HTTP/2 200 date: Wed, 30 Jul 2025 02:02:39 GMT content-type: application/atom+xml; charset=utf-8 content-length: 214106 vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, X-Requested-With,Accept-Encoding, Accept, X-Requested-With etag: W/"b2212afaa3af4e215f2840ddf3dbe98c" cache-control: max-age=0, private, must-revalidate strict-transport-security: max-age=31536000; includeSubdomains; preload x-frame-options: deny x-content-type-options: nosniff x-xss-protection: 0 referrer-policy: no-referrer-when-downgrade content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com release-assets.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com copilotprodattachments.blob.core.windows.net/github-production-copilot-attachments/ github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/ server: github.com accept-ranges: bytes set-cookie: _gh_sess=rEwjacJM%2F7%2FEoEatsuK1O6tRVCW8POf5LHVKmBkqvifAQarPqWhC8ncJcBkZDVOD5oKBClmGOHnWh66Zo1VpwGaXTb8T6X6ziQXhXIVdaBIYUHFJYxQ1YQwlaoa03BURw%2FBUE58MUddUaCZhOhM3iiTAhSG56zxa5bmh6ftqRHdQOT%2FLsEeiCQjQVNZuOdGVzaYnilg0V2Vn1xY2el6nZL5mDiHAdWjfwO1ibZ2DJegUHJrL9HwTsojMeLH0MRathIHu8BCr6Vkm5gEt8Xu%2Bjg%3D%3D--tzgLxTMDZcNRYRxc--SXXI%2Fwxac6PU5MK1uGPxSw%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax set-cookie: _octo=GH1.1.394020425.1753840959; Path=/; Domain=github.com; Expires=Thu, 30 Jul 2026 02:02:39 GMT; Secure; SameSite=Lax set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Thu, 30 Jul 2026 02:02:39 GMT; HttpOnly; Secure; SameSite=Lax x-github-request-id: 9F30:339E63:1039B4D:138E166:68897D3F tag:github.com,2008:https://github.com/mjl-/mox/releases 2025-04-18T19:25:54Z tag:github.com,2008:Repository/595136650/v0.0.15 2025-04-18T19:47:02Z <h1>New features</h1> <ul> <li>Implement IMAP NOTIFY extension from RFC 5465. Where IDLE is for monitoring a<br> single mailbox, NOTIFY allows monitoring many/all mailboxes in an account at<br> once. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/8bab38eac4c543fef3e6d008d7d720e6a30484c0/hovercard" href="https://github.com/mjl-/mox/commit/8bab38eac4c543fef3e6d008d7d720e6a30484c0"><tt>8bab38e</tt></a>)</li> <li>Implement IMAP UIDONLY extension, RFC 9586, greatly reducing data<br> accounting and memory use for IMAP connections (once clients support it).<br> (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/507ca73b96ac0a5af16047a6e6e9dd707e8d784a/hovercard" href="https://github.com/mjl-/mox/commit/507ca73b96ac0a5af16047a6e6e9dd707e8d784a"><tt>507ca73</tt></a>)</li> <li>Implement IMAP MULTISEARCH extension, searching multiple mailboxes with a single<br> command. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/479bf291248947db02553a963f9e9162be9665fa/hovercard" href="https://github.com/mjl-/mox/commit/479bf291248947db02553a963f9e9162be9665fa"><tt>479bf29</tt></a>)</li> <li>Implement IMAP PREVIEW extension (RFC 8970), and store previews in<br> the message database. Automatically generated and stored on first request for<br> existing messages, or during delivery for new messages. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/aa631c604c1922d0eef8e2a2227c58310c759cb8/hovercard" href="https://github.com/mjl-/mox/commit/aa631c604c1922d0eef8e2a2227c58310c759cb8"><tt>aa631c6</tt></a>,<br> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/6ab31c15b79879200fa67ae040a35847a823aa25/hovercard" href="https://github.com/mjl-/mox/commit/6ab31c15b79879200fa67ae040a35847a823aa25"><tt>6ab31c1</tt></a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/3ac38aacca279219f420dd64f7ee119e06aa7208/hovercard" href="https://github.com/mjl-/mox/commit/3ac38aacca279219f420dd64f7ee119e06aa7208"><tt>3ac38aa</tt></a>)</li> <li>Implement IMAP REPLACE extension, RFC 8508, used for replacing drafts<br> as they are typed. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/92a87acfcbb550b12e16dc6676bc73a0a007ef0f/hovercard" href="https://github.com/mjl-/mox/commit/92a87acfcbb550b12e16dc6676bc73a0a007ef0f"><tt>92a87ac</tt></a>)</li> <li>Implement MULTIAPPEND extension, RFC 3502, for appending multiple messages in<br> a single command, useful for importing messages into a mailbox. