Welcome FIDO2 to mailcow!

We recently pushed a change to integrate FIDO2/WebAuthn support for administrators and domain administrators to mailcow.

mailcow FIDO2

Please see our docs for further information.

We are working to be listed on Works with Yubi in the near feature.

Quick note: A single SMTP recipient "postmaster@…" is now whitelisted by default.

Previously we included a settings map template to manually enable this behavior. This template is now dropped. It does not hurt to keep the old settings map, it will just never be applied.

Same for outbound: No matter the authentication, a SMTP FROM postmaster@… will be score -2500.00. No prefilter is applied to keep signatures.

-2500.0 will also skip ClamAV-positives, please keep that in mind, do not forward viruses.


It’s been a long time since I wrote other posts than updates.

My daughter was born almost a year ago. My life changed quite a lot, I still don’t feel like I reached my goals and that there is going to be more fantastic changes to come. Thank you guys for contributing to mailcow and enlighten my day – every day.

InterServer started contributing fuzzy hashes to mailcow. If you have a spam trap by hand and feel like sharing, please contact me. Thank you, InterServer; thank you, John.

What could be next?

  • I will try to add hooks to mailcow UI. I want to implement individual hooks that can run after adding a domain, mailbox or other elements. The "push" hook like we already have with Pushover will be moved to that logic. Users will be able to control push hooks, domain admins as well as admins will be able to add hooks to other logics like adding a mailbox, domain or alias etc.

  • I will add a HTTP map to resolve aliases to their final recipients. This way we can finally fix the tag handling for alias recipients and make black/whitelistings more granular.

Please join us on Telegram, if you have ideas to share or just want to hang out. 🙂


By the way: We update the code on a regular basis, you do not need to wait until we post these overviews. 🙂

Notable changes for all cows

  • Please contact me, if you want to share your spam with mailcow => info@servercow.de
  • We sponsored a better identity management in SOGo
  • .doc and .xls are now only rejected when they contain macros
  • mailcow speaks Chinese! Thanks to @EHfive!
  • You can now limit access to IMAP, POP3 and SMTP per user
  • Rspamd 2.6 with new neural logic
  • A vmail-index-vol-1 volume was created. The mail index will be recreated on the fly when accessing a mailbox. You can move this volume to fast disk and keep vmail-vol-1 on slower/spinning disks.
  • Show last SMTP login
  • We do now fully encrypt connections to the fuzzy storage
  • iso/img are now bad attachments
  • Disable extension cloaking detection (i.e. "doc.exe") due to false positives and other checks catching these bad extensions
  • rspamd-stats are available via mailcow API (/api/v1/get/logs/rspamd-stats)
  • Watchdog is enabled by default now when installing mailcow
  • New ACL to allow or disallow a domain administrator to change the domain description
  • Update MariaDB to 10.4

There are many more useful changes, please see the list below. I could not decide between important and less important this time. Many changes are quite useful or simply important bug fixes. So: update time!

A BIG THANK YOU to all supporters! Thank you so much for keeping mailcow alive. 🙂
Another BIG THANK YOU goes out to all contributors!

