The mailserver suite with the 'moo' – 🐮 + 🐋 = 💕

News and Infos

🥚🐄 Moopril Update 2024 | Security Update

2024-04 (Release April 4th, 2024)Moohoo Everyone! With the Moopril update, two security vulnerabilities in mailcow will be closed. CVE-2024-31204: XSS Vulnerability via Exception Handler CVE-2024-30270: Path Traversal and Arbitrary Code Execution Vulnerability Additionally, SOGo has been updated to version 5.10.0, and a bug in the domain-wide footer has been fixed. Changelog chore(deps): update thollander/actions-comment-pull-request action to v2.5.0 by @renovate in https://github.com/mailcow/mailcow-dockerized/pull/5747 Translations update from Weblate by @milkmaker in https://github.com/mailcow/mailcow-dockerized/pull/5762 sogo: upgrade to 5.

🤔🔒🐮 What's up? - LDAP Integration

Moohoo everyone!

As already announced on social media channels, today we are serving you a new edition of our section: What's up?.

Today, we are explicitly discussing a topic of burning interest to all of us: LDAP/OIDC Integration and the associated overhaul of the authentication system.

We have kept you updated in the past that we are feverishly working on integrating LDAP and OIDC. After all, this function is not without reason one of the most requested features for mailcow ever – and rightly so!

However, our plan was to release this whole thing in the first quarter of 2024 or maybe even around Christmas 2023. As you have noticed, both timelines could not be met…

🐥🐄 Febmooary 2024 Update | ClamAV Security Update

2024-02 (Release 15th February 2024)Moohoo Everyone! With Febmooary, further recently released security vulnerabilities in mailcow have been addressed. These are the following security vulnerabilities in the ClamAV service that were fixed with version 1.2.2: CVE-2024-20290: Fixed a possible heap overflow read bug in the OLE2 file parser that could cause a denial-of-service (DoS) condition. CVE-2024-20328: Fixed a possible command injection vulnerability in the “VirusEvent” feature of ClamAV’s ClamD service. In the default configuration, mailcow is not affected by the CVE-2024-20328 vulnerability, as the VirusEvent in the ClamAV configuration is not activated.

🦾6️⃣4️⃣ 🐄 Janmooary 2024 Update | The Multiarch (x86 + ARM64) & Performance Update - Revision E

2024-01e (Release: 08th Februars 2024)Netfilter Enhancements Fixed Isolation Rule for iptables: Addressed an issue regarding the mailcow isolation rule in iptables. Thanks to contributions from @FreddleSpl0it and @tomudding. PR #5700 Relaxed IP Check in NFTables.py: Set a more relaxed IP check in NFTables.py to improve compatibility. Many thanks to @amorfo77 for the contribution. PR #5711 SOGo Fixes Fixed SOGo Crash on Older Kernels: Resolved a SOGo crash occurring on kernels older than 5.

🛷 🐄 Moocember 2023 Update | Netfilter NFTables Support and Banlist Endpoint

2023-12a (Release 29th December 2023)


2023-12 (Release 19th December 2023)

Moo hoo everyone!

We have some new Netfilter features for you before the holidays. In addition, the watchdog can now send notifications via webhooks. To do this, simply configure the variables WATCHDOG_NOTIFY_WEBHOOK and WATCHDOG_NOTIFY_WEBHOOK_BODY in mailcow.conf accordingly.

🏮🐄 Moovember 2023 Update Revision A | Ratelimit Fixes, Domain Wide Footer Fixes

2023-11a (Release 07th December 2023)


2023-11 (Release 21st November 2023)

Moo hoo everyone!

The holiday season is slowly approaching, and here we are with another update at our doorstep.

First things first: It’s advisable to update (especially if using Quarantine) due to a critical security patch.

🎃🐄 Mooctober 2023 Update | Domainwide Footer, cURL Fixes and more - Revision A

2023-10a (Released 12th October 2023)


  • We’ve fixed the wrongly used clamav tag inside the docker-compose.yml. Now you are really using ClamAV 1.0.3 LTS!
  • We’ve removed the restart action from the depends_on section (tied to the unbound healthcheck logic) from the docker-compose.yml. Older Versions of Docker Compose v2 would not be able to start the stack with those settings set. (Please keep your systems up to date!!!!)

2023-10 (Released 12th October 2023)

MooBoo hoo everyone!

It’s spooky season again and we hope you’re all ready to celebrate the Halloween season this year.

However mailcow is also delivering you with some treats (tricks “sold” seperately and not included in this update) regarding the stack.

This time it’s quite huge!

🔥🐄 Hotfix Update September 2023 (SOGo 5.9.0)

2023-09Moohoo everyone! We are back with a tiny mailcow update that solves the problems with macOS 14 (Sonoma) and SOGo. That’s all there is this month. More content will come in early October with update 2023-10. Changelog [SOGo] Update to 5.9.0 The full changelog, including the individual commits, is available on GitHub at any time for those interested: https://github.com/mailcow/mailcow-dockerized/releases/tag/2023-09 As always, a huge thank you to our great mailcow community for your continued support and valuable feedback.