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/78e0c0255f8d4bfb225cfca4325f2050895d5920/hovercard" href="https://github.com/mjl-/mox/commit/78e0c0255f8d4bfb225cfca4325f2050895d5920"><tt>78e0c02</tt></a>)</li> <li>Implement IMAP METADATA extension, RFC 5464 (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/f30c44eddb208ef871b96d6789a47ea1a8fc987a/hovercard" href="https://github.com/mjl-/mox/commit/f30c44eddb208ef871b96d6789a47ea1a8fc987a"><tt>f30c44e</tt></a>,<br> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/28091364514efe0080aabad2acfdacffa14cb38f/hovercard" href="https://github.com/mjl-/mox/commit/28091364514efe0080aabad2acfdacffa14cb38f"><tt>2809136</tt></a>, <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2856408351" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/290" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/290/hovercard" href="https://github.com/mjl-/mox/issues/290">#290</a>)</li> <li>Implement RFC 9590, returning metadata in the IMAP extended list<br> command (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/0ed820e3b084e1d1cbd4e95a5457692519694108/hovercard" href="https://github.com/mjl-/mox/commit/0ed820e3b084e1d1cbd4e95a5457692519694108"><tt>0ed820e</tt></a>)</li> <li>Implement IMAP "INPROGRESS" response code (RFC 9585) for keepalive<br> and progress reportng during long search. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/cc5e3165eaf6ed3abe8b2eb8b79d0b9bcdfcabc0/hovercard" href="https://github.com/mjl-/mox/commit/cc5e3165eaf6ed3abe8b2eb8b79d0b9bcdfcabc0"><tt>cc5e316</tt></a>)</li> <li>Announce support for IMAP NAMESPACE extension in imap<br> capabilities line. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/95d2002e776213df40c3e576acc6f1bc62ff04fd/hovercard" href="https://github.com/mjl-/mox/commit/95d2002e776213df40c3e576acc6f1bc62ff04fd"><tt>95d2002</tt></a>)</li> <li>Implement IMAP WITHIN extension, RFC 5032, for additional search command<br> criteria. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/5e4d80d48e1d33843f6a95aa26cfbc320f1f8f6e/hovercard" href="https://github.com/mjl-/mox/commit/5e4d80d48e1d33843f6a95aa26cfbc320f1f8f6e"><tt>5e4d80d</tt></a>)</li> <li>Implement IMAP CREATE-SPECIAL-USE extension for the mailbox<br> create command, part of RFC 6154. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/dcaa99a85c0021d1c4aa0ddd7d199b730097b643/hovercard" href="https://github.com/mjl-/mox/commit/dcaa99a85c0021d1c4aa0ddd7d199b730097b643"><tt>dcaa99a</tt></a>)</li> <li>Implement IMAP SAVEDATE extension, RFC 8514. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/7288e038e67fa877a8a568ff67cfd850f07bbbf3/hovercard" href="https://github.com/mjl-/mox/commit/7288e038e67fa877a8a568ff67cfd850f07bbbf3"><tt>7288e03</tt></a>)</li> <li>Keep track of login attempts, both successful and failures. Now shown in<br> account and admin interfaces. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/1277d78cb1a0daa1825e4f470e3bd8ec59b6de90/hovercard" href="https://github.com/mjl-/mox/commit/1277d78cb1a0daa1825e4f470e3bd8ec59b6de90"><tt>1277d78</tt></a>)</li> <li>Add config domain option for multiple localpart catch all separators, e.g.<br> both "+" and "-", for addresses <a href="mailto:you+anything@example.com">you+anything@example.com</a> and<br> <a href="mailto:you-anything@example.com">you-anything@example.com</a>. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2887550556" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/301" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/301/hovercard" href="https://github.com/mjl-/mox/issues/301">#301</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/9a8bb1134b1b358a600e313477e7ef54a5b411ec/hovercard" href="https://github.com/mjl-/mox/commit/9a8bb1134b1b358a600e313477e7ef54a5b411ec"><tt>9a8bb11</tt></a>)</li> <li>Add account config option to prevent the account for setting their own custom<br> password, only allowing mox to generate a new password, and enable by default<br> for new accounts. Should prevent password reuse and users picking weak<br> passwords, but does not prevent password phishing. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2842008271" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/286" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/286/hovercard" href="https://github.com/mjl-/mox/issues/286">#286</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/3e53abc4dbed4e6d72733ea1a25b22cd7a55ceb9/hovercard" href="https://github.com/mjl-/mox/commit/3e53abc4dbed4e6d72733ea1a25b22cd7a55ceb9"><tt>3e53abc</tt></a>)</li> <li>Add config options to disable a domain and to disable logins for an account.<br> (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2332640986" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/175" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/175/hovercard" href="https://github.com/mjl-/mox/issues/175">#175</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/2d3d726f058067bc0be94d8a7c9f8b0a6cbcdae5/hovercard" href="https://github.com/mjl-/mox/commit/2d3d726f058067bc0be94d8a7c9f8b0a6cbcdae5"><tt>2d3d726</tt></a>)</li> <li>Add account config option to reject incoming deliveries with an error during<br> the smtp transaction. Useful for rejecting deliveries to specific addresses when<br> a catchall is configured. