08:17 +00:00
Joshua Tauberer bb62c433fc minor fixes to comments, argument order (consistency?), the github URL changed long ago 2014-04-25 12:25:07 +00:00
Joshua Tauberer beae591a0e messed up markdown in the README, in 263fdb15f9 2014-04-24 17:15:42 +00:00
Joshua Tauberer 263fdb15f9 refine the goals in the README 2014-04-24 10:59:02 -04:00
Joshua Tauberer be39f50aeb acknowledge iRedMail 2014-04-23 12:49:04 -04:00
Joshua Tauberer 304bf3d360 update for Ubuntu 14.04 2014-04-17 20:17:24 -04:00
Joshua Tauberer d4465d7ea3 paste my KNC entry into the README, move docs to a new file 2014-03-16 17:38:05 -04:00
vzvenyach c63d470b22 Typo
In your domain name.
2014-03-16 16:30:26 -04:00
Joshua Tauberer b770c5370b web and roundcube webmail 2013-09-07 16:53:25 -04:00
Joshua Tauberer 43f4ef94b7 if I'm going to credit @shevski, I should also mention @konklone 2013-09-05 15:34:25 -04:00