Commit Graph

186 Commits

Author SHA1 Message Date
John Supplee a05a33051e Increment quota version to 0.19-beta 2019-10-04 17:46:10 +02:00
John R. Supplee 105a07e276 Update README 2019-09-02 18:40:52 -04:00
John R. Supplee 4686c8cd25 v0.43 (September 1, 2019)
-------------------------
 
 Security fixes:
 
 * A security issue was discovered in rsync backups. If you have enabled rsync backups, the file `id_rsa_miab` may have been copied to your backup destination. This file can be used to access your backup destination. If the file was copied to your backup destination, we recommend that you delete the file on your backup destination, delete `/root/.ssh/id_rsa_miab` on your Mail-in-a-Box, then re-run Mail-in-a-Box setup, and re-configure your SSH public key at your backup destination according to the instructions in the Mail-in-a-Box control panel.
 * Brute force attack prevention was missing for the managesieve service.
 
 Setup:
 
 * Nextcloud was not upgraded properly after restoring Mail-in-a-Box from a backup from v0.40 or earlier.
 
 Mail:
 
 * Upgraded Roundcube to 1.3.10.
 * Fetch an updated whitelist for greylisting on a monthly basis to reduce the number of delayed incoming emails.
 
 Control panel:
 
 * When using secondary DNS, it is now possible to specify a subnet range with the `xfr:` option.
 * Fixed an issue when the secondary DNS option is used and the secondary DNS hostname resolves to multiple IP addresses.
 * Fix a bug in how a backup configuration error is shown.
 -----BEGIN PGP SIGNATURE-----
 
 iQFDBAABCgAtFiEEX0wOcxPM10RpOyrquSBB9MEL3YEFAl1rrwIPHGp0QG9jY2Ft
 cy5pbmZvAAoJELkgQfTBC92BgckIALFnDFxhQ18MtClpi79+rnl1aA5DqbToCuI2
 MHIAOmxIVSavnd5MZZ3efXWAzIniEpbq0X+6Rlzas5lkreT1mHoJsKdkt0bOqy1a
 ZF2vT5UnUM9cwPHkU1ak/TaD9v97wbHpWWGwAK+/zTL6w1ReCVfQ2QzCzoDaY7xh
 OZFXE+YsaI7qZeG3Q4jfFr0IYDowLgjgBpdWvO71QKzWjIIvBNX1ZGt2r+cuKmQ5
 JOXIAR4fdri0p8dMd2sqq0FatBBCfjHDBykA/+GzJJDBX7MNoZsQT3bowrhj8XPS
 f5cKUKm7zlDsm02bfCtDD6nvYYUxvOdQx7yfdL8RYSdy71Chs20=
 =7M/i
 -----END PGP SIGNATURE-----

Merge tag 'v0.43' of https://github.com/mail-in-a-box/mailinabox

v0.43 (September 1, 2019)
-------------------------

Security fixes:

* A security issue was discovered in rsync backups. If you have enabled rsync backups, the file `id_rsa_miab` may have been copied to your backup destination. This file can be used to access your backup destination. If the file was copied to your backup destination, we recommend that you delete the file on your backup destination, delete `/root/.ssh/id_rsa_miab` on your Mail-in-a-Box, then re-run Mail-in-a-Box setup, and re-configure your SSH public key at your backup destination according to the instructions in the Mail-in-a-Box control panel.
* Brute force attack prevention was missing for the managesieve service.

Setup:

* Nextcloud was not upgraded properly after restoring Mail-in-a-Box from a backup from v0.40 or earlier.

Mail:

* Upgraded Roundcube to 1.3.10.
* Fetch an updated whitelist for greylisting on a monthly basis to reduce the number of delayed incoming emails.

Control panel:

* When using secondary DNS, it is now possible to specify a subnet range with the `xfr:` option.
* Fixed an issue when the secondary DNS option is used and the secondary DNS hostname resolves to multiple IP addresses.
* Fix a bug in how a backup configuration error is shown.
2019-09-02 18:39:23 -04:00
Joshua Tauberer 9e29564f48 v0.43 2019-09-01 07:43:47 -04:00
John R. Supplee 7636a7b40b Update README for v0.42b 2019-08-28 17:50:38 -04:00
John R. Supplee 32a0b0467f v0.42b (August 3, 2019)
-----------------------
 
 Changes:
 
 * Decreased the minimum supported RAM to 502 Mb.
 * Improved mail client autoconfiguration.
 * Added support for S3-compatible backup services besides Amazon S3.
 * Fixed the control panel login page to let LastPass save passwords.
 * Fixed an error in the user privileges API.
 * Silenced some spurrious messages.
 
