By the way: We update the code on a regular basis, you don’t need to wait until we post these overviews. 🙂

Important changes for all moo cows

  • A mailcow fuzzy storage! Please contact me, if you want to share your spam with mailcow => – fair-use, please.
  • Netfilter does now log the matched regex (finally).
  • Global sieve filters can be modified using the UI.
  • We score CSA crap relatively high now (X-CSA-* headers).
  • We do now use mariabackup for a fully-consistent backup of the SQL data directory. We will write the data to a tar archive in the future (see open issues).
  • Redis is now exposed to (FYI, has no further use in default setups).
  • We disabled TLS 1.0 and 1.1 for authenticated channels. We made a post about how to re-enable old protocols a few weeks ago.

A BIG THANK YOU to all supporters! Thank you so much for keeping mailcow alive. 🙂
Another BIG THANK YOU goes out to all contributors!

Changes (please also see the commit history)

[ACME] Force renewal with force_renew file, docs will follow
[ACME] Restart Postfix, reload seems not work all the time
[ACME] Use redis master for write operations
[ACME, Watchdog] Improve waiting for Redis
[Rspamd] Add to no_log in Rspamd
[SOGo] Sort aliases (#3386)
[ClamAV] Add specific db mirrors
[Compose] A few updated images, REDIS_SLAVEOF_IP, REDIS_SLAVEOF_PORT ans MASTER (not yet supported ot documented)
[Compose] Update SOGo and ACME [ACME] SKIP IP check for SNAT’ed setups to workaround race conditions
[Dovecot] Add auth_passdb_lookup to LUA, add default plugins for replicator, check if master, add node to GUID creation, use correct syslog-ng config if Redis write-master is not
[Dovecot] Fix check to determine running imapsync procs, todo: more jobs at the same time
[Dovecot] IMPORTANT: Disabling TLS 1.0 and 1.2 – welcome to 2020
[Dovecot] LUA: Passdb: Reconnect to SQL if connection was lost
[Dovecot] Set replicator options by default – unused, no support or docs as of today
[Dovecot] Show last mail (pop3, imap) login in web interface
[Dovecot] Wait for versions table instead of failing and restarting
[Git] Add last_login to gitignore
[Git] Ignore global sieve scripts (BUT: Scripts may be forcefully overwritten, when new features are added, that depend on a given change on global sieve maps)
[Helper] Use mariabackup for SQL
[Netfilter] Log matched regex
[Netfilter] Use Redis master if set
[Nginx] Add proxy_send_timeout and proxy_read_timeout of 300 to /SOGo
[PHP-FPM] Check if master, write to Redis master only
[PHP-FPM] Do not use Redis for session handling
[PHP-FPM] Fix permissions for global maps
[PHP-FPM] Update libs, add gnupg
[Postfix] Added custom_postscreen_whitelist.cidr for a custom Postscreen wl, fixes #3313
[Postfix] Add hooks
[Postfix] IMPORTANT: Disabling TLS 1.0 and 1.1 for submission and smtps
[Postfix] Remove default rcpt count limit
[Postfix] Remove duplicate COPY from Dockerfile, fixes #3397
[Postfix] Set empty HELO restrictions for quarantine smtpd
[Postfix] Use Redis master if set
[Rspamd] Add fuzzy hashes to headers, if matched
[Rspamd] Add mailcow fuzzy hash store
[Rspamd] Add X-CSA to bulk headers
[Rspamd] Add X-Last-TLS-Session-Version header
[Rspamd] Disable 304 until SOGO_CONTACT triggers an update, needs rework
[Rspamd] Fix neural.lua
[Rspamd] Forced action add header seems to be broken atm, switching to rewrite subject until fixed
[Rspamd] Move monitoring hosts to file
[Rspamd] Quarantine: Set sender to null@localhost when sender is missing
[Rspamd] Reduce CSA crap to 2.0
[Rspamd] Reduce Sorbs recent score
[Rspamd] Add annoying CSA to bulk symbols and score then with 3.2
[Rspamd] Update to v2.4
[Rspamd] Set fixed name for fuzzy store
[Rspamd] Set Redis slaveof if not master, adjust redis configs automatically
[Rspamd] Use redis master for RL operations in pipe_rl
[Rspamd, Web] Escape monitoring hosts, add regex maps to vars file
[SOGo] Auto-backup user data to sogo-userdata-backup-vol-1 daily, keep one backup
[SOGo] Check if master, only run DB prep if master, use correct syslog-ng config if not master
[SOGo] Cronjob for SOGo user data backup
[Update] Add –skip-start switch, implements #3317
[Update, Config] Add Redis to exposed hosts
[Update] Display git diff save message only when local changes exist (#3351)
[Update] Make sure containers are gone before updating mailcow
[Update] Save git diff only when local changes exist (#3350)
[Watchdog] Define thresholds in docker-compose(.override) file
[Watchdog] Send 10 last applied ratelimits in mail report
[Watchdog] Use Redis master for write operations
[Web] Added hint where api docs can be found (#3335)
[Web] Add icon to indicate relayed domain
[Web] Add latin-ext to PT Sans font #3018 (#3333)
[Web] Add missing maps
[Web] Add slovak language (#3387)
[Web] Allow empty bcc when saving quarantine settings, fixes #3363
[Web] Allow to change page size in table header for /mailbox tables
[Web] Allow to set global sieve filters
[Web] Allow to skip IP check for API
[Web] Check smtp_tls_policy_map destination (more checks should be added)
[Web] Fix button order, thanks to @dragoangel
[Web] Fix cow level, sorry 🙁
[Web] Fix data type for port1 in imapsync
[Web] Fix DNS check for relayed domain
[Web] Fix mail validation for quota sender address
[Web] Fix quarantine view and add missing lang string
[Web] Fix selection bug (reproduce: select an item, select all, deselect all, click an action and find previously selected items)
[Web] Fix sieve example insert
[Web] Fix sv lang
[Web] Fix tooltips in quarantine
[Web] Fix transport validation, thanks to Gideon!
[Web] Further work to improve the swedish translation and sentence structure to improve general quality, in context to Mailcow functions (#3396)
[Web] Implement table size to quarantine, implements #3325
[Web] Keep modal data when adding a sync job
[Web] Add hint to disable TFA instead of deleting last key
[Web] Prefer sieve redirects: adjust lang files
[Web] Replace rtrim by preg_replace to fix transport checks
[Web] Set desc == domain name, when desc is empty, implements #3341
[Web] Some more quarantine lang strings
[Web] Unlearn spam if released from quarantine, implements #3327
[web] Update
[Web] Use redis master where necessary, hide UI if not master, create replicate quota2 table