🏮🐄 Moovember 2023 Update Revision A | Ratelimit Fixes, Domain Wide Footer Fixes

What's Changed

• [Update.sh] Fix repo change when running in forced mode by @DerLinkman in #5552
• Translations update from Weblate by @milkmaker in #5557
• [Web] add /api/v1/get/spam-score endpoint by @FreddleSpl0it in #5482
• Update dependency nextcloud/server to v27.1.4 by @renovate in #5559
• [Web][Rspamd] domain wide footer improvements and custom mailbox attributes by @FreddleSpl0it in #5555
• Detect docker compose version of form v2.x by @startnow65 in #5562
• Translations update from Weblate by @milkmaker in #5567
• Translations update from Weblate by @milkmaker in #5569
• Translations update from Weblate by @milkmaker in #5573
• [Postfix] update postscreen_access.cidr by @milkmaker in #5570
• [Rspamd] Fixed Ratelimit forced by global ratelimits by @DerLinkman in #5577
• [UI] Fixed showing of "disabled" placeholder for ratelimits in domains by @DerLinkman in 550b888
• Update Rspamd Image to 1.94 by @DerLinkman in 03aaf4a

New Contributors

• @startnow65 made their first contribution in #5562

Full Changelog: 2023-11...2023-11a

🏮🐄 Moovember 2023 Update | Quarantine Hotfix (Security), Rspamd 3.7.4, Synchronization Jobs, and Domain Wide Footer Fixes

Important Information

Please update to this mailcow Version as it includes a critial fix for the mailcow Quarantine UI. If you not use the Quarantine feature within mailcow you could skip this version.

A CVE with more informations will follow this week.

---

What's Changed

• Translations update from Weblate by @milkmaker in #5460
• ADD Brazilian Portuguese Translation by @pedroluccasc in #5470
• Translations update from Weblate by @milkmaker in #5471
• Translations update from Weblate by @milkmaker in #5472
• Update thollander/actions-comment-pull-request action to v2.4.3 by @renovate in #5484
• Update lang.fr-fr.json by @yvan-algoo in #5492
• Translations update from Weblate by @milkmaker in #5494
• Translations update from Weblate by @milkmaker in #5499
• [Rspamd] Update to 3.7.3 by @DerLinkman in #5455
• Update dependency nextcloud/server to v27.1.3 by @renovate in #5500
• [web] sk and cz translations by @feldsam in #5502
• Translations update from Weblate by @milkmaker in #5505
• fix: changed "Twitter" to "𝕏 (Twitter)" in README.md in Cowmunity Section by @BandhiyaHardik in #5508
• Fix for git < 2.7 by @SecT0uch in #5459
• Update lang.tr-tr.json by @burakbuylu in #5510
• [Postfix] update postscreen_access.cidr by @milkmaker in #5509
• [UI] Added a new Sieve Rule as Template by @EricThi & @DerLinkman in #5513
• Fix renovate regex by @MAGICCC in #5524
• Update nextcloud.conf when updating nextcloud by @MAGICCC in #5498
• Update actions/checkout action to v4 by @renovate in #5533
• Update actions/cache action to v3 by @renovate in #5532
• Add --dry IMAPsync Parameter as Button to select for SyncJobs by @raph-topo & @DerLinkman in #5521
• fix: support utf-8 in password synchronization by @Quiwy in #5530
• Add a helper script for generating CAA records by @artemislena in #5487
• Translations update from Weblate by @milkmaker in #5538
• Renovate should ignore everything in vendor subdirs by @MAGICCC in #5544
• [Web] escape quarantine html by @FreddleSpl0it in #5548
• Fix: Domain Wide Disclaimer breaks attachments visualization on Gmail and Outlook #5529 by @FreddleSpl0it in #5546

New Contributors

• @pedroluccasc made their first contribution in #5470
• @yvan-algoo made their first contribution in #5492
• @BandhiyaHardik made their first contribution in #5508
• @SecT0uch made their first contribution in #5459
• @burakbuylu made their first contribution in #5510
• @raph-topo made their first contribution in #5521
• @Quiwy made their first contribution in #5530
• @artemislena made their first contribution in #5487

Full Changelog: 2023-10a...2023-11

🎃🐄 Mooctober 2023 Update Revision A

What's Changed

• Fix Clamd Version image in compose in 5b8efeb
• Reverted restart action removal in docker-compose.yml for older 2.X compose versions 99de302