Changes since last post

We are now on commit 79802a9d1d0eaf583bcb55c96f6ff011b22a2cca

2020-10-10 – [Web] Do not expand IPv6 as found by SPF lookup
2020-10-10 – [Rspamd] Rebuilt 2.6-156\~buster
2020-10-09 – [Watchdog] Watch milter status with a dirty workaround, waiting for proxy ping pong event to implement a better check
2020-10-09 – [Update] Show commits on update check
2020-10-09 – [Rspamd] Delete deprecated reputation files
2020-10-08 – [Web] Update lang.sk.json + small typos (#3797)
2020-10-08 – [Rspamd] Add reputation plugin, remove deprecated plugins
2020-10-08 – [Rspamd] Use reputation plugin instead of ip_ and url_reputation
2020-10-08 – [Helper] Install Nextcloud 20
2020-10-08 – [Web] Higher timeout for long delays in transport checks
2020-10-08 – [Config] Change order of generate_config watchdog values
2020-10-06 – [Compose] Added SELinux support / volume labeling (#3766)
2020-10-04 – [API docs] Fixed spelling mistakes
2020-10-03 – [Rspamd] 2.6 stable, switched repo back to release
2020-10-03 – [Helper] Allow to run backup script everywhere
2020-10-02 – [Update] Add new args to update.sh -h output (#3787)
2020-10-02 – [Web] Add simplified Chinese language translations (#3784)
2020-09-29 – [Dovecot] Quota template – better compatibility (#3783)
2020-09-28 – [Compose] Update Rspamd to latest 2.6, update ACME image
2020-09-28 – [ACME] Add more checks, avoid cert/key mismatch on some installations, fix some output
2020-09-28 – [Compose] Update Postfix and Watchdog images
2020-09-28 – [Postfix] Fix smtp last login on replicated setups
2020-09-27 – [Web] lang.fr.json to reflect 6da5ee8
2020-09-27 – [Web] lang.sv.json (#3781)
2020-09-27 – [Nginx] Update site-defaults.conf (TLS cipher fixes) (#3780)
2020-09-27 – [Compose] Fix Postfix version
2020-09-27 – [Watchdog] Increase threshold for cert check
2020-09-27 – [Watchdog] Add certificate check for primary certificate; Add mail delay
2020-09-27 – [SOGo] SOGo, Sope 4.9.r1664.20200927
2020-09-26 – [ACME] Do check for restart of Postfix and Dovecot service more thoroughly
2020-09-26 – [Compose] Update SOGo image
2020-09-26 – [Web] Minor DB schema update
2020-09-26 – [Web] Some language additions for new functions and minor changes
2020-09-26 – [Web] Compatibility: Re-add _int vars
2020-09-26 – [Web] Allow to overwrite DKIM keys while importing a new key
2020-09-26 – [Web] Add TLS policy toggle to edit/mailbox; Add WIP smtp_ip_access (hidden)
2020-09-26 – [Web] Add toggle to overwrite DKIM key while importing
2020-09-26 – [Rspamd] Quarantine, Pushover: Respect active = 2 while processing
2020-09-26 – [Rspamd] Pushover, quarantine: also process
2020-09-26 – [Postfix] Update alias map;
2020-09-26 – [SOGo] SOGo, Sope 4.9.r1664.20200926
2020-09-25 – [Rspamd] 2.6-0~git32~1c3e0910b~buster
2020-09-25 – [SOGo] Update to
2020-09-24 – [SOGo] Re-enable TLS for internal IMAP connections, enable TLS for internal SMTP connections
2020-09-24 – [Web] Minor fix in quarantine view
2020-09-24 – [Rspamd] Fix prio for includes in overrides
2020-09-24 – [Nginx] Refresh cipher suites (#3669)
2020-09-23 – [Dovecot] IMPORTANT: New volume for mail index
2020-09-23 – [Config] New defaults: MAILDIR_GC_TIME=7200, WATCHDOG_NOTIFY_BAN=n
2020-09-23 – [Rspamd] Prepare SMTP ip restriction, WIP
2020-09-23 – [Dovecot] Move mail index to new volume
2020-09-23 – [Web] Add autocomplete to OTP (#3774)
2020-09-20 – [Web] Replace JSON_EXTRACT by JSON_VALUE in init script
2020-09-20 – [Dovecot] Remove like from query
2020-09-20 – [SOGo, Dovecot] Remove unnecessary likes from sql queries
2020-09-20 – [Web] Filter transport destinations to prevent empty destinations
2020-09-20 – [Config] Support mailcow.conf being a symlink (#3770)
2020-09-20 – [Web] lang.sv.json, lang.de.json, lang.en.json (#3771)
2020-09-19 – [Dovecot] Fix sieve with new protocol toggling implementation, fixes #3769
