mailcow-dockerized

Moohoo everyone, March is here and by the end of the month it will be spring again.
Surely the last few days were as scary for you as they were for us.

🇺🇦 Ukraine, we are standing with you!

Let's move on to the March update of our mailcow.
Spoilers ahead, the March update is not that full and extensive but there are some nice updates included in terms of long term (I'm looking at you ClamAV and Olefy!).

So let's get to it!

Docker Image Changes:

• Dovecot has been updated to 1.161 (Imapsync + Dovecot update).
• Olefy was updated to 1.9 (Olefy Update)
• Rspamd was updated to 1.80 (Olefy update)
• ClamAV was updated to 1.44

Important changes:

• ClamAV has been updated to version 0.104.2, with this version we are secured for the long term (bye bye 0.103.X). Actually only the Docker image process has changed, the rest is running as usual. If not please open an issue on GitHub!
• Dovecot has been updated to 2.3.18. This also brings us closer to moving from Solr to Xapian, more on that when we get to a viable point.
• IMAPSync has been updated to version 2.178 (within Dovecot).
• Oletools have been changed to a new upstream (now uses @decalage2's repository).

Minor changes:

• The changed doc paths (internal) were not adjusted in the mailcow UI, so you saw a 404 page. This has been fixed.
• The WATCHDOG_NOTIFY_EMAIL string had been giving a warning in the console (when starting the stack) if the variable was empty, this has been removed as the string is now set to NULL (if empty).
• We´ve Updated the nsyslog-ng Version to 3.28 (fixes a warning in console right after Dovecot started)

Currently, the following has never been more important: stay healthy and even more important: take care of you!

Niklas

Moohoo everyone.

Today we are releasing the first hotfix for the 2022-01 Update.

This has changed:

Additions:

• We´ve added a Version Tag which is located at the bottom of the mailcow UI (It now shows the current release tag you are on!) Isn´t that crazy? (https://github.com/mailcow/mailcow-dockerized/pull/4437)

Changes:

• The passwordless SOGo Authentication is now supporting calender invitations and calender/contact subscriptions (https://github.com/mailcow/mailcow-dockerized/pull/4439)
• The Autoreply Schedule for SOGo has been changed from 24h to 5m (https://github.com/mailcow/mailcow-dockerized/pull/4441)

Fixes:

• We fixed a bug with the FIDO2 Passwordless Authentication (https://github.com/mailcow/mailcow-dockerized/pull/4440)

To include the latest patches from inverse we updated the SOGo Container to the latest nightly build (2022-02-01). It´ll keep the same Tag as the previous release.

Moohoo everyone, Niklas here with the latest changelog for our beloved mailcow email software!

This month there is a big chunk of changes, some of them even very important regarding 2FA, but more about that later.

First of all we would like to thank you for your loyalty and cooperation, because without you the mailcow project wouldn't be where it is now ❤️

We would also like to apologize for the fact that we are only now releasing a new update (master branch release), because some of the fixes included in this update (SOGo e.g. with the greyed out save button in the redirects or the Olefy Ping fix, which solves a console spam) should have been fixed already... We promise improvement at this point!

You probably already think: "Shorter please?"... it's alright! Here are the changes (in short!)

Very Important changes:

With the January 2022 update, the previously used U2F API (for 2-factor authentication) will be replaced by the newer WebAuthn API.

What does this mean for you?
Well, if you have already registered a FIDO2 security key as 2FA via U2F and you apply the update, you will be greeted by a message saying that your FIDO2 key is still running via U2F and will therefore be removed from the account as 2FA. But don't worry! As soon as you are back in the admin administration you can simply register the same key again, but this time as WebAuthn (not U2F).

The process is the same, even the position of the button to start the registration is the same, so you should be able to set up and use your key without any problems.

Thanks to @FreddleSpl0it for the implementation!

In our documentation you will find more detailed information about this.

Important changes:

• Sogo was updated to version 5.5.0. Yay, finally no more grayed out buttons in the submenus!
• The log4j fix (in Solr) has been improved again. On the advice of the German Federal Office for Information Security, we have removed the affected log4j class. The Solr container was not accessible from the Internet at any time.
• On the advice of the German Federal Office for Information Security we updated ClamAV to 0.103.5 because it was vulnerable to a Denial of Service attack.
• In the Olefy container, the annoying ping error (spam from Olefy in the console) has finally been fixed! Thanks to @16bitsysop for the fix! --> Fixing issue #4401
• Due to the update to Alpine 3.15 or higher the acme container has changed the SSL folder (Also already sporadically with acme-mailcow 1:79), this was fixed by @mkuron. Thanks for that. --> Fixing issue #4392
• We have fixed the bugs regarding GeoIP and netfilter (or rather @marcvorwerk did) --> Fixing issue #2668

There were many more! But that would go beyond the scope here, just have a look at the pull request for this update, then you will see the whole extent.

Once again, thank you to all the contributors and donors.

On behalf of the Servercow/mailcow/tinc team we wish you (wherever you are) a pleasant morning, noon or evening and stay healthy!