 Software updates:
 
 * Upgraded Roundcube from 1.3.8 to 1.3.9.
 * Upgraded Nextcloud from 14.0.6 to 15.0.8 (with Contacts from 2.1.8 to 3.1.1 and Calendar from 1.6.4 to 1.6.5).
 * Upgraded Z-Push from 2.4.4 to 2.5.0.
 
 Note that v0.42 (July 4, 2019) was pulled shortly after it was released to fix a Nextcloud upgrade issue.
 -----BEGIN PGP SIGNATURE-----
 
 iQFDBAABCgAtFiEEX0wOcxPM10RpOyrquSBB9MEL3YEFAl1FrScPHGp0QG9jY2Ft
 cy5pbmZvAAoJELkgQfTBC92BCvgH/AieqUcy/ujFML4YeIKY/ThQNFdI6VUO0b4b
 QBzR9ixc9ctp6qV+wVfnL22xO4V2rcO/eMAKMc6AzOw6E97iWHtK/4L2fmRYXclw
 arln7LokFTczSp1J29ldRjCYMn3dOS1IvBRJe8JWvFNdQY6gGaGrhqV/nCIECOWP
 sJsJ/sPv2d4ZapbQtfqBh2WiLADNf1CSmDpkCXwS9Va+XstVeprIk1Kbsy8z5L8K
 0cFZWxiWTB/hgHD/BqUNxrzB5mS4fCyr9c9g+OIjZFeoF/olYPp4SsEFHPQ604YG
 qRupfjdG1bWHUpTT5lvG1AVIIPJPnvFk/Ctk1iQiYSU5BzbvKz8=
 =4QdN
 -----END PGP SIGNATURE-----

Merge tag 'v0.42b' of https://github.com/mail-in-a-box/mailinabox

v0.42b (August 3, 2019)
-----------------------

Changes:

* Decreased the minimum supported RAM to 502 Mb.
* Improved mail client autoconfiguration.
* Added support for S3-compatible backup services besides Amazon S3.
* Fixed the control panel login page to let LastPass save passwords.
* Fixed an error in the user privileges API.
* Silenced some spurrious messages.

Software updates:

* Upgraded Roundcube from 1.3.8 to 1.3.9.
* Upgraded Nextcloud from 14.0.6 to 15.0.8 (with Contacts from 2.1.8 to
3.1.1 and Calendar from 1.6.4 to 1.6.5).
* Upgraded Z-Push from 2.4.4 to 2.5.0.

Note that v0.42 (July 4, 2019) was pulled shortly after it was released
to fix a Nextcloud upgrade issue.

