January updates

Updated on January 30, 2019: More updates!

Here we go again. Thank you so much for your help, contributions and donations!

Important changes

  • Doc updates outstanding!
  • It is now possible to create quarantine notification templates. Notifications can be sent hourly/daily/weekly. You can disable this feature by setting the ACL accordingly. Default behavior can be controlled via MAILBOX_DEFAULT_ATTRIBUTES (default: never).
  • UI loading speed should be much faster (at least in Firefox)
  • Solr is here, thanks to evilstiefel. Please also check the docs.
  • We now include some Sanesecurity signatures to improve spam detection (hopefully). We had to switch to a Debian base and hope to decrease its size a bit in the future.
  • The default add_header score (move mail to “Junk”) is now 8 (7 for greylisting).
  • Blacklist/Whitelist can now contain “.*” and will be read as “\..*”.
  • Redis 5
  • Thanks to @feldsam we can now have multiple profiles on Apple devices.
  • “ipv6nat” will be restarted if it was not the last container to start (this is a work-in-progress, we hope to move a lot of this from Watchdog to Netfilter)

Summary

Added on January 30

[Web] Remote SourceSansPro, remove css style
[Compose] Update PHP-FPM image
[Web] Minify css and js via PHP
[Web] Use PT Sans
[Web] Update some libs
[PHP] Drop pear modules
[Config] Add hint to disable Solr if you do not want a readable index in solr-vol-1
[Dovecot] Fix last_notification in quarantine_notify.py
[Update] Check if run as root
[Rspamd] Split global wl from to mime-from and smtp-from
[Compose] New watchdog and Dovecot images
[Compose] Add SKIP_SOLR to Dovecot to dynamically load fts plugin
[Compose] Mount default quarantine notification template
[Asset] Add default template for quarantine notifications
[Watchdog] Use stackoverflow.com for DNS check
[Git] Ignore mail_plugins*
[Dovecot] Read mail_plugins from dynamically generated file
[Dovecot] Encrypt FTS
[Dovecot] Add break_imap_seach option to Solr
[Web] Add ability to send quarantine notification mails
[Web] Minor style fixes
[Web] Add new MAILBOX_DEFAULT_ATTRIBUTES (doc updates, anyone? 🙁 )
[Web] Use rcpt_smtp if rcpt_mime is not set
[Web] Other minor fixes
[Dovecot] Simplify Docker image
[Dovecot] Set Dovecot plugins dynamically via file and exclude Solr if not enabled
[Dovecot] Add new quarantine notification script
[Update] Check internet connection via 1.1.1.1
[Config] Use #!/usr/bin/env bash for scritps, fixes #2226, thanks to @cptMikky
[Config] Add ACL_ANYONE to generate_config.sh
[Web] Update lang
[Update] Disable Solr when upgrading from non-Solr mailcows
[Web] Lang updates
[Web] Fixed typo in lang.de.php
[Web] Remember FooTable settings by using state plugin, fixes #2122
[Dovecot] imapsync: Log imapsync cronjob errors
[Dovecot] imapsync: Connect to database via socket
[Compose] Fix hard-coded SKIP_CLAMD


Added on January 18

[ClamAV] Add more signatures
[ClamAV] Fix whitelist permission error
[ClamAV] Set prio of clamd parent to 10, fixes #2174
[Compose] New image for ClamAV
[Compose] Update ClamAV and SOGo images
[Compose] Update Rspamd image
[Config] Change some texts, lower RAM req. to 3.5 GB for Solr
[Config/Update] Set limits and change descriptions for Solr
[DockerAPI] Add unused FTS endpoints…
[Dovecot] Add Czech folder names to namespace
[Dovecot] Allow setting ACL_ANYONE in mailcow.conf
[Dovecot] Use Solr for LMTP
[Dovecot] Add Solr
[Rspamd] Do not apply SOGO_CONTACT for hard SPF failures
[Rspamd] Fix metadata_exporter
[rspamd] increased values for SPF, DKIM reject
[Rspamd] Set higher/lower scores for local fuzzy matches
[Rspamd] Set max_size for AV
[SOGo] Allow to turn off GAL for each domain
[Solr] Refuse to start with RAM lt 2 GB
[Web] Allow to turn off GAL for each domain
[Web] Delete index data from Solr when deleting mailbox
[Web] Minor fix in return
[Web] Show subjet in quarantine
[Web] Update lang strings

Added on January 12

[ClamAV] Improve logging
[Nextcloud] Download Nextcloud 15
[Web] Delete network from whitelist when adding it to the blacklist
[Web] Revert password policy, fixes #2163


[Rspamd] Scan the whole message to be able to trigger Sanesecurity rules
[Rspamd] Increase add_header and greylist score
[Web] Save filter objects 1:1 to database
[Rspamd] preg_quote filter objects, only translate * to .* – fixes #2152
[ClamAV] Update to 0.101.1 (based on Debian to fix some errors)
[ClamAV] Include some junk signatures from Sanesecurity
[ClamAV] Some config values are deprecated and were replaced
[ClamAV] Scan whole file
[Backup] Made backup container mounts read only
[Web] Apple mobileconfig enhancements by @feldsam
[Config] Fix misleading typo in generated mailcow.conf
[SOGo] Fix ealarms, again, fixes #2136
[Web] Hide self-edit passwords of domain admins, fixes #2135
[Web] Various minor fixes
[Compose] Update to Redis 5
[Compose] New images for ClamAV, Watchdog, SOGo, Postfix and PHP-FPM
[Watchdog] Run IPv6 NAT check hourly
[PHP-FPM] Update PHP and libs
[Watchdog] Add check for IPv6 NAT: Make sure IPv6 NAT container was started at least 30s after other containers
[Compose] Make ipv6nat depend on all containers
[Postfix] Fix transport map authentication with multiple identical nexthops
[SOGo] Remove old js file
[Web] Fix for the fix of transport map checks
[Web] Remove unnecessary check for transport maps
[SOGo] Fix file path of sogo-full.svg
[Update] Add user.name and user.email for local git config if missing
[Web] Update languages (cs, en)
[Web] Add more details for transport maps
[Web] More checks and fixes for transport maps