2020-09-18 – [Web] Add quick toggle for imap/pop3/smtp access; small rework of buttons on /mailbox; Minor fixes and changes
2020-09-17 – [ClamAV] Set to ConcurrentDatabaseReload and (todo:) add note to docs
2020-09-17 – [API docs] Removed all occurrences of _int
2020-09-17 – [API docs] Removed active_int
2020-09-17 – [Web] Important: Removed unnecessary *_int attributes from GET elements, _only_ returning int values now (same for all attributes which were provided as html char and int)
2020-09-17 – [Web] Feature: Allow to toggle protocols (imap, pop3, smtp) per user (defaults can be configured using vars.local.inc.php, see vars.inc.php)
2020-09-17 – [Compose] Update Dovecot and Postfix images
2020-09-17 – [Postfix] Merge syslog filters
2020-09-17 – [Postfix] Create sasl_access map; Use JSON_VALUE and remove unnecessary like command
2020-09-17 – [Dovecot] For future use: pass used protocol; Check if user has protocol access while authenticating
2020-09-17 – [Postfix] Add sasl check to deny specific users from using smtp relay
2020-09-17 – [Dovecot] Postlogin socket owned by vmail
2020-09-15 – [Rspamd] Latest 2.5
2020-09-15 – [ClamAV] Update to 0.103.0
2020-09-15 – [Compose] Update Rspamd and Postfix
2020-09-15 – [Postfix, Web] Feature: Show last SMTP login
2020-09-15 – [Rspamd] Encrypt fuzzy communication, switch to Rspamd 2.6
2020-09-13 – [Rspamd] Add open-relay-check@mailcow.email to monitoring_nolog.map (#3757)
2020-09-12 – [Rspamd] Add filter to global mime black- and whitelists to only match addr
2020-09-12 – [Web] Update lang.ru.json
2020-09-12 – [Rspamd] Add iso/img to bad extensions (#3753)
2020-09-12 – [Rspamd] Disable extension cloaking (#3754)
2020-09-10 – [SOGo] Update to, fixes #3719
2020-09-09 – [Rspamd] Macro check was fixed, remove doc and xls ban for now…
2020-09-09 – [Compose] Update olefy-mailcow
2020-09-09 – [Rspamd] Minor: Fix text
2020-09-09 – [Oletools] Fix olevba.py manually until fix is merged
2020-09-07 – [Web] Removed typo when adding a row (#3741)
2020-09-06 – [Web] Return json array when mailq empty, fixes #3738
2020-09-06 – [Rspamd] Meta exporter and settings map: read vars.local.inc.php
2020-09-06 – [Web] Add rspamd-stats route to API
2020-09-03 – [Config] Watchdog is stable
2020-09-03 – [Rspamd] doc and xls are blocked
2020-09-02 – [Web] Disable API regen button when key empty
2020-08-27 – [Netfilter] Skip invalid regex
2020-08-27 – [Web] Fail2ban: Only write regex filters if not empty
2020-08-27 – [Netfilter] Replace query by resolve (deprecated)
2020-08-27 – [Compose] Update images: PHP-FPM, Dovecot, ACME, Netfilter, Watchdog
2020-08-27 – [Web] Sync jobs: Use STARTTLS instead of TLS; Feature: Allow to edit fail2ban-like regex filters in UI
2020-08-27 – [Config] Better safe than sorry: Add a hint to use lowercase project names
2020-08-27 – [Netfilter] Reload regex filters from Redis
2020-08-27 – [Various] Always use lowercase for COMPOSE_PROJECT_NAME
2020-08-25 – [Web] Added new options to API docs
2020-08-23 – [Web] oAuth: Fix content type in profile reply, thanks to @this-user – fixes #3716
2020-08-22 – [Web] Allow to set force_pw_update, tls_enforce_in, tls_enforce_out, sogo_access and quarantine_notification when adding a domain (via API)
2020-08-19 – [Web] Create ACL to toggle permission of a domain administrator to change a domain desc
2020-08-19 – [Web] Fix da_acl when adding DA without domain
2020-08-18 – [Web] update lang.sk.json (#3714)
2020-08-16 – [Web] Fix checkbox for announcements
2020-08-16 – [SOGo] Update to
2020-08-16 – [Web] Rot announcements
2020-08-15 – [Web] Always display app_links (#3664)
2020-08-14 – [API docs] Added request body for sync job creation endpoint
2020-08-13 – [Web] MAILCOW_HOSTNAME should not be a CNAME
2020-08-13 – [Dovecot] Update to
2020-08-07 – [Compose] Update MariaDB to 10.4; Update PHP-FPM image to include fix
2020-08-07 – [PHP-FPM] Fix lookup of Postfix container when SQL applied an update