Full Changelog: 2023-10...2023-10a

🎃🐄 Mooctober 2023 Update | Domainwide Footer, cURL Fixes and more

What's Changed

• Update thollander/actions-comment-pull-request action to v2.4.1 by @renovate in #5377
• Update thollander/actions-comment-pull-request action to v2.4.2 by @renovate in #5379
• Update dependency nextcloud/server to v27.0.2 by @renovate in #5385
• Translations update from Weblate by @milkmaker in #5390
• Fix CPU load of dockerapi container by @mstilkerich in #5376
• Update config for nginx >=1.25.1 (http2, server_names_hash_max_size, server_names_hash_bucket_size) by @Dexus in #5383
• [Web] translated datatables to CZ and SK by @feldsam in #5404
• Update actions/checkout action to v4 by @renovate in #5409
• Translations update from Weblate by @milkmaker in #5410
• [Web] dark mode logo support by @feldsam in #5406
• [Web] Filter tables by Domain where possible by @feldsam in #5405
• [Web] BS5 styling fixes and enhancements by @feldsam in #5403
• [Web] apple config app passwords enhancements + translations by @feldsam in #4342
• Update rebuild_backup_image.yml by @MAGICCC in #5328
• Fix typo in German translation: by @papillon81 in #5414
• Update docker/build-push-action action to v5 by @renovate in #5415
• Update docker/login-action action to v3 by @renovate in #5416
• Update docker/setup-qemu-action action to v3 by @renovate in #5418
• Update docker/setup-buildx-action action to v3 - autoclosed by @renovate in #5417
• [Rspamd] add domain wide footer by @FreddleSpl0it in #5227
• Update dependency nextcloud/server to v27.1.0 by @renovate in #5422
• Update dependency nextcloud/server to v27.1.1 by @renovate in #5426
• Translations update from Weblate by @milkmaker in #5431
• mailcow.github.io -> docs.mailcow.email by @MAGICCC in #5432
• Translations update from Weblate by @milkmaker in #5434
• [Postfix] update postscreen_access.cidr by @milkmaker in #5398
• Update dependency nextcloud/server to v27.1.2 by @renovate in #5441
• Update ClamAV to latest LTS version 1.0.3 by @accolon in #5438
• Fix renovate to allow version extracts for Dockerfiles by @MAGICCC in #5436
• Improved the FQDN check and Ask before changing Git Repository URL in "update.sh" by @AlexHuebi in #5401
• Change column name in generate_config.sh by @MAGICCC in #5443
• [Unbound] Added Healthcheck for Unbound (Dockerfile and Compose) by @DerLinkman in #5451
• enable search in bodies from EAS by @cero1988 in #5402
• [Postfix] fix extra.cf updating by @Habetdin in #5372
• Update dependency phpredis/phpredis to v6 by @renovate in #5413
• Update dependency php/pecl-mail-mailparse to v3.1.6 by @renovate in #5442
• Update dependency composer/composer to v2.6.5 by @renovate in #5253

New Contributors

• @mstilkerich made their first contribution in #5376
• @Dexus made their first contribution in #5383
• @papillon81 made their first contribution in #5414
• @accolon made their first contribution in #5438
• @AlexHuebi made their first contribution in #5401
• @Habetdin made their first contribution in #5372

Full Changelog: 2023-09...2023-10
Blog Post for this Release: https://mailcow.email/posts/2023/release-2023-10/

Update 2023-09 (SOGo 5.9.0 Update)

⚠️ This Update only contains a critical fix with SOGo on macOS 14 (Sonoma). A bigger update will follow in early October 2023 ⚠️

What's Changed

• [SOGo] Update to 5.9.0 by @DerLinkman in #5433

Full Changelog: 2023-08...2023-09

🌻 🐄 Moogust Update 2023 - Spamhaus DQS Hotfixes

What's Changed

• Fix main.cf merging order by @sriccio in #5356
• [Postfix] rework dns_blocklists.cf generation by @FreddleSpl0it in #5359
• Add postscreen_dnsbl_reply_map to avoid disclosure of DQS key by @DocFraggle in #5357

Full Changelog: 2023-07a...2023-08

🍒 🐄 Mooly Update 2023 Revision A | SOGo 5.8.4 and Postfix Postscreen Fixes

What's Changed

• dns_blocklists.cf isn't appended to main.cf and therefore ineffective… by @DocFraggle in #5342
• Fix Reponse Code for ASN Checks by @DerLinkman in 6cf2775
• [Postfix] Reimplemented option for custom dnsbls by @DerLinkman in 0f33797
• [Postfix] Added dns_blocklists.cf for customizations by @DerLinkman in 6d17b9f
• [Postfix] update postscreen_access.cidr by @milkmaker in #5267
• Update SOGo to 5.8.4 by @DerLinkman in #5347
• Fix spamhaus query domains (.net only) by @DocFraggle in #5349