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2255134267" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/156" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/156/hovercard" href="https://github.com/mjl-/mox/issues/156">#156</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/3e2695323c1e80ada525514c9da47c8b5d8b5486/hovercard" href="https://github.com/mjl-/mox/commit/3e2695323c1e80ada525514c9da47c8b5d8b5486"><tt>3e26953</tt></a>)</li> <li>webmail: Add buttons to download a message as eml, and export 1 or more<br> messages as mbox/maildir in zip/tgz/tar, like for entire mailboxes.<br> (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/a5d74eb7185ccf7fc4f578aed9830473b3837312/hovercard" href="https://github.com/mjl-/mox/commit/a5d74eb7185ccf7fc4f578aed9830473b3837312"><tt>a5d74eb</tt></a>)</li> <li>webmail: Add button to create a mailbox below another one, for convenience.<br> (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/ef77f58e086b8dba1705d03382ad8354be138384/hovercard" href="https://github.com/mjl-/mox/commit/ef77f58e086b8dba1705d03382ad8354be138384"><tt>ef77f58</tt></a>)</li> <li>webmail: Add button to mark a mailbox and its children as read.<br> (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/ad26fd265d58fd3de358dce916eb76ce1de49203/hovercard" href="https://github.com/mjl-/mox/commit/ad26fd265d58fd3de358dce916eb76ce1de49203"><tt>ad26fd2</tt></a>)</li> </ul> <h1>Improvements</h1> <ul> <li>Write base64 message parts with 76 data bytes on a line instead of 78, as<br> required by RFC 2045 (MIME). The 78 byte lines work as well, except that<br> SpamAssassin gives them a higher spam score.<br> (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/69d2699961683d7325a7e86c5d056f169d10894d/hovercard" href="https://github.com/mjl-/mox/commit/69d2699961683d7325a7e86c5d056f169d10894d"><tt>69d2699</tt></a>)</li> <li>Change "mox backup $destdir" from storing only data files to $destdir to<br> storing them under $destdir/data and now also copying config files, to<br> $destdir/config. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2228638974" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/150" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/150/hovercard" href="https://github.com/mjl-/mox/issues/150">#150</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/76e96ee673f83be3566fd8d2a252a32eaf920c0d/hovercard" href="https://github.com/mjl-/mox/commit/76e96ee673f83be3566fd8d2a252a32eaf920c0d"><tt>76e96ee</tt></a>)</li> <li>quickstart: Check if domain was registered recently using RDAP, and warn<br> about potential deliverability issues. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/2f0997682beb5c655cdc22a384cf929dbf080ab5/hovercard" href="https://github.com/mjl-/mox/commit/2f0997682beb5c655cdc22a384cf929dbf080ab5"><tt>2f09976</tt></a>)</li> <li>Hide version number from smtp banner and imap ID command response (when<br> unauthenticated), and web interfaces. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/68729fa5a31223b949785ccfb7edbe5fe0bf15dc/hovercard" href="https://github.com/mjl-/mox/commit/68729fa5a31223b949785ccfb7edbe5fe0bf15dc"><tt>68729fa</tt></a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/3a3a11560e1770db8f38598fd666080cb5575ce8/hovercard" href="https://github.com/mjl-/mox/commit/3a3a11560e1770db8f38598fd666080cb5575ce8"><tt>3a3a115</tt></a>, <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2952809307" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/322" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/322/hovercard" href="https://github.com/mjl-/mox/issues/322">#322</a>)</li> <li>When adding a new domain, only set up RSA DKIM keys, not ed25519. The ed25519<br> key is causing admin confusion due to many other mail servers not recognizing<br> the keys and sending DMARC reports containing unhelpful DKIM verification<br> errors. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2883674929" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/299" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/299/hovercard" href="https://github.com/mjl-/mox/issues/299">#299</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/2fc75b5b7b7baff2565407b4c106af9a1a861c9c/hovercard" href="https://github.com/mjl-/mox/commit/2fc75b5b7b7baff2565407b4c106af9a1a861c9c"><tt>2fc75b5</tt></a>)</li> <li>webmail: Reconnect automatically in more cases, changing the "stop<br> reconnection automatically" period from 10 minutes to 5 seconds. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/5dcf67476166ddfcb6b2fdc3f76d0ffb4e8074e3/hovercard" href="https://github.com/mjl-/mox/commit/5dcf67476166ddfcb6b2fdc3f76d0ffb4e8074e3"><tt>5dcf674</tt></a>)</li> <li>webmail: For "cid"/content-id's used in html, look for them in all other<br> parts, not just when there is a multipart/related in the message. Fixes<br> displaying messages sent by the gmail app, which sends messages with a MIME form<br> of multipart/mixed containing text/html and image/jpeg. We were only resolving<br> "cid"s in multipart/related, now we resolve them anywhere in the message. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2971700502" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/327" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/327/hovercard" href="https://github.com/mjl-/mox/issues/327">#327</a>,<br> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/462568d878e7a1df5c7f2b018a8cef29117d8319/hovercard" href="https://github.com/mjl-/mox/commit/462568d878e7a1df5c7f2b018a8cef29117d8319"><tt>462568d</tt></a>)</li> <li>Add support for negotiating IMAP and SMTP on the HTTPS port 443 using TLS<br> ALPN "imap" and "smtp". Intended for future use with chatmail servers. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2689682508" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/255" data-hovercard-type="pull_request" data-hovercard-url="/mjl-/mox/pull/255/hovercard" href="https://github.com/mjl-/mox/pull/255">#255</a>,<br> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/3c77e076e228881ca4bed78a213abfd74e364ea6/hovercard" href="https://github.com/mjl-/mox/commit/3c77e076e228881ca4bed78a213abfd74e364ea6"><tt>3c77e07</tt></a>)</li> <li>imapserver: Return all the optional extensible fields for "fetch" attribute<br> "bodystructure", notably for content-disposition. Makes the gmail apps show<br> image attachments properly, instead of rendering the image bytes as (garbled)<br> text. This requires reparsing all messages, which is done automatically, in the<br> background, on first account open after the upgrade (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/2defbce0bc05d93c6c4c63f1d2f8d545879d311b/hovercard" href="https://github.com/mjl-/mox/commit/2defbce0bc05d93c6c4c63f1d2f8d545879d311b"><tt>2defbce</tt></a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/31c22618f5de84547906ab3734e0c9d5fa0e32f9/hovercard" href="https://github.com/mjl-/mox/commit/31c22618f5de84547906ab3734e0c9d5fa0e32f9"><tt>31c2261</tt></a>,<br> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/07533252b33b01366eb2b3efda28c930eca59deb/hovercard" href="https://github.com/mjl-/mox/commit/07533252b33b01366eb2b3efda28c930eca59deb"><tt>0753325</tt></a>, <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2971700502" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/327" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/327/hovercard" href="https://github.com/mjl-/mox/issues/327">#327</a>, <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2554177621" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/217" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/217/hovercard" href="https://github.com/mjl-/mox/issues/217">#217</a>)</li> <li>webmail: When composing, no longer remove the last remaining To address with<br> the ctrl+backspace shortcut. Too easy to trigger accidentally, almost never done<br> intentionally. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/70aedddc90963150c24750696bae467932adf7f8/hovercard" href="https://github.com/mjl-/mox/commit/70aedddc90963150c24750696bae467932adf7f8"><tt>70aeddd</tt></a>)</li> <li>Improve expunged message/UID tracking in IMAP sessions, track synchronization<br> history for mailboxes/annotations. We now delay removing message files from disk<br> until the last reference in any session goes away (e.g. after sending an IMAP<br> EXPUNGE/VANISHED response to all connected IMAP clients with the mailbox open).<br> (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/577944310cb6b651716d184ae4afa449117330f7/hovercard" href="https://github.com/mjl-/mox/commit/577944310cb6b651716d184ae4afa449117330f7"><tt>5779443</tt></a>)</li> <li>When removing an account, wait until the last account reference has gone away<br> before removing the account files. We store intent to remove in the database,<br> until we get to it, possibly at next startup in case of sudden shutdown.<br> (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/ac4b006ecd917a13f44a3ccda0f820c22da3f167/hovercard" href="https://github.com/mjl-/mox/commit/ac4b006ecd917a13f44a3ccda0f820c22da3f167"><tt>ac4b006</tt></a>)</li> <li>imapserver: Don't keep account write-locked during IMAP FETCH command, for<br> responsiveness during large mailbox syncs. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2132854889" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/128" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/128/hovercard" href="https://github.com/mjl-/mox/issues/128">#128</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/b822533df31d3b8b0f12827e295226d0c5e539e3/hovercard" href="https://github.com/mjl-/mox/commit/b822533df31d3b8b0f12827e295226d0c5e539e3"><tt>b822533</tt></a>)</li> <li>Add prometheus metrics for errors when getting certificates through ACME<br> (typically from let's encrypt), and add alerting rule. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/e5e15a3965c2b811bac72326166ee679ccb02d8c/hovercard" href="https://github.com/mjl-/mox/commit/e5e15a3965c2b811bac72326166ee679ccb02d8c"><tt>e5e15a3</tt></a>)</li> <li>webmail: When forwarding a message, include the<br> subject,date,from,reply-to,to,cc headers in the message (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/1c4bf8909c455d3c8fc6beecd8b1d8813664bf8f/hovercard" href="https://github.com/mjl-/mox/commit/1c4bf8909c455d3c8fc6beecd8b1d8813664bf8f"><tt>1c4bf89</tt></a>)</li> <li>Also unicode-normalize usernames (email addresses) when logging into the<br> imapserver and webapps. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/c7354cc22b2241ebc7a51a52d1054e7fc7c7765b/hovercard" href="https://github.com/mjl-/mox/commit/c7354cc22b2241ebc7a51a52d1054e7fc7c7765b"><tt>c7354cc</tt></a>)</li> <li>When delivering over smtp, do not require the other server to announce the<br> 8bitmime extension for 8-bit data unless in pedantic mode. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2852899210" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/287" data-hovercard-type="pull_request" data-hovercard-url="/mjl-/mox/pull/287/hovercard" href="https://github.com/mjl-/mox/pull/287">#287</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/46c1693ee9353fb1838ca0fb8c3ec81874f21823/hovercard" href="https://github.com/mjl-/mox/commit/46c1693ee9353fb1838ca0fb8c3ec81874f21823"><tt>46c1693</tt></a>)</li> <li>Do not use results from junk filter if we have less than 50 positive<br> classifications to base the decision on. Useful for new accounts, we don't want<br> to start rejecting incoming messages when there's too little information to<br> decide. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1908698165" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/64" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/64/hovercard" href="https://github.com/mjl-/mox/issues/64">#64</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/6aa2139a54c91700894cf6796b9e5cdc885138eb/hovercard" href="https://github.com/mjl-/mox/commit/6aa2139a54c91700894cf6796b9e5cdc885138eb"><tt>6aa2139</tt></a>)</li> <li>Admin check: Do not raise error when forward-confirmed reverse dns does not<br> match hostname. Probably relatively common with setups involving NAT. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2639455230" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/239" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/239/hovercard" href="https://github.com/mjl-/mox/issues/239">#239</a>,<br> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/acc1c133b022c6759686b0258cb4ff4cde7df522/hovercard" href="https://github.com/mjl-/mox/commit/acc1c133b022c6759686b0258cb4ff4cde7df522"><tt>acc1c13</tt></a>)</li> <li>Add config option to an account destination to reject messages that don't<br> pass a dmarc-like aligned spf/aligned dkim check. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/6da5f8f586ac57a0932e33af8a58122f5874b795/hovercard" href="https://github.com/mjl-/mox/commit/6da5f8f586ac57a0932e33af8a58122f5874b795"><tt>6da5f8f</tt></a>)</li> <li>cli: Add subcommand "mox admin imapserve $preauthaddress", for admins to open<br> a preauthenticated imap connection for an account, even if it is disabled for<br> logins (useful for migrations). (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2332640986" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/175" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/175/hovercard" href="https://github.com/mjl-/mox/issues/175">#175</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/49e2eba52bb026e163d128f1bc17ceea0b4966f1/hovercard" href="https://github.com/mjl-/mox/commit/49e2eba52bb026e163d128f1bc17ceea0b4966f1"><tt>49e2eba</tt></a>)</li> <li>webmail: In message view, under More, add button to open currently displayed<br> part (either text or html) as raw text (but decoded if in<br> base64/quoted-printable/etc). (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/008de1cafb3474df58f8704e59a1b92bb5e0eae2/hovercard" href="https://github.com/mjl-/mox/commit/008de1cafb3474df58f8704e59a1b92bb5e0eae2"><tt>008de1c</tt></a>)</li> <li>cli: Add subcommand "mox config account list", printing all accounts and<br> whether they are disabled. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/1b2b152cb5d3bed205861d07ea479514a6c7ff03/hovercard" href="https://github.com/mjl-/mox/commit/1b2b152cb5d3bed205861d07ea479514a6c7ff03"><tt>1b2b152</tt></a>)</li> <li>For the web interfaces, ensure the effective configured http paths end in a<br> slash to prevent 404's and/or errors accessing the web interfaces, preventing<br> admin confusion. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2957406027" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/325" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/325/hovercard" href="https://github.com/mjl-/mox/issues/325">#325</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/3e128d744e7fc7466638aa3367e54ab8a9c180a0/hovercard" href="https://github.com/mjl-/mox/commit/3e128d744e7fc7466638aa3367e54ab8a9c180a0"><tt>3e128d7</tt></a>)</li> </ul> <h1>Bug fixes</h1> <ul> <li>smtp: Add data reader fuzzer + fix OOB read. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/f10bb2c1ae22c959a9b782461e5cdd330de51c12/hovercard" href="https://github.com/mjl-/mox/commit/f10bb2c1ae22c959a9b782461e5cdd330de51c12"><tt>f10bb2c</tt></a>)</li> <li>webmail: When completing a recipient address, quote the "name" if necessary<br> for proper interpretation. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2898657854" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/305" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/305/hovercard" href="https://github.com/mjl-/mox/issues/305">#305</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/1c58d382803ccec1be80b020799ee3034a79df9b/hovercard" href="https://github.com/mjl-/mox/commit/1c58d382803ccec1be80b020799ee3034a79df9b"><tt>1c58d38</tt></a>)</li> <li>After queueing a message in the web api's, prevent context cancelation (e.g.<br> aborted http connections) from completing the operation in full. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/b37faa06bdd2a433f7ee1e2a09a8a75b14024887/hovercard" href="https://github.com/mjl-/mox/commit/b37faa06bdd2a433f7ee1e2a09a8a75b14024887"><tt>b37faa0</tt></a>)</li> <li>smtpserver: In localserve mode, don't reject messages "From" domain<br> "localhost" if localhost doesn't resolve to an IP through DNS. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/d0b241499fc373bc6043d3ae86e27600ce86d56e/hovercard" href="https://github.com/mjl-/mox/commit/d0b241499fc373bc6043d3ae86e27600ce86d56e"><tt>d0b2414</tt></a>)</li> <li>webserver: Don't raise a 500 server error for static file requests with<br> overlong names. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/aa2b24d861fd5635ea2a6f5be2977b14eb68d57b/hovercard" href="https://github.com/mjl-/mox/commit/aa2b24d861fd5635ea2a6f5be2977b14eb68d57b"><tt>aa2b24d</tt></a>)</li> <li>webmail: Fix parsing search filter "start:" and "end:".<br> (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/091faa8048e0ba9fa15c710931166dfefee4e08d/hovercard" href="https://github.com/mjl-/mox/commit/091faa8048e0ba9fa15c710931166dfefee4e08d"><tt>091faa8</tt></a>)</li> <li>webmail: Fix dark mode, broken since v0.0.14. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2827659773" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/278" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/278/hovercard" href="https://github.com/mjl-/mox/issues/278">#278</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/d08e0d3882dda12f9e6318301c2ed4bbe3ef57dd/hovercard" href="https://github.com/mjl-/mox/commit/d08e0d3882dda12f9e6318301c2ed4bbe3ef57dd"><tt>d08e0d3</tt></a>)</li> <li>webmail: Fix nil pointer dereference when searching for attachment types, eg<br> "a:spreadsheet" (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2806380178" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/272" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/272/hovercard" href="https://github.com/mjl-/mox/issues/272">#272</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/0203dfa9d981d016c2574ff793358a192d374ff8/hovercard" href="https://github.com/mjl-/mox/commit/0203dfa9d981d016c2574ff793358a192d374ff8"><tt>0203dfa</tt></a>)</li> <li>imapserver: Return proper response for FETCH of "BODY[1.MIME]" where 1 is a<br> message (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/39c21f80cd319474b62519f95c5bb7e25ecf1346/hovercard" href="https://github.com/mjl-/mox/commit/39c21f80cd319474b62519f95c5bb7e25ecf1346"><tt>39c21f8</tt></a>)</li> <li>imapserver: Properly accept literal8 for APPEND, since we claim to implement<br> the BINARY extension (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/88a68e91439da4efb8d24d74bc235e5b039b0c6e/hovercard" href="https://github.com/mjl-/mox/commit/88a68e91439da4efb8d24d74bc235e5b039b0c6e"><tt>88a68e9</tt></a>)</li> <li>In domain/dns self-check, for unused services, check in SRV records that port<br> is 0 like how we told users to configure it and fix checking for errors during<br> srv lookups, and show the value we got but didn't expect; show config snippet<br> for HostTLSRPT if it isn't configured; don't warn about reverse dns resolving to<br> multiple names. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/9dff879164b3c9da4a32138b1bf2631922eb1ee5/hovercard" href="https://github.com/mjl-/mox/commit/9dff879164b3c9da4a32138b1bf2631922eb1ee5"><tt>9dff879</tt></a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/3d0dc3a79db894f043b208051a0a1dd21b216cbd/hovercard" href="https://github.com/mjl-/mox/commit/3d0dc3a79db894f043b208051a0a1dd21b216cbd"><tt>3d0dc3a</tt></a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/6f678125a56d08045abb4863fd46b3a8a9da779d/hovercard" href="https://github.com/mjl-/mox/commit/6f678125a56d08045abb4863fd46b3a8a9da779d"><tt>6f67812</tt></a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/1d6f45e592290b9e46057a51c1fa23183b1e8161/hovercard" href="https://github.com/mjl-/mox/commit/1d6f45e592290b9e46057a51c1fa23183b1e8161"><tt>1d6f45e</tt></a>)</li> </ul> <h1>Update procedure</h1> <p>Before upgrading, do a dry-run first.</p> <ul> <li>Make a temporary backup with the old mox version:<br> <code>mox-v0.0.14 backup data/tmp/testupgrade</code></li> <li>Verify that all is well with the old version:<br> <code>mox-v0.0.14 verifydata data/tmp/testupgrade</code></li> <li>Verify the state with the new version:<br> <code>mox-v0.0.15 verifydata data/tmp/testupgrade</code></li> </ul> <p>With a successful dry-run, the upgrade should go smoothly. Make a new backup<br> again with <code>mox-v0.0.14 backup data/tmp/backup</code> (the previous backup was<br> modified by the dry-run, so couldn't be used to restore!), replace the binary<br> and restart. For further details, see<br> <a href="https://www.xmox.nl/faq/#hdr-how-do-i-upgrade-my-mox-installation" rel="nofollow">https://www.xmox.nl/faq/#hdr-how-do-i-upgrade-my-mox-installation</a></p> <p>If you run into any problems, please create a bug report.</p> <h1>Manual update actions</h1> <p>Additional manual actions to consider:</p> <ul> <li>You may want to modify your backup scripts: "mox backup" now writes a data/<br> and config/ directory to the backup destination directory. Previously it only<br> wrote data files, directly to the backup destination directory.</li> <li>You may want to disable signing with ed25519 DKIM keys to reduce noise in<br> DMARC reports from other mail servers that often don't understand ed25519 keys.<br> Make sure you do keep signing with an RSA key.</li> <li>You may want to add the new prometheus alerting rule for<br> "mox_autotls_cert_request_errors_total", alerting on errors when<br> fetching/refreshing certificates with ACME. See prometheus.rules in the mox<br> repository.</li> </ul> <h1>Thanks</h1> <p>Thanks to everyone on irc/matrix/slack and the issue tracker for providing<br> feedback, and asking &amp; answering questions. Much appreciated! In particular:<br> ulrichwisser, eric l, kjetilho, Myp3a, mattfbacon, janc13, dstotijn, Eygem,<br> martin, rawtaz, ilijamt, skyguy, mattanja, BlankEclair, gdunstone, unguamorray,<br> DanielG, RobSlgm, ally9335, x8x, exander77, s0ph0s-dog, odama626, wneessen,<br> omartijn, sam-willsey, QuadrupleA, hrstoyanov, mtgxx, martinjanda, shleeable,<br> haraldrudell, and more.</p> <p>If you have open bug reports/issues mentioned in this release, please verify<br> the issue is resolved and either close the issue or write a comment. Thanks!</p> <p>Special thanks to NLnet foundation for sponsoring development.</p> <h1>Downloading &amp; compiling</h1> <p>See <a href="https://www.xmox.nl/install/#hdr-download" rel="nofollow">https://www.xmox.nl/install/#hdr-download</a>.</p> mjl- tag:github.com,2008:Repository/595136650/v0.0.14 2025-01-20T12:17:54Z <h1>New features</h1> <ul> <li>Implement TLS client certificate authentication using their public keys (not<br> other certificate properties, so no name/expiration/constraint validation).