Checkout https://github.com/appcoders/mailcowtools

A lot of people asked for a way to bulk create mailcow accounts via CSV file. Appcoders delivered a solution for this and other mailcow related tasks.

Big thanks to appcoders!

By the way: We update the code on a regular basis, you do not need to wait until we post these overviews. 🙂

Important changes for all cows

  • Please contact me, if you want to share your spam with mailcow => info@servercow.de
  • We sponsored some changes to SOGo including HTML5 notifications and, as you may have seen, new folder indicator icons
  • We found old Docker unnamed Docker bridges from older mailcow versions on various systems and do now remove them via update.sh
  • mailcow speaks Romanian! Thanks to @Razvan0925!
  • Initial HAProxy endpoints via helper-scripts/docker-compose.override.yml.d/HAPROXY/docker-compose.override.yml (WIP)
  • The footer is ROT13 enoded/rotated and parsed via JS

There are many more useful changes, please see the list below. I could not decide between important and less important this time. Many changes are quite useful or simply important bug fixes. So: update time!

A BIG THANK YOU to all supporters! Thank you so much for keeping mailcow alive. 🙂
Another BIG THANK YOU goes out to all contributors!

Changes (please also see the commit history)

[ACME] Add DIRECTORY_URL for custom directory URLs
[ACME] Filter containers by compose project name
[ACME] Fix directory URL
[API] Removed api_blueprint docs and use swagger (#3595)
[Backup] Make delete-days delete only files with mailcow-* in backup location (#3609)
[Backup] Speed up Gziping of backup (#3623)
[ClamAV] Update to 0.102.3
[Clamd] Pass version as ARG
[Compose] Fix dependency loop
[Compose] Images updates, added COMPOSE_PROJECT_NAME to some containers
[Compose] Update Dovecot, add networks to PHP-FPM
[Config] Allow CIDR notation for API_ALLOW_FROM (#3655)
[Config] Check port 25 and use smtp protocol to check postfix certificate. Fixes #3636 (#3637)
[Config] Minor: Move line to correct place
[Config] Remove comment about cidr for api_allow
[DockerAPI] Show queue item content via postcat
[DockerAPI] Update image
[Dovecot] Filter by compose project name, create trusted map for SOGo IP, run DNS check before starting service
[Dovecot] Fix invalid rcpt when no bcc is set, fixes #3576
[Dovecot] Include SOGos IP as trusted
[Dovecot] Increase sieve actions and redirects to 100/101
[Dovecot] Quarantine: add increment of count to prevent infinity loop (#3591)
[Dovecot] Specify Dovecot version in case of errors with new versions
[Dovecot] Update Dovecot
[Feature] Add HAProxy listeners and an example override file
[Git] Add ignore
[Helper] Fix expiry-dates.sh
[Helper] Fix mariadb restore when "all" is selected, thanks to @takigama
[Helper] expiry-dates.sh to check expiry dates
[MySQL] Slightly more resources
[Netfilter] Fix Netfilter image
[Nginx] Mark script executable
[Nginx] Mark script not executable
[PHP-FPM] Add bcmath and GMP
[PHP-FPM] Add pspell
[PHP-FPM] Filter containers by compose project name
[PHP-FPM] Fix missing aspell lib, update Redis lib, fixes #3675
[PHP-FPM] Minor changes to prepare routine
[PHP-FPM] Update image to include CIDR fix via mailcow.conf
[Postfix] Disable SMTPUTF8 in Postfix due Dovecot-LMTP isn’t support it (#3680)
[Postfix] Fix "disallow login": A catch-all will not catch mail for mailboxes with disallowed login
[Postfix] Remove obsolete comment
[Postfix] Remove obsolete setting smtpd_use_tls. (#3548)
[Postfix] Remove smtpd_tls_CAfile, fixes #3589
[Postfix] Set smtp_address_preference to any (#3561)
[Postfix] Test DNS against mailcow.email
[Quarantine] Allow to redirect all quarantine messages to a specific address
[Web] Minor changes to quarantine UI