5F4C0E7313CCD744693B2AEAB92041F4C10BDD81
2019-08-28 17:26:00 -04:00
Joshua Tauberer e37768ca86 v0.42b 2019-08-03 11:49:32 -04:00
Joshua Tauberer 39fd4ce16c v0.42 2019-07-04 21:34:55 -04:00
John Supplee 0f7bbe0dde
Update README.md 2019-04-15 16:34:56 +02:00
John Supplee e64595fc67 New version to tag with annotated tag 2019-03-30 14:23:38 +02:00
John Supplee 4c9548edaa change project status to beta 2019-03-30 13:58:54 +02:00
John Supplee adf7a31866 Update README and bump the version 2019-02-27 15:02:11 +02:00
John Supplee 4cbf05187c Merge branch 'master' of https://github.com/mail-in-a-box/mailinabox into devel 2019-02-27 12:52:41 +02:00
Joshua Tauberer dd7a2aa8a6 v0.41 2019-02-26 18:17:50 -05:00
John Supplee 2b70277a35 Update README instructions for installing and upgrading 2019-02-15 16:08:06 +02:00
John Supplee 7f8336e459 Fix bug with quota input that prevented adding users 2019-02-11 16:10:09 +02:00
John Supplee 53d1c1e4e9 Release new version v0.40-quota-0.15-alpha 2019-02-06 12:58:05 +02:00
John Supplee 44a31733ac update latest version and update README 2019-02-05 13:36:53 +02:00
John Supplee 937ef47c2a Remove default quota support from the TODOs 2019-02-01 21:51:49 +02:00
John Supplee 6964ed238a Show correct reference for updating versions 2019-02-01 19:01:59 +02:00
John Supplee 2c6aea24cb Update README to reflect the latest changes 2019-02-01 18:38:00 +02:00
John Supplee 7874683618 Add percentage used and update tools/mail.py to set quotas 2019-02-01 15:36:27 +02:00
John Supplee 6de34b0464 Update README to have section for installation and upgrading 2019-01-31 12:28:32 +02:00
John Supplee 9a9e0116a1 Update to version v0.40-quota-0.12-alpha 2019-01-31 10:23:42 +02:00
John Supplee 863e8895a0 Add the quota column to the users table 2019-01-30 17:14:48 +02:00
John Supplee 98e04bb11f Update README for first alpha release 2019-01-30 12:52:02 +02:00
John Supplee 2bebd727c2 Fix README 2019-01-30 10:47:07 +02:00
John Supplee fbf990092c Add progress to README 2019-01-30 09:44:23 +02:00
John Supplee a8f02c1eb0 Fix problems with users that do not have maildirsize file 2019-01-30 00:01:16 +02:00
John Supplee 832d2ca375 Update README to note support for control panel 2019-01-28 23:38:04 +02:00
John Supplee e2d71d4636
Fix typo 2019-01-28 17:30:21 +02:00
John Supplee 907c05299c Add quota support 2019-01-28 09:24:09 +02:00
Joshua Tauberer c7659d9053 v0.40 2019-01-12 08:24:15 -05:00
Joshua Tauberer a3add03706 Merge branch 'master' into ubuntu_bionic 2019-01-09 07:00:44 -05:00
Joshua Tauberer 7b592b1e99 v0.30 - the last Ubuntu 14.04 release 2019-01-09 06:31:56 -05:00
Joshua Tauberer 0d4565e71d merge master branch 2018-12-02 18:19:15 -05:00
Joshua Tauberer 16f38042ec v0.29 released, closes #1440 2018-10-24 16:12:25 -04:00
Joshua Tauberer bc4bdca752 update reference to Ubuntu 14.04 to 18.04 in README.md and security.md and drop mentions of our custom packages that we no longer maintain 2018-10-03 13:00:15 -04:00
Joshua Tauberer 738e0a6e17 v0.28 released, closes #1405 2018-07-30 11:14:38 -04:00
Joshua Tauberer 0c0a079354 v0.27 2018-06-14 07:49:20 -04:00
Joshua Tauberer ae73dc5d30 v0.26c 2018-02-13 10:46:02 -05:00
yeah 6162a9637c Add some development instructions to CONTRIBUTING.md (#1348) 2018-02-05 08:41:19 -05:00
Joshua Tauberer ec3aab0eaa v0.26b 2018-01-25 09:27:17 -05:00
Joshua Tauberer b5c0736d27 release v0.26 2018-01-18 17:10:23 -05:00
Joshua Tauberer 8944cd7980 v0.25 2017-11-15 11:27:00 -05:00
Joshua Tauberer 00898b2ff5 v0.24 2017-10-03 10:49:04 -04:00
Joshua Tauberer 4c36d6e6c9 release v0.23a 2017-05-31 07:42:18 -04:00
Joshua Tauberer a13fd90347 v0.23 2017-05-30 06:50:42 -04:00
Joshua Tauberer 9c9dcdbf0a update README to link to http://z-push.org/ now that we are on the main line 2017-04-24 17:34:53 -04:00
Joshua Tauberer 10bf40250b merge #1121 - migration from ownCloud to Nextcloud
branch 'nextcloud' of https://github.com/yeah/mailinabox
2017-04-02 07:47:31 -04:00
Joshua Tauberer 453091f1fb v0.22 released 2017-04-02 07:34:14 -04:00
Jan Schulz-Hofen 48e0f39179 Rename ownCloud to Nextcloud in safe places
e.g. code comments and user-facing prompts/outputs which can be safely changed without risking to break anything
2017-04-02 11:19:21 +02:00
Joshua Tauberer 3c05fc94ff v0.21c 2017-02-01 11:01:11 -05:00
Joshua Tauberer ab2367e98a v0.21b 2016-12-05 17:36:11 -05:00
Joshua Tauberer df93d82d0f v0.21 released 2016-11-30 12:42:24 -05:00
Christian Koptein 59913a5e4c Added Hacker-News Reference Nov 2016 (#1014) 2016-11-28 07:24:57 -05:00
Joshua Tauberer 4e4fe90fc7 v0.20 2016-09-23 07:49:13 -04:00
Joshua Tauberer 27b4edfc76 v0.19b
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJXuHvJAAoJELkgQfTBC92B2IsIAJl+tQkkVp5cu4zuSLOpHj73
 LFGGCrGTSMwuyNbnklkLmLIfRxlmNfHNfQqHYhxJQq7JVLuDRJS2rTJnSWGg4PuE
 vyrjOEFNNqFp9cy00j6NMUUcJa4kte4cvMg3Sonz7JkVwS3fxp7hSgZknYOjlLvh
 R/FmrqVhpDtTZRtMjcQaCtCTWUEETYFLsJZ2iZkIlpGhoxPGEhKZquNrT0s3qrNv
 Rwf6O3i9RIS/bOu2lWI+ymdStPVJnn+deRTBWPpsxXdNC/NG9+gWiqGgRnjTBbMO
 uzH1hYct+J6TWeNpesECfMMjTOZ+T7yrRJc1s9ThuLokyAlo9yf4E5YFziZ0hi4=
 =JxNp
 -----END PGP SIGNATURE-----

