Releases: stalwartlabs/mail-server
v0.8.1
[0.8.1] - 2024-05-23
To upgrade replace the stalwart-mail
binary and then upgrade to the latest web-admin and spam filter versions.
Added
- POP3 support.
- DKIM signature length exploit protection.
- Faster email deletion.
- Junk/Trash folder auto-expunge and changelog auto-expiry (#403)
- IP allowlists.
- HTTP Strict Transport Security option.
- Add TLS Reporting DNS entry (#464).
Changed
- Use separate account for master user.
- Include server hostname in SMTP greetings (#448).
Fixed
- IP addresses trigger
R_SUSPICIOUS_URL
false positive (#461 #419). - JMAP identities should not return null signatures.
- Include authentication headers and check queue quotas on Sieve message forwards.
- ARC seal using just one signature.
- Remove technical subdomains from MTA-STS policies and TLS records (#429).
v0.8.0
[0.8.0] - 2024-05-13
This version uses a different database layout which is incompatible with previous versions. Please read the UPGRADING.md file for more information on how to upgrade from previous versions.
Added
- Clustering support with node auto-discovery and partition-tolerant failure detection.
- Autoconfig and MS Autodiscover support (#336)
- New variables
retry_num
,notify_num
,last_error
addlast_status
available in queue expressions. - Performance improvements, in particular for FoundationDB.
- Improved full-text indexing with lower disk space usage.
- MTA-STS policy management.
- TLSA Records generation for DANE (#397)
- Queued message visualization from the web-admin.
- Master user support.
Changed
- Make
certificate.*
local keys by default. - Removed
server.run-as.*
settings. - Add Microsoft Office Macro types to bad mime types (#391)
Fixed
- mySQL TLS support (#415)
- Resolve file macros after dropping root privileges.
- Updated order of SPF Records (#395).
- Avoid duplicate accountIds when using case insensitive external directories (#399)
authenticated_as
variable not usable for must-match-sender (#372)- Remove
StandardOutput
,StandardError
in service (#390) - SMTP
AUTH=LOGIN
compatibility issues with Microsoft Outlook (#400)
v0.7.3
[0.7.3] - 2024-05-01
To upgrade replace the stalwart-mail
binary and then upgrade to the latest web-admin version.
Added
- Full database export and import functionality
- Add --help and --version command line arguments (#365)
- Allow catch-all addresses when validating must match sender
Changed
- Add
groupOfUniqueNames
to the list of LDAP object classes
Fixed
v0.7.2
[0.7.2] - 2024-04-17
To upgrade replace the stalwart-mail
binary and then upgrade to the latest web-admin version.
Added
Changed
Fixed
- Startup failure when Elasticsearch is down/starting up (#334)
- URL decode path elements in REST API.
v0.7.1
v0.7.0
[0.7.0] - 2024-04-09
This version uses a different database layout and introduces multiple breaking changes in the configuration files. Please read the UPGRADING.md file for more information on how to upgrade from previous versions.
Added
- Web-based administration interface.
- REST API for management and configuration.
- Automatic RSA and ED25519 DKIM key generation.
- Support for compressing binaries in the blob store (#227).
- Improved performance accessing IMAP mailboxes with a large number of messages.
- Support for custom DNS resolvers.
- Support for multiple loggers with different levels and outputs.
Changed
Fixed
v0.6.0
[0.6.0] - 2024-02-14
This version introduces breaking changes in the configuration file. Please read the UPGRADING.md file for more information on how to upgrade from previous versions.
Added
- Distributed and fault-tolerant SMTP message queues.
- Distributed rate-limiting and fail2ban.
- Expressions in configuration files.
Changed
Fixed
- Do not include
STATUS
in IMAPNOOP
responses (#234). - Allow multiple SMTP
HELO
commands. - Redirect OAuth using a
301
instead of a307
code.
v0.5.3
[0.5.3] - 2024-01-14
Please read the UPGRADING.md file for more information on how to upgrade from previous versions.
Added
- Built-in fail2ban and IP address/mask blocking (#164).
- CLI: Read URL and credentials from environment variables (#88).
- mySQL driver: Add
max-allowed-packet
setting (#201).
Changed
- Unified storage settings for all services (read the UPGRADING.md for details)
Fixed
v0.5.2
[0.5.2] - 2024-01-07
Please read the UPGRADING.md file for more information on how to upgrade from previous versions.
Added
- ACME support for automatic TLS certificate generation and renewal (#160).
- TLS certificate hot-reloading.
- HAProxy protocol support (#36).
Changed
Fixed
- IMAP command
SEARCH <seqnum>
is using UIDs rather than sequence numbers. - IMAP responses to
APPEND
andEXPUNGE
should includeHIGHESTMODSEQ
whenCONDSTORE
is enabled.
v0.5.1
[0.5.1] - 2024-01-02
Added
- SMTP smuggling protection: Sanitization of outgoing messages that do not use
CRLF
as line endings. - SMTP sender validation for authenticated users: Added the
session.auth.must-match-sender
configuration option to enforce that the sender address used in theMAIL FROM
command matches the authenticated user or any of their associated e-mail addresses.
Changed
Fixed
- Invalid DKIM signatures for empty message bodies.
- IMAP command
SEARCH BEFORE
is not properly parsed. - IMAP command
FETCH
fails to parse single arguments without parentheses. - IMAP command
ENABLE QRESYNC
should also enableCONDSTORE
extension. - IMAP response to
ENABLE
command does not include enabled capabilities list. - IMAP response to
FETCH ENVELOPE
should not returnNIL
when theFrom
header is missing.