[Rspamd] Add hint to composite, minor
[Rspamd] Add urlhaus map to rspamd (#3683)
[Rspamd] Change whitelisted senders map from prefilter to score -2050
[Rspamd] Changes to WHITELISTED_FWD_HOST composite handling
[Rspamd] Consistent LOCAL_CONFDIR
[Rspamd] Do not exclude fwd hosts from dmarc checks
[Rspamd] IP WL is no more a prefilter to prevent unsigned mail
[Rspamd] More bulk headers
[Rspamd] More excludes for fwd hosts, minor fix to FORGED_W_BAD_POLICY
[Rspamd] Remove spoofed unauth symbol from mails from whitelisted fwd hosts
[Rspamd] Temporarily disable over-signing, as Cyren does mark those mails as DKIM invalid (blame them, not us)
[SOGo] Disable EAS when SKIP_SOGO=y
[SOGo] Disable autodiscover-json for EAS when disabled
[SOGo] SOGo does no trust self signed or invalid certificates anymore, add temp workaround
[SOGo] Update image
[Update] Allow to skip fetching docker-compose
[Update] Check mulitple IPs
[Update] IMPORTANT: Remove old and unused bridges overlapping with the new bridge name. Important for older setups running updates
[Update] Update with "ours" is not recommended
[WEB] Fixed schema for add/dkim api docs
[WEB] fix undefined elements (#3651)
[Watchdog] Filter containers by compose project name
[Watchdog] Fix a Dovecot error message
[Watchdog] Less aggressive mailq alerting
[Watchdog] Minor change to Dovecot health check
[Watchdog] Send mails with priority 1
[Watchdog] Update compose file, update image
[Watchdog] Watch mail queue (added inexpensive check via "find" instead of adding an API endpoint to dockerapi-mailcow)
[Web] Add PHPMailer to quarantine file
[Web] Add SMTP rcpt to qitems, filter invalid addresses
[Web] Add hint to disallowed login string
[Web] Add hint to disallowed login string
[Web] Add password generator to domain admin and admin modals
[Web] Add sieve template, thanks to @Programmierus
[Web] Add smtp and header from to quarantine items, add more info to qhandler, allow to open qhandler links from qitem details
[Web] Added spam-score api docs (#3608)
[Web] Allow activation of own S/MIME Certificates in iOS configuration profile (#3622)
[Web] Allow mins_interval of max 1 month for sync jobs, fixes #3642
[Web] Allow underscore and hyphen in DKIM selector (#3643)
[Web] Change c_o to varchar 500
[Web] DNS: add link for downloading zonefile (WIP) (#3633)
[Web] Delete log lines containing ratelimit hash key when removing rate limit hashes from db
[Web] Disallow blacklisting of some special networks
[Web] Disallow web UI login, when domain is disabled
[Web] Expand IPv6 addresses for better comparison
[Web] Feature: Allow to view mailq item content via postcat
[Web] Fix PHPMailer, minor style change for quarantine rcpts
[Web] Fix Rspamd not drawing
[Web] Fix a bug that failed to edit Alias by address (#3574)
[Web] Fix duplicating DKIM keys: Duplicated keys were invalid, fixes #3578
[Web] Fix stupid mistake, thanks to @ntimo!
[Web] Fix symbol options encoding in rspamd item view
[Web] Fix transport password form size
[Web] Fix: show success message after quarantine action
[Web] Hide mobileconfig with DAV when SOGo is disabled
[Web] Improve SPF checks
[Web] Many language updates, THANK YOU!
[Web] Merge same notification types
[Web] More secure compose project name check
[Web] ROT13 footer html
[Web] Scroll admin tables
[Web] Shorten and sanitize downloaded file names, fixes too long file names in Firefox
[Web] Show textarea for queue item
[Web] Show transport password when editing a transport
[Web] Some minor changes to Aliases handling (#3572)
[Web] Update API docs
[Web] Update PHPMailer
[Web] Update libs
[Web] Update filename when downloading
[Web] Updated Yubico.php to v2.7 (#3535)
[Web] change autocomplete-behaviour on some forms
[Web] Clean PHP code by removing unused variables (#3646)