merge v0.19b hot fix release
2016-08-20 11:50:26 -04:00
Joshua Tauberer ba75ff7820 v0.19b 2016-08-20 11:48:08 -04:00
Joshua Tauberer 86457e5bc4 merge: fail2ban broke, released v0.19a 2016-08-18 08:39:31 -04:00
Joshua Tauberer 7c9f3e0b23 v0.19a 2016-08-18 08:36:28 -04:00
Joshua Tauberer 8cf2e468bd [merge #900] Adding a Code of Conduct
Merge pull request #900 from mail-in-a-box/code_of_conduct
2016-08-15 20:10:37 -04:00
ReadmeCritic 4f2d16a31d Update README URLs based on HTTP redirects (#908) 2016-08-15 11:07:09 -04:00
Joshua Tauberer cdd0a821eb v0.19
closes #898
2016-08-13 17:27:10 -04:00
Joshua Tauberer d38b732b0a add a Code of Conduct 2016-08-08 08:19:42 -04:00
Joshua Tauberer 6666d28c44 v0.18c 2016-06-02 15:47:45 -04:00
Joshua Tauberer 867d9c4669 v0.18b 2016-05-16 07:17:20 -04:00
Joshua Tauberer 94b7c80792 v0.18 2016-05-15 20:41:31 -04:00
Joshua Tauberer 86881c0107 v0.17c 2016-04-01 07:58:28 -04:00
Joshua Tauberer d881487d68 v0.17b 2016-03-01 07:23:20 -05:00
Joshua Tauberer f9ca440ce8 v0.17 2016-02-25 18:36:14 -05:00
Prayag Verma 43cb6c4995 Fix a typo in Readme
`matchs` → `matches`
2016-02-18 09:47:47 +05:30
Joshua Tauberer 3615772b2d v0.16 2016-01-30 11:15:14 -05:00
Joshua Tauberer 72bfc0915c v0.15a (January 9, 2016)
Sending mail through Exchange/ActiveSync (Z-Push) had been broken since v0.14. This is now fixed.
2016-01-09 08:44:51 -05:00
Joshua Tauberer 3fbbf56986 v0.15 (January 1, 2016)
-----------------------

Mail:

* Updated Roundcube to version 1.1.3.
* Auto-create aliases for abuse@, as required by RFC2142.
* The DANE TLSA record is changed to use the certificate subject public key rather than the whole certificate, which means the record remains valid after certificate changes (so long as the private key remains the same, which it does for us).

