🌌🐮 Mooay 2022 Update – The Tag Update

What's Changed

• [NGINX] Added new Proxy Buffers to the /SOGo Section by @DerLinkman in #4536
• [Dovecot] Disable imapsync job, when auth details are wrong. Fixes #4276 by @feldsam in #4540
• [Clamd] fix whitelist by @feldsam in #4541
• [Netfilter] Exclude banning IPs when dovecot server not reacheble by @dragoangel in #4545
• [Web] Make TLS policy toggles accessible by @mkuron in #4556
• [API] Add version endpoint by @larsl-net in #4557
• Add Domain and Mailbox tagging by @FreddleSpl0it in #4569
• [SOGo] Update to 5.6.0 by @DerLinkman in #4570
• [Update.sh] Added skip-ping-check Variable by @DerLinkman in #4558

Full Changelog: 2022-04...2022-05

🐄🐰 Moopril 2022 - ClamAV, Rspamd, SOGo Update

What's Changed

• Update lang.en.json by @ptoone in #4511
• [Web] Fix missing rspamd description by @FreddleSpl0it in #4512
• Enable autodiscover to work with app passwords by @mkuron in #4516
• [Postfix] update postscreen access list by @AikoAppeldorn in #4515
• Translations update from Weblate by @milkmaker in #4523
• [Rspamd] Update Rspamd to 3.2.1 by @DerLinkman in #4526
• [ClamAV] Move to official ClamAV Docker container by @MAGICCC in #4525
• Translations update from Weblate by @milkmaker in #4529
• [SOGo] Update SOGo to 5.5.1 by @DerLinkman in #4506
• 🐄🐰 Moopril 2022 - ClamAV, Rspamd, SOGo Update by @DerLinkman in #4533

Full Changelog: 2022-03a...2022-04

🐄💮 Moorch Update 2022 - Revision A | Changelog

Moohoo everyone!

We have released an impromptu bug fix update that fixes a few minor bugs and graphical issues.

These are only minor changes this time, but as the saying goes, "Every little bit helps".

---

• We have moved the version footer back to the correct position. Faithful to the motto: Stay were you are! (Commits: d52323d a1a96bf bdd8b4a)
• We have improved the release tag handling with the version footer. (Commits: f3f6fb8 a1a96bf)
• The backup and restore script now uses Debian Bullseye instead of Buster. (Commit: 769e088)
• We fixed the bug that the spam alias of an alias domain was not deleted. (Commit: b820096)
• We updated Twig + dependencies to 3.3.8 to close a security hole concerning Twig. (Commit: 98bc947)

---

That's about it. We hope you are all well and healthy.

See you at the next update!

Stay healthy
Niklas

🐄💮 Moorch Update 2022 - ClamAV, Dovecot & Olefy Update | Changelog

Moohoo everyone, March is here and by the end of the month it will be spring again.
Surely the last few days were as scary for you as they were for us.

🇺🇦 Ukraine, we are standing with you!

Let's move on to the March update of our mailcow.
Spoilers ahead, the March update is not that full and extensive but there are some nice updates included in terms of long term (I'm looking at you ClamAV and Olefy!).

So let's get to it!

---

Docker Image Changes:

• Dovecot has been updated to 1.161 (Imapsync + Dovecot update).
• Olefy was updated to 1.9 (Olefy Update)
• Rspamd was updated to 1.80 (Olefy update)
• ClamAV was updated to 1.44

Important changes:

• ClamAV has been updated to version 0.104.2, with this version we are secured for the long term (bye bye 0.103.X). Actually only the Docker image process has changed, the rest is running as usual. If not please open an issue on GitHub!
• Dovecot has been updated to 2.3.18. This also brings us closer to moving from Solr to Xapian, more on that when we get to a viable point.
• IMAPSync has been updated to version 2.178 (within Dovecot).
• Oletools have been changed to a new upstream (now uses @decalage2's repository).