1. Identity management

inverse.ca did great job with implementing a new identity management.

By default, a user will – as always – see their aliases in a list to choose from:

In the “Email” -> “IMAP” preferences of SOGo, we can now create a custom identity for all associated alias addresses we created in mailcow UI and even set them as default:

Back in the email compose window we can now find the new default identity with our custom “From” header field preselected (if you don’t select it as default, it will obviously only show up as optional, selectable identity):

2. Indicator for expandable folders

By the way: We update the code on a regular basis, you don’t need to wait until we post these overviews. 🙂

Important changes for all moo cows

  • Please contact me, if you want to share your spam with mailcow => info@servercow.de
  • Elements blocked by blacklists via UI will not enter the quarantine
  • WIP and to be considered beta: Disable SOGo via “SKIP_SOGO” in mailcow.conf
  • API access can now be limited to CIDR notations
  • You can now disallow logins for mailboxes (int value 2 instead of 0 for inactive or 1 for active)
  • We do now log the matched string in netfilter-mailcow for bans instead of the regex
  • Allow to relay only non-local mailboxes
  • Rspamd 2.5
  • Remove policy checks from SPOOFED_UNAUTH, since SPF can be valid in envelope from, while forging the header from field
  • Show last IMAP and POP3 logins, toggle via vars.inc.php SHOW_LAST_LOGIN

A BIG THANK YOU to all supporters! Thank you so much for keeping mailcow alive. 🙂
Another BIG THANK YOU goes out to all contributors!

Changes (please also see the commit history)

