🇺🇸 English/Englisch

Moohoo everyone!
Due to the recent accidents regarding the Java library log4j we would like to inform you, that your mailcow is NOT affected directly by this.

Yes, it is true, that the Solr Container is a Java application which is affected by the log4j security breach. BUT solr is NOT accessible from the outside of the mailcow stack!

For those who are worried we released a Solr Hotfix which is fixing the log4j issue with the simple flag +EXTRA_ARGS+=('-Dlog4j2.formatMsgNoLookups=true') which closed this issue.

To activate it please update your mailcow with the update.sh script

Stay safe everyone!

Niklas, Servercow Team


🇩🇪 Deutsch/German

Moohoo an alle!
Aufgrund der jüngsten Vorfälle mit der Java-Bibliothek log4j möchten wir euch mitteilen, dass eure mailcow NICHT direkt davon betroffen ist.

Ja, es ist wahr, dass der Solr Container eine Java Anwendung ist, die von der log4j Sicherheitslücke betroffen ist. Aber Solr ist NICHT von außerhalb des mailcow-Stacks zugänglich!

Für diejenigen, die besorgt sind, haben wir einen Solr Hotfix veröffentlicht, der das log4j-Problem mit dem einfachen Flag +EXTRA_ARGS+=('-Dlog4j2.formatMsgNoLookups=true') behebt, welches dieses Problem schließt.

Um es zu aktivieren, aktualisiert bitte eure mailcow mit dem update.sh Skript

Bleibt alle gesund!

Niklas, Servercow Team

Moohoo everyone! Niklas here to present you the latest news around our lovely mailcow 🙂

Let’s get started, shall we?


Major changes from November 2021 for the mailcow stack:

  • SOGo update to 5.3.0
  • Dovecot update to 2.3.17
  • ClamAV update to 0.103.4
  • [Web] Auto-generated app passwords for Apple configuration profiles

Please consider updating your mailcow stack to ensure a stable environment.


All changes from November 2021 for the mailcow stack (newest to oldest):

30th November 2021:

  • [SOGo] Update Image (Docker Image for mailcow stack)

29th November 2021:

  • Translations update from Weblate (Pull request: #4351)

28th November 2021:

  • [web] Fix several raw html flags in twig (Pull request: #4325)
  • [web] fixed html in alerts
  • [README] Separate build badges
  • Translations update from Weblate (Pull requests: #4347 & #4346)

27th November 2021:

  • Translations update from Weblate (Pull request: #4345)
  • [README] Added build + translation badge
  • [Web] Updated lang.de.json (Pull request: #4344)
  • [CI] Run tests on staging branch
  • [API] Updated docs for transport route
  • [Web] Updated lang.de.json (Pull request: #4343)

26th November 2021:

  • [Web] Fix lang strings
  • [Web] Change lang strings inding in 0
  • [web] Delete XMPP references from langfiles (#4338)

22th November 2021:

  • Update SOGo to 5.3.0 (Pull request: #4330)

18th November 2021:

  • [MariaDB] Further increase connections
  • [Rspamd] Return CAB to archive_extensions
  • [Rspamd] Adjust CAB score detection

15th November 2021:

  • [Config] Fix link, fixes (Issue: #4322)

14th November 2021:

  • [ClamAV] Change mirror for Dockerfile
  • [Dovecot] v2.3.17
  • [Web] Auto-generated app passwords for Apple configuration profiles (Pull request: #4316)

12th November 2021:

  • Add missing API endpoint to openapi.yaml (Pull request: #4320)

11th November 2021:

  • [ClamAV] Update to 0.103.4 (Pull request: #4314)

As this is our last changelog for 2021, the whole tinc (The Infrastructure Company) team wishes you a 🎄 Merry Christmas 🎁 and a 🎆 Happy New Year 2022 🥂.

May the next year be with you!

A big thanks to Kristian Feldsam for integrating Twig. We are closer to Bootstrap 5 than ever. That’s a big change we hope to finish soon.

Furthermore we introduce our new cold standby solution.

With this new script you are able to create a fully working, 1:1, consistent copy of your running mailcow without downtime.

