June updates

For commercially used mailcows, please consider buying a support subscription or help to keep mailcow alive by donating. 🙂

ONCE AGAIN A BIG THANKS TO ALL CONTRIBUTORS!

Important changes

  • Thanks to @c-rosenberg we integrated olefy into mailcow for macro scanning. It is skipped for authenticated users.
  • Quarantine can now be configured to remove old items.
  • *.autoconfig is back as part of default SANs in the certificate acquired by “acme-mailcow”.
    IMPORTANT: The certificate request will fail, if you copied the site config from our previous HTTP -> HTTPS redirect docs! Please update your site config (see here), make sure to remove the autoconfig block (see here).

Summary

[ACME] Autoconfig is back (re-added to SAN list by default for all mail domains)
[ACME] Better HTTP verification
[ClamAV] Fix missing exit code var, fixes #2746
[ClamAV] Update to 0.101.2
[Dovecot] Fix cleanup of old quarantine items, fixes #2721
[Dovecot] Rename sieve_after to global_sieve_after and create a global_sieve_before file
[Dovecot] Run cronjob at 4:15 AM to remove max aged quarantine items (default: 365 days)
[Dovecot] Fix permissions of console
[Helper] Omits the verbose option for gzip in the backup script
[Netfilter] Keep musl-dev, update pip
[Netfilter] Remove unused files after installation
[Netfilter] Set some f2boptions to int
[Olefy] A new container is born, thanks to @c-rosenberg
[PHP-FPM] Add exif module
[PHP-FPM] Add Q_MAX_AGE key and set to 365 days if missing
[PHP-FPM] Update PHP and some modules
[Postfix] Add UA header check, not enabled by default
[Postfix] Create resource maps
[Postfix] Remove authed user from header
[Postfix] Remove duplicate proxy read maps, add resource maps
[Rspamd] Added comment to composite
[Rspamd] Add OLEFY_MACRO symbol
[Rspamd] Add oletools via olefy, big thanks to @c-rosenberg
[Rspamd] Increase OLEFY_MACRO score
[Rspamd] Less aggressive bayes
[Rspamd] Remove authenticated user from auth results header
[Rspamd] Sign ARC inbonud, thanks to @Kraeutergarten
[Update] Add missing WATCHDOG_NOTIFY_BAN update option
[Update] Check if file is tracked before running git rm
[Update] Hide error when running git rm on old worker passwd file
[Update] Remove controller passwd file from index
[update.sh] Rename enable_ipv6 option
[Watchdog, Config] Added WATCHDOG_NOTIFY_BAN to disable IP ban notifications
[Watchdog] Fix broken mail with more than one rcpt in some cases
[Watchdog] Fix for fix for wrong mails
[Watchdog] Minor text changes and send whois report of banned IP
[Watchdog] Send mail when IP was banned
[Web] Allow to set max_age for quarantine items
[Web] Fix BCC error message
[Web] Fix lang strings for sieve pathes and sieve flow
[Web] Fix SPF link
[Web] Generate readable passwords
[Web] increased db version
[Web] Show resource alias