Control panel:

* When IPv6 is enabled, check that system services are accessible over IPv6 too, that the box's hostname resolves over IPv6, and that reverse DNS is setup correctly for IPv6.
* Explanatory text for setting up secondary nameserver is added/fixed.
* DNS checks now have a timeout in case a DNS server is not responding, so the checks don't stall indefinitely.
* Better messages if external DNS is used and, weirdly, custom secondary nameservers are set.
* Add POP to the mail client settings documentation.
* The box's IP address is added to the fail2ban whitelist so that the status checks don't trigger the machine banning itself, which results in the status checks showing services down even though they are running.
* For SSL certificates, rather than asking you what country you are in during setup, ask at the time a CSR is generated. The default system self-signed certificate now omits a country in the subject (it was never needed). The CSR_COUNTRY Mail-in-a-Box setting is dropped entirely.

System:

* Nightly backups and system status checks are now moved to 3am in the system's timezone.
* fail2ban's recidive jail is now active, which guards against persistent brute force login attacks over long periods of time.
* Setup (first run only) now asks for your timezone to set the system time.
* The Exchange/ActiveSync server is now taken offline during nightly backups (along with SMTP and IMAP).
* The machine's random number generator (/dev/urandom) is now seeded with Ubuntu Pollinate and a blocking read on /dev/random.
* DNSSEC key generation during install now uses /dev/urandom (instead of /dev/random), which is faster.
* The $STORAGE_ROOT/ssl directory is flattened by a migration script and the system SSL certificate path is now a symlink to the actual certificate.
* If ownCloud sends out email, it will use the box's administrative address now (admin@yourboxname).
* Z-Push (Exchange/ActiveSync) logs now exclude warnings and are now rotated to save disk space.
* Fix pip command that might have not installed all necessary Python packages.
* The control panel and backup would not work on Google Compute Engine because GCE installs a conflicting boto package.
* Added a new command `management/backup.py --restore` to restore files from a backup to a target directory (command line arguments are passed to `duplicity restore`).
2016-01-01 17:47:18 -05:00
Joshua Tauberer 57b4c685df v0.14
v0.14 (November 4, 2015)
------------------------

Mail:

* Spamassassin's network-based tests (Pyzor, others) and DKIM tests are now enabled. (Pyzor had always been installed but was not active due to a misconfiguration.)
* Moving spam out of the Spam folder and into Trash would incorrectly train Spamassassin that those messages were not spam.
* Automatically create the Sent and Archive folders for new users.
* The HTML5_Notifier plugin for Roundcube is now included, which when turned on in Roundcube settings provides desktop notifications for new mail.
* The Exchange/ActiveSync backend Z-Push has been updated to fix a problem with CC'd emails not being sent to the CC recipients.

Calender/Contacts:

* CalDAV/CardDAV and Exchange/ActiveSync for calendar/contacts wasn't working in some network configurations.

Web:

* When a new domain is added to the box, rather than applying a new self-signed certificate for that domain, the SSL certificate for the box's primary hostname will be used instead.
* If a custom DNS record is set on a domain or 'www'+domain, web would not be served for that domain. If the custom DNS record is just the box's IP address, that's a configuration mistake, but allow it and let web continue to be served.
* Accommodate really long domain names by increasing an nginx setting.

Control panel:

* Added an option to check for new Mail-in-a-Box versions within status checks. It is off by default so that boxes don't "phone home" without permission.
* Added a random password generator on the users page to simplify creating new accounts.
* When S3 backup credentials are set, the credentials are now no longer ever sent back from the box to the client, for better security.
* Fixed the jumpiness when a modal is displayed.
* Focus is put into the login form fields when the login form is displayed.
* Status checks now include a warning if a custom DNS record has been set on a domain that would normally serve web and as a result that domain no longer is serving web.
* Status checks now check that secondary nameservers, if specified, are actually serving the domains.
* Some errors in the control panel when there is invalid data in the database or an improperly named archived user account have been suppressed.
* Added subresource integrity attributes to all remotely-sourced resources (i.e. via CDNs) to guard against CDNs being used as an attack vector.