Disaster recovery of a mailcow is as easy as switching IPs and running "up -d".

We recommend to run this script every n minutes or hours and creating snapshots on the remote location for easy versioning.

Girls, guys and cows,

Development is not stuck, we just have trouble handling many requests of new customers. Combined with cases of illness, vacation and the usual business we are really under stress.

We are also reworking the design a bit, that’s a WIP and will take a while. The first new prints will probably be seen on our new cars @ tinc. We are very excited! There are also plans for a mailcow.shop.

Kristian Feldsam already started working on the migration of the UI to BS5, that’s another big step forward for us. Thank you!

André

Dear cows,

For organizations in Spanish-speaking countries I would recommend you check out Xubium.

They are a Latin-American company with expertise in mailcow that works with our infrastructure and support to provide a fully managed email service to medium and small businesses.

Xubium is an amazing company to work with, it has our recommendation by all means.

Hi,

If you updated your mailcow between 25th August and 2nd September you most likely encounter a settings map memory leak in Rspamd that was fixed just now.

Besides that, we also heavily reduced the map hammering with another change in the map generator.

Update time!

André

Da die Frage immer wieder aufkommt und es schwierig ist ein für den Mailserverbetrieb geeignetes ASN zu finden, kann ich heute ruhigen Gewissens Lennarts ETH-Services empfehlen.

Lennart ist selber in der mailcow Community aktiv und kennt die Kniffe zum Betrieb eines Mailservers.

Für einen reibungslosen Betrieb einer mailcow empfehle ich den VPS Gianfar.

Es ist eine aufrichtige, nicht bezahlte und gut gemeinte Empfehlung.

Zusammen mit unserem mailcow Support steht dem Betrieb nichts mehr im Weg. 😉

Hello mailcow folks 🐄,

"After update is before update", so always update your cows please, no matter if there is a summary on mailcow.email. 🙂

Before we start I want to remind you of an important change that’s about to happen tomorrow:

mailcow, including me, will be part of "The Infrastructure Company GmbH". No, mailcow will not be discontinued. No, I will not stop to work on mailcow.
You will probably not notice the change at all. Hopefully we will be able to finally implement more features soon as there will be more time to work on mailcow.

We still rely heavily on your support (support contacts, SAL etc.) to continue mailcow as it is. As long as we don’t have a commercial plan or "paid version" of mailcow, that’s the only way for us to finance the work on mailcow.

What’s new?

Many bugs were fixed and existing features were cleaned up.

What’s next?

Disclaimers/signatures with variables to use in a pre-defined template per domain and mailbox. 🙂

Commits

Thank you guys for your amazing support and contributions! Especially language updates/fixes and additions are very welcome!