New Contributors

• @DocFraggle made their first contribution in #5342

Full Changelog: 2023-07...2023-07a

🍒 🐄 Mooly Update 2023 - Manageable CORS Settings and UI Improvements

Important

Before updating mailcow, make sure that the whois package is installed on your system.
A remote bad ASN Check has been implemented. Simply update your mailcow again to apply it :)

What's Changed

• [Dovecot] remove pass return in Dovecot lua auth by @DerLinkman in #5266
• Update thollander/actions-comment-pull-request action to v2.4.0 by @renovate in #5280
• Update dependency nextcloud/server to v27 by @renovate in #5284
• Update nextcloud heper script to disable SMTP TLS host verification by @superpuffin in #5283
• [API] Update swagger version to 5.1.0 by @MAGICCC in #5263
• Rspamd returns 401 on unsuccesful logins by @MAGICCC in #5262
• [Web] add cors to json_api by @FreddleSpl0it in #5213
• [Web] fix loading rspamd-history by @FreddleSpl0it in #5312
• [Dockerapi] add redis pubsub handler for broadcasting requests by @FreddleSpl0it in #5310
• [Rspamd] add dot-stuffing to bcc forwarding by @FreddleSpl0it in #5221
• [web] logger pdo exception handling workaround by @goodygh in #5215
• [Rspamd] Native mailcow Support for Securite ClamAV Signatures by @DerLinkman in #5316
• Fixes several instances of missing , extra role='tabpanel' and… by @SnailShea in #5315
• Update dependency nextcloud/server to v27.0.1 by @renovate in #5324
• Spamhaus DNSBL AS Detection by @DerLinkman #5295

New Contributors

• @superpuffin made their first contribution in #5283

Full Changelog: 2023-05a...2023-07

🌷🐄 Mooai Update 2023 - Revision A (⚠️ Critical Security Update ⚠️)

What's Changed

• Update dependency nextcloud/server to v26.0.2 by @renovate in #5254
• [Dovecot] remove pass return in Dovecot lua auth by @FreddleSpl0it in 67510ad
• [Dovecot] Update to 1.24 by @DerLinkman in f82aba3
• Changed maintainers to tinc (Dockerfiles) by @DerLinkman in 70aab75

---

Information about 2023-05a

This update contains a fix for a critical password change vulnerability in Dovecot (IMAP/POP3). We will release an official CVE in a few days (up to a week from now) with a detailed explanation and proof of concept for exploiting this desired security issue.

We strongly recommend that you update to 2023-05a ASAP as this problem persists for a longer period of time (before 2020).

Please check the linked CVE regarding this issue: CVE-2023-34108

Full Changelog: 2023-05...2023-05a

🌷🐄 Mooai Update 2023 - IMAP Performance + general Tweaks Update

What's Changed

• [Update.sh] Fix install docs link by @ewong012 in #5196
• Translations update from Weblate by @milkmaker in #5210
• Translations update from Weblate by @milkmaker in #5218
• [Web] Fix temporary email aliases sorting by @FreddleSpl0it in #5198
• [Web] fix rspamd table on sm devices by @FreddleSpl0it in #5204
• [Web] hide user tabs if acl is missing by @FreddleSpl0it in #5202
• [Web] fix bcc localdest selectpicker by @FreddleSpl0it in #5220
• [web] Fix typo in mobileconfig redirect by @goodygh in #5211
• [Dockerapi] Fix typo in dockerapi sieve print by @FreddleSpl0it in #5201
• Add IP Connect Inc to bad_asn.map by @MAGICCC in #5203
• [Web] Fix BCC validation by @FreddleSpl0it in #5197
• [Web] Fix deleting sender_acl when mbox is deleted by @FreddleSpl0it in #5200
• Clean up old entries from sasl_log by @mkuron in #5205
• Update alpine Docker tag to v3.18 by @renovate in #5231
• Enable maildir_very_dirty_syncs by default by @Daniel15 in #4028
• Add GitHub action update_postscreen_access_list.yml by @MAGICCC in #5214

New Contributors

• @ewong012 made their first contribution in #5196
• @Daniel15 made their first contribution in #4028

Full Changelog: 2023-04b...2023-05
**Blog Post: https://mailcow.email/2023/posts/2023/release-2023-05