System:

* Tweaks to fail2ban settings.
* Fixed a spurrious warning while installing munin.
2015-11-04 17:56:31 -05:00
Joshua Tauberer b05af6eecb v0.13b
ownCloud 8.1.1 trusted_domains autoconfiguration fix.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJV43ODAAoJELkgQfTBC92BAMEH/3DbsticgFhbPzMsCcmcjxkg
 1Dxw4e8YRgMPp3xuq4/5we6bL/KXSxioFc1488jfiLhAe6fHZGmSi4p6L8twnsxD
 exUd/pHZ8L1SC953JhBXLUWYfAQ/ozEZ8bNPVJ4NLx5T58FPWBSRouQHHZTMc/z1
 Pduc6RjZQ3o1dmTzbwt5hB/ZS61CFV2V9cr+aKmFSDKh7/qzBSaqGfiTOsWI43GE
 JfCN6hwnCUvvkGfaYmxJSY/emgiJETLkQCv0e1kZs5MfojkFUspqvmTQViE2HI4f
 y5FWmPXvhoHuMIgH0q0Rrw0xchXW44fJbK4SnT50z7do8F7KmSX6ztw5oxux/U0=
 =kcFy
 -----END PGP SIGNATURE-----

v0.13b - release & merge side-branch

ownCloud 8.1.1 trusted_domains autoconfiguration fix.
2015-08-30 17:21:36 -04:00
Norman Stanke 8c83171a28 v0.13a 2015-08-24 21:21:52 +02:00
Joshua Tauberer 3b6f7250ee v0.13
v0.13 (August 19, 2015)
-----------------------

Mail:

* Outbound mail headers (the Recieved: header) are tweaked to possibly improve deliverability.
* Some MIME messages would hang Roundcube due to a missing package.
* The users permitted to send as an alias can now be different from where an alias forwards to.

DNS:

* The secondary nameservers option in the control panel now accepts more than one nameserver and a special xfr:IP format to specify zone-transfer-only IP addresses.
* A TLSA record is added for HTTPS for DNSSEC-aware clients that support it.

System:

* Backups can now be turned off, or stored in Amazon S3, through new control panel options.
* Munin was not working on machines confused about their hostname.
* ownCloud updated to version 8.1.1, its memcached caching enabled.
* When upgrading, network checks like blocked port 25 are now skipped.
* Tweaks to the intrusion detection rules for IMAP.
* Mail-in-a-Box's setup is a lot quieter, hiding lots of irrelevant messages.

Control panel:

* SSL certificate checks were failing on OVH/OpenVZ servers due to missing /dev/stdin.
* Improve the sort order of the domains in the status checks.
* Some links in the control panel were only working in Chrome.
2015-08-19 16:37:18 -04:00
Joshua Tauberer 1b26632bb4 readme tweaks 2015-08-17 08:20:31 -04:00
Joshua Tauberer c23a34d475 tweak README 2015-08-14 17:11:32 -04:00
Joshua Tauberer 1b00184c89 v0.12c release to work-around Sourceforge outage 2015-07-19 08:30:03 -04:00
Joshua Tauberer 34b7638342 v0.12b 2015-07-04 11:31:51 -04:00
Joshua Tauberer b503ea1cf7 v0.12
--------------------

This is a minor update to v0.11, which was a major update. Please read v0.11's advisories.

* The administrator@ alias was incorrectly created starting with v0.11. If your first install was v0.11, check that the administrator@ alias forwards mail to you.
* Intrusion detection rules (fail2ban) are relaxed (i.e. less is blocked).
* SSL certificates could not be installed for the new automatic 'www.' redirect domains.
* PHP's default character encoding is changed from no default to UTF8. The effect of this change is unclear but should prevent possible future text conversion issues.
* User-installed SSL private keys in the BEGIN PRIVATE KEY format were not accepted.
* SSL certificates with SAN domains with IDNA encoding were broken in v0.11.
* Some IDNA functionality was using IDNA 2003 rather than IDNA 2008.
2015-07-03 10:34:33 -04:00
Joshua Tauberer 23d2df7a93 v0.11
---------------------

Advisories:
* Users can no longer spoof arbitrary email addresses in outbound mail. When sending mail, the email address configured in your mail client must match the SMTP login username being used, or the email address must be an alias with the SMTP login username listed as one of the alias's targets.
* This update replaces your DKIM signing key with a stronger key. Because of DNS caching/propagation, mail sent within a few hours after this update could be marked as spam by recipients. If you use External DNS, you will need to update your DNS records.
* The box will now install software from a new Mail-in-a-Box PPA on Launchpad.net, where we are distributing two of our own packages: a patched postgrey and dovecot-lucene.

