January updates

Updated on January 18, 2019: More updates!

Here we go again. Thank you so much for your help, contributions and donations!

Important changes

  • Solr is here, thanks to evilstiefel. Please also check the docs.
  • We now include some Sanesecurity signatures to improve spam detection (hopefully). We had to switch to a Debian base und hope to decrease its size a bit in the future.
  • The default add_header score (move mail to “Junk”) is not 8 (7 for greylisting).
  • Blacklist/Whitelist can now contain “.*” and will be read as “\..*”.
  • Redis 5
  • Thanks to @feldsam we can now have multiple profiles on Apple devices.
  • “ipv6nat” will be restarted if it was not the last container to start (this is a work-in-progress, we hope to move a lot of this from Watchdog to Netfilter)

Summary

Added on January 18

[ClamAV] Add more signatures
[ClamAV] Fix whitelist permission error
[ClamAV] Set prio of clamd parent to 10, fixes #2174
[Compose] New image for ClamAV
[Compose] Update ClamAV and SOGo images
[Compose] Update Rspamd image
[Config] Change some texts, lower RAM req. to 3.5 GB for Solr
[Config/Update] Set limits and change descriptions for Solr
[DockerAPI] Add unused FTS endpoints…
[Dovecot] Add Czech folder names to namespace
[Dovecot] Allow setting ACL_ANYONE in mailcow.conf
[Dovecot] Use Solr for LMTP
[Dovecot] Add Solr
[Rspamd] Do not apply SOGO_CONTACT for hard SPF failures
[Rspamd] Fix metadata_exporter
[rspamd] increased values for SPF, DKIM reject
[Rspamd] Set higher/lower scores for local fuzzy matches
[Rspamd] Set max_size for AV
[SOGo] Allow to turn off GAL for each domain
[Solr] Refuse to start with RAM lt 2 GB
[Web] Allow to turn off GAL for each domain
[Web] Delete index data from Solr when deleting mailbox
[Web] Minor fix in return
[Web] Show subjet in quarantine
[Web] Update lang strings

Added on January 12

[ClamAV] Improve logging
[Nextcloud] Download Nextcloud 15
[Web] Delete network from whitelist when adding it to the blacklist
[Web] Revert password policy, fixes #2163


[Rspamd] Scan the whole message to be able to trigger Sanesecurity rules
[Rspamd] Increase add_header and greylist score
[Web] Save filter objects 1:1 to database
[Rspamd] preg_quote filter objects, only translate * to .* – fixes #2152
[ClamAV] Update to 0.101.1 (based on Debian to fix some errors)
[ClamAV] Include some junk signatures from Sanesecurity
[ClamAV] Some config values are deprecated and were replaced
[ClamAV] Scan whole file
[Backup] Made backup container mounts read only
[Web] Apple mobileconfig enhancements by @feldsam
[Config] Fix misleading typo in generated mailcow.conf
[SOGo] Fix ealarms, again, fixes #2136
[Web] Hide self-edit passwords of domain admins, fixes #2135
[Web] Various minor fixes
[Compose] Update to Redis 5
[Compose] New images for ClamAV, Watchdog, SOGo, Postfix and PHP-FPM
[Watchdog] Run IPv6 NAT check hourly
[PHP-FPM] Update PHP and libs
[Watchdog] Add check for IPv6 NAT: Make sure IPv6 NAT container was started at least 30s after other containers
[Compose] Make ipv6nat depend on all containers
[Postfix] Fix transport map authentication with multiple identical nexthops
[SOGo] Remove old js file
[Web] Fix for the fix of transport map checks
[Web] Remove unnecessary check for transport maps
[SOGo] Fix file path of sogo-full.svg
[Update] Add user.name and user.email for local git config if missing
[Web] Update languages (cs, en)
[Web] Add more details for transport maps
[Web] More checks and fixes for transport maps