[ACME] Skip inactive domains
[API docs] Add sogo_visible property to alias endpoints (#3956)
[Alpine] Update Alpine base images to v3.13
[Api docs] Added day ratelimit option to /add/domain endpoint
[Backup Helper] Possible workaround for #3913
[ClamAV] Update to 0.103.1
[Compose] Update ClamAV image
[Config] Add ADDITIONAL_SERVER_NAMES as optional config to define additional server_name parameters for mailcow UI
[Config] Add Wikipedia link for TZ values (#3891)
[Config] Fix binding problems with IPv6 in newer Docker versions
[Config] Remove 0.0.0.0 example
[Docker 20.10 Fix] Fix for moby/moby#39837, fixes #3893
[Dovecot] Add Russian and Ukrainian folders (#3967)
[Dovecot] Add sieve rule to move DeltaChat (https://delta.chat) messages to folder DeltaChat
[Dovecot] Check if quarantine_notify.py holds a lock
[Dovecot] Remove Schaal, remove non-numeric TXT output from dig request
[Dovecot] Replace hostname for quarantine notifications with mailcow hostname (broke after Docker 20.10 fix)
[Dovecot] Set –addheader by default, fixes #4025
[Git] Ignore SSL examples
[Git] Ignore custom SOGo logo
[Git] Ignore custom-themes.js in SOGo
[Git] Sort gitignore
[Helper] Use NC 20
[MariaDB] Update to 10.5
[Netfilter] Further improvements to catch invalid input
[Netfilter] Restart on invalid data via pubsub
[Nginx] Be more explicit with server names
[Olefy] Update container to alpine 3:13 to fix build (#3988)
[PHP-FPM] Add sleep to loop
[PHP-FPM] Fix fastcgi timeouts
[PHP-FPM] Increase PHP memory limit for "cli" to 512M (#4010)
[PHP-FPM] Update image
[Postfix] Add parent_domain_matches_subdomains
[Postfix] Add postscreen whitelist syntax and examples (#3931)
[Postfix] Do not create a TLS SNI map when SKIP_LETS_ENCRYPT=y
[Postfix] Fix HELO name
[Postfix] Unset Postfix smtpd_tls_session_cache_database, reduce disk writes (#3981)
[Postfix] Use tmpfs for watchdog’s /tmp, reduce disk writes (#3923)
[Rspamd] Add FUZZY_SPAM_MISMATCH (#3958)
[Rspamd] Add bulk header
[Rspamd] Block spoofing for free mail domains (#3907)
[Rspamd] Edit RBL
[Rspamd] Fix vanished Rspamd history after restart
[Rspamd] Increase spam symbol weight
[Rspamd] Not trigger FREEMAIL_POLICY for mailig lists (#3918)
[Rspamd] Remove ham symbols if a fuzzy denied hash matched
[Rspamd] Score for freemail from to undisclosed recipients
[Rspamd] Set bounce_to ratelimit to 7 / 1m to hopefully reduce backscatter spam
[Rspamd] Sort & add infos for bad ASN map (#3934)
[SOGo] Add custom favicon (#3957)
[SOGo] Fix comments in custom theme
[SOGo] Remove custom theme, disable debug mode, keep example custom-themes
[Update, Config] Add subject for watchdog emails (#4027)
[Update] Better GLIBC check
[Update] Try to determine GLIBC version
[Watchdog] Longer sleep for open relay check
[Watchdog] Return score with Rspamd check
[Watchdog] Revert to Alpine 3.11, needs fixes
[Watchdog] Temp. disable query check
[Web] Changed type of items parameter to list
[Web] Accept prehashes password on both edit and add mailbox
[Web] Accept raw SSHA hashes as passwords
[Web] Add SSHA
[Web] Add Trustkey CA for WebAuthn
[Web] Add information about extended DNS config
[Web] Add nevondo.com ip check source, thank you!
[Web] Added missing french parts, based on the english file
[Web] Allow to specify transport test rcpt
[Web] Danish lang. 🇩🇰 (#3971)
[Web] Do not cache content of Rspamd global filter maps
[Web] Do not create 2M session file when saving large Rspamd global filter maps (thanks @Drago)
[Web] Do not print invalid date
[Web] Feature: Expand alias over alias domains
[Web] Feature: Expand alias over alias domains
[Web] Fix SSO for SOGo when authen with FIDO2, thanks to Drago!
[Web] Fix U2F file
[Web] Fix attachment download, thanks to Drago
[Web] Fix duplicate file extension on shortened filenames
[Web] Fix for listing mailboxes and aliases from multiple domains (#3996)
[Web] Fix more ACL-disabled buttons
[Web] Fix quota-left calculations when editing a mailbox (respect max domain quota)
[Web] Fix textarea number width > 999
[Web] Implement all supported dovecot password schemas (#3974)
[Web] Keep state of quarantine table in session
[Web] Missing capital letters on some buttons (#4000)
[Web] Move white/blacklist form above the table (#3975)
[Web] Remove 36f296d9d63112db4218cef39f1eebc8a61c785d, fixes #3926
[Web] Remove breakpoints for small screens for "Recipient" and "Action" columns (#3938)
[Web] Show JID example when editing a domain
[Web] Show quarantine settings in /quarantine
[Web] Temp remove ip6.korves.net
[Web] Update libs
[Web] Update russian translation (lang.ru.json)
[Web] Uppercase "rename" in en and de
[Web] Use api/v1/get/mailbox/reduced for faster loading of mailbox table
[Web] Various small fixes and enhancements
[mailcow] Fix C22 -> C2S