[CI] New prepare-tests job
[CI] Update hmac
[Compose] Update Dovecot to implement #3428 by @feldsam
[Compose] Update PHP and netfilter
[Config] Add hint to not use some ports mentioned in the docs
[Config] Allow to disable SOGo (unsupported, experimental)
[Config] CIDR API_ALLOW_FROM only allowed via API
[Dovecot] Fix imapsync_cron
[Dovecot] Implement disallowed logins
[Dovecot] Quarantine template: added username variable
[Dovecot] Quarantine template: css for mobile devices (#3520)
[Dovecot] Quota template – colored bar based on % (#3525)
[Dovecot] Set repl health on start
[Dovecot] Syslog-ng match fixes
[Dovecot] WIP: Read env vars for cronjobs from prepared file
[Dovecot] fix error redirection at doveconf (#3500)
[Helper] Added name to backup and restore containers (#3477)
[Helper] Create tar archives for SQL backups
[Helper] Fix for numbers in compose project name
[Helper] Remove useless rsync
[Helper] Some minor improvements
[Helper] backup fixes
[Netfilter] Log matching string instead of regex
[Netfilter] Python 3.8 – SyntaxWarning for ‘is not’ (#3537)
[Nextcloud] Update helper
[Nextcloud] Updated site
[Nginx] Drop X-Powered-By via fastcgi_hide_header
[PHP-FPM, Config] API key generated via mailcow.conf has rw access
[PHP-FPM] Add API_KEY_READ_ONLY generation
[PHP-FPM] Increase timeouts
[PHP-FPM] Update some libs
[PHP-FPM] Update to PHP 7.4
[Postfix] Allow to relay only non-local mailboxes
[Postfix] Do not log tls sni maps errors from connections initiated by mailcow checks
[Postfix] Implement disallowed logins
[Rspamd] Add metadata exporter for unauthed mail
[Rspamd] Add more bulk headers
[Rspamd] And even more spam headers
[Rspamd] Block more “Promio” spam crap
[Rspamd] Disable upstream checks for SIEVE_HOST
[Rspamd] Fix quarantine and pushover notifications
[Rspamd] Increase bulk header score
[Rspamd] More spam headers
[Rspamd] Various Pushover fixes
[Rspamd] Quarantine notifications – don’t send if sender is blacklisted (#3428)
[Rspamd] Quarantine notifications – exclude blacklisted sender (#3446)
[Rspamd] Quarantine release – fix when sender is empty (#3445)
[Rspamd] Remove policy checks from SPOOFED_UNAUTH, since SPF can be valid in envelope from, while forging the header from field
[Rspamd] Remove upstream spam check results from mail by fwd hosts
[Rspamd] Restore add header forced action (#3440)
[Rspamd] Score spoofed senders higher
[Rspamd] Set bounce RL to 25 / 1h ; Fix BAZAR (test)
[Rspamd] Slightly reduce BAD REP POL score
[Rspamd] Use empty-env-from@localhost as placeholder for empty env from senders in quarantine
[Rspamd] v2.5
[SOGo] Allow to not spawn SOGo but an idling shell
[Update] Check mulitple IPs in update.sh to verify connection
[Update] Validate docker-compose stack config before updating
[Update] added –force mode to update skript (#3453)
[Watchdog] Watch replication, if any (unsupported)
[Web, Dovecot] Show last IMAP and POP3 logins, toggle via vars.inc.php SHOW_LAST_LOGIN
[Web] 2-digit dates for @patschi
[Web] Add domain statistics
[Web] Allow CIDR as allowed API networks; other minor fixes
[Web] Allow ratelimit time frame “day”; Allow to create announcements
[Web] Allow to split DKIM every 255 chars via vars.inc.php (fixes #3473)
[Web] Always scroll tables
[Web] Async Rspamd graph loading to prevent races (todo: changeme)
[Web] CSS fixes; Add OAUTH2_FORGET_SESSION_AFTER_LOGIN to vars.inc.php (wip); Do not run initdb on non-master cow
[Web] Date formats
[Web] Decrease footer top margin
[Web] Disable login for mailbox users, other SKIP_SOGO checks and fixes
[Web] Do not try to update sogo static view with skip_sogo y
[Web] Do not use EAS for Outlook by default
[Web] Encode footer, decode via JS
[Web] Fix U2F authentication, fixes #3468
[Web] Fix logout after oauth2 (if enabled)
[Web] Fix oAuth logout after authentication (if enabled)
[Web] Fix time limited alias creation via API, thanks to @ntimo
[Web] Fix typo and missing Dovecot restart function (fixes #3466)
[Web] Fixed DKIM regex to allow arguments after the public key (#3462)
[Web] Fixed read write API permissions (#3465)
[Web] Fixes blank page and fixes #3502
[Web] Minor change to app buttons, fixes ugly multi-button panel
[Web] Various fixes
[Web] Remove External as standard subfolder for sync jobs
[Web] Disallow a domain admin to set intersecting user ACLs
[Web] Allow Pushover and SOGo EAS cache reset by default, disallow profile reset by default
[Web] Remove sidebars from admin panel, add dropdowns
[Web] Restart Dovecot when changing global sieve filters, add a warning
[Web] Set appointment c_uid to varchar(1000), fixes errors with Caldavsynchronizer
[Web] Show label for relayed domains; Return total bytes and msgs of domain in API (WIP)
[Web] Show warning, when domain exhausted and only an unlimited mailbox could be created
[Web] Translation updates (THANKS!!!)
[Web] Updated Yubico.php to v2.7 (#3535)
[Web] Various language fixes (and sorting), Pushover lang fixes
[Web] r/o API keys, Pushover integration (can be limited by ACL), other minor changes

Did you know?

You can save the mailcow community as PWA on your smartphone.

Community PWA