Mail:
* Greylisting will now let some reputable senders pass through immediately.
* Searching mail (via IMAP) will now be much faster using the dovecot lucene full text search plugin.
* Users can no longer spoof arbitrary email addresses in outbound mail (see above).
* Fix for deleting admin@ and postmaster@ addresses.
* Roundcube is updated to version 1.1.2, plugins updated.
* Exchange/ActiveSync autoconfiguration was not working on all devices (e.g. iPhone) because of a case-sensitive URL.
* The DKIM signing key has been increased to 2048 bits, from 1024, replacing the existing key.

Web:
* 'www' subdomains now automatically redirect to their parent domain (but you'll need to install an SSL certificate).
* OCSP no longer uses Google Public DNS.
* The installed PHP version is no longer exposed through HTTP response headers, for better security.

DNS:
* Default IPv6 AAAA records were missing since version 0.09.

Control panel:
* Resetting a user's password now forces them to log in again everywhere.
* Status checks were not working if an ssh server was not installed.
* SSL certificate validation now uses the Python cryptography module in some places where openssl was used.
* There is a new tab to show the installed version of Mail-in-a-Box and to fetch the latest released version.

System:
* The munin system monitoring tool is now installed and accessible at /admin/munin.
* ownCloud updated to version 8.0.4. The ownCloud installation step now is reslient to download problems. The ownCloud configuration file is now stored in STORAGE_ROOT to fix loss of data when moving STORAGE_ROOT to a new machine.
* The setup scripts now run `apt-get update` prior to installing anything to ensure the apt database is in sync with the packages actually available.
2015-06-29 20:58:35 -04:00
Joshua Tauberer 1cd97d46a2 press hit 2015-06-27 10:10:33 -04:00
Joshua Tauberer d152603abd changelog entries and mention our forks of postgrey and dovecot in the README 2015-06-10 09:27:29 -04:00
Joshua Tauberer a1c7bf0883 add munin to readme 2015-06-06 12:55:13 +00:00
Joshua Tauberer 47a5a44b9e v0.10
* SMTP Submission (port 587) began offering the insecure SSLv3 protocol due to a misconfiguration in the previous version.
* Roundcube now allows persistent logins using Roundcube-Persistent-Login-Plugin.
* ownCloud is updated to version 8.0.3.
* SPF records for non-mail domains were tightened.
* The minimum greylisting delay has been reduced from 5 minutes to 3 minutes.
* Users and aliases weren't working if they were entered with any uppercase letters. Now only lowercase is allowed.
* After installing an SSL certificate from the control panel, the page wasn't being refreshed.
* Backups broke if the box's hostname was changed after installation.
* Dotfiles (i.e. .svn) stored in ownCloud Files were not accessible from ownCloud's mobile/desktop clients.
* Fix broken install on OVH VPS's.
2015-06-01 18:05:41 -04:00
BrianZachary 603fb1c698 Update README.md
Added latest front page appearance of Mail-In-A-Box to README.md
2015-05-29 16:43:14 -04:00
Joshua Tauberer 69de67b1c2 link security.md from the readme 2015-05-28 21:41:23 -04:00
Joshua Tauberer 8ba5f2ffa7 add security.md and clean up README 2015-05-22 16:53:13 -04:00
Joshua Tauberer c999c6082f tweak unhackable language, see #402 2015-05-19 11:18:53 -04:00
Joshua Tauberer 5aa0bf2d14 add instructions for verifying the signed tags to the README 2015-04-01 10:38:09 -04:00
Joshua Tauberer 145186a6b6 link to Modoboa in README 2014-09-26 08:20:13 -04:00
Waldir Pimenta 48bb8a90d2 add link to contributors, remove duplicate "to"s 2014-09-14 01:45:10 +01:00
Joshua Tauberer 85d4fad030 add Hacker News links to README 2014-09-07 10:59:20 -04:00
Joshua Tauberer 954a234aa9 move website link to the top of README 2014-09-07 07:24:50 -04:00
Joshua Tauberer c7a2aad0f8 tweak readme to emphasize not being customizable 2014-09-03 11:10:30 -04:00
Joshua Tauberer 10a37cd033 add SSHFP records to DNS 2014-08-27 12:59:40 +00:00