Minor changes:

• The changed doc paths (internal) were not adjusted in the mailcow UI, so you saw a 404 page. This has been fixed.
• The WATCHDOG_NOTIFY_EMAIL string had been giving a warning in the console (when starting the stack) if the variable was empty, this has been removed as the string is now set to NULL (if empty).
• We´ve Updated the nsyslog-ng Version to 3.28 (fixes a warning in console right after Dovecot started)

---

Currently, the following has never been more important: stay healthy and even more important: take care of you!

Niklas

🐄 Jan(moo)uary Update 2022 - Revision A (2022-01a) 🪲

Moohoo everyone.

Today we are releasing the first hotfix for the 2022-01 Update.

This has changed:

---

Additions:

• We´ve added a Version Tag which is located at the bottom of the mailcow UI (It now shows the current release tag you are on!) Isn´t that crazy? (#4437)

---

Changes:

• The passwordless SOGo Authentication is now supporting calender invitations and calender/contact subscriptions (#4439)
• The Autoreply Schedule for SOGo has been changed from 24h to 5m (#4441)

---

Fixes:

• We fixed a bug with the FIDO2 Passwordless Authentication (#4440)

---

To include the latest patches from inverse we updated the SOGo Container to the latest nightly build (2022-02-01). It´ll keep the same Tag as the previous release.

---

🐄 Jan(moo)uary Update 2022 - The U2F --> WebAuthn (2FA) Update

Moohoo everyone, Niklas here with the latest changelog for our beloved mailcow email software!

This month there is a big chunk of changes, some of them even very important regarding 2FA, but more about that later.

First of all we would like to thank you for your loyalty and cooperation, because without you the mailcow project wouldn't be where it is now ❤️

We would also like to apologize for the fact that we are only now releasing a new update (master branch release), because some of the fixes included in this update (SOGo e.g. with the greyed out save button in the redirects or the Olefy Ping fix, which solves a console spam) should have been fixed already... We promise improvement at this point!

You probably already think: "Shorter please?"... it's alright! Here are the changes (in short!)

---

Very Important changes:

With the January 2022 update, the previously used U2F API (for 2-factor authentication) will be replaced by the newer WebAuthn API.

What does this mean for you?
Well, if you have already registered a FIDO2 security key as 2FA via U2F and you apply the update, you will be greeted by a message saying that your FIDO2 key is still running via U2F and will therefore be removed from the account as 2FA. But don't worry! As soon as you are back in the admin administration you can simply register the same key again, but this time as WebAuthn (not U2F).

The process is the same, even the position of the button to start the registration is the same, so you should be able to set up and use your key without any problems.

Thanks to @FreddleSpl0it for the implementation!

In our documentation you will find more detailed information about this.

Important changes:

• Sogo was updated to version 5.5.0. Yay, finally no more grayed out buttons in the submenus!
• The log4j fix (in Solr) has been improved again. On the advice of the German Federal Office for Information Security, we have removed the affected log4j class. The Solr container was not accessible from the Internet at any time.
• On the advice of the German Federal Office for Information Security we updated ClamAV to 0.103.5 because it was vulnerable to a Denial of Service attack.
• In the Olefy container, the annoying ping error (spam from Olefy in the console) has finally been fixed! Thanks to @16bitsysop for the fix! --> Fixing issue #4401
• Due to the update to Alpine 3.15 or higher the acme container has changed the SSL folder (Also already sporadically with acme-mailcow 1:79), this was fixed by @mkuron. Thanks for that. --> Fixing issue #4392
• We have fixed the bugs regarding GeoIP and netfilter (or rather @marcvorwerk did) --> Fixing issue #2668

---

There were many more! But that would go beyond the scope here, just have a look at the pull request for this update, then you will see the whole extent.

Once again, thank you to all the contributors and donors.

On behalf of the Servercow/mailcow/tinc team we wish you (wherever you are) a pleasant morning, noon or evening and stay healthy!