<br> Accounts can add multiple TLS public keys, e.g. one for each mail client. For<br> use with SMTP/IMAP and the "external" SASL authentication mechanism. IMAP<br> "preauth" is enabled with TLS certificate authentication, but can be disabled<br> per key. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/8804d6b60ec058e9584c03384a04a93e102d63ba/hovercard" href="https://github.com/mjl-/mox/commit/8804d6b60ec058e9584c03384a04a93e102d63ba"><tt>8804d6b</tt></a>)</li> </ul> <h1>Improvements</h1> <ul> <li>quickstart: Write all output to a file "quickstart.log" for later reference<br> (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/2255ebcf11869c936c2c49db7527e12a5cf8003e/hovercard" href="https://github.com/mjl-/mox/commit/2255ebcf11869c936c2c49db7527e12a5cf8003e"><tt>2255ebc</tt></a>)</li> <li>smtpserver: Add an option for the smtp delivery listener to enable/disable tls<br> session tickets. (issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2637495769" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/237" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/237/hovercard" href="https://github.com/mjl-/mox/issues/237">#237</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/e59f894a94c21347d1c3e70d72375926e00850da/hovercard" href="https://github.com/mjl-/mox/commit/e59f894a94c21347d1c3e70d72375926e00850da"><tt>e59f894</tt></a>)</li> <li>smtpserver: Add prometheus metric and alerting rule for failing starttls<br> handshakes for incoming deliveries. (related to issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2637495769" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/237" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/237/hovercard" href="https://github.com/mjl-/mox/issues/237">#237</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/afb182cb14def32987f11200539806af83bb30c5/hovercard" href="https://github.com/mjl-/mox/commit/afb182cb14def32987f11200539806af83bb30c5"><tt>afb182c</tt></a>)</li> <li>webmail: Split pasted address into multiple address, by commas. (PR <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2686040196" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/252" data-hovercard-type="pull_request" data-hovercard-url="/mjl-/mox/pull/252/hovercard" href="https://github.com/mjl-/mox/pull/252">#252</a>,<br> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/501f594a0af59a0cf56a62f731bc627a078045f0/hovercard" href="https://github.com/mjl-/mox/commit/501f594a0af59a0cf56a62f731bc627a078045f0"><tt>501f594</tt></a>)</li> <li>Clarify that "aliases" are more small-scale lists, not additional addresses<br> for an account. And make "public posting" the default for new aliases. (issue<br> <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2647143436" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/244" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/244/hovercard" href="https://github.com/mjl-/mox/issues/244">#244</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/0e338b0530c35da21dd80e84b80c793eb9e236b8/hovercard" href="https://github.com/mjl-/mox/commit/0e338b0530c35da21dd80e84b80c793eb9e236b8"><tt>0e338b0</tt></a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/cbe418ec593442cc6d59707b6831b1f4a8070dbf/hovercard" href="https://github.com/mjl-/mox/commit/cbe418ec593442cc6d59707b6831b1f4a8070dbf"><tt>cbe418e</tt></a>)</li> <li>smtpserver: When doing slow writes due to spammy incoming delivery, try a bit<br> harder to prevent a timeout for the other side (if it is mox/itself!)<br> (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/5a14a5b067ac10d4883906d15755e24c8bb25a4a/hovercard" href="https://github.com/mjl-/mox/commit/5a14a5b067ac10d4883906d15755e24c8bb25a4a"><tt>5a14a5b</tt></a>)</li> <li>quickstart: For -existing-webserver, also add tls key/cert placeholder for<br> mail.$domain. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/5320ec1c5bc8aa50d73b3770874f8f10ddbd7349/hovercard" href="https://github.com/mjl-/mox/commit/5320ec1c5bc8aa50d73b3770874f8f10ddbd7349"><tt>5320ec1</tt></a>)</li> <li>Do not try to get a tls cert for autoconfig. at startup if there is no<br> listener with autoconfig enabled. Reduces needless logging in setups that don't<br> use autoconfig. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/35af7e30a6ad3c20a09692d9c568cd7fe4caac50/hovercard" href="https://github.com/mjl-/mox/commit/35af7e30a6ad3c20a09692d9c568cd7fe4caac50"><tt>35af7e3</tt></a>)</li> <li>"mox retrain" command: Make the "account" parameter optional, retraining all<br> accounts when absent. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/94fb48c2dc022c761725cbb02184e151e04f4a8d/hovercard" href="https://github.com/mjl-/mox/commit/94fb48c2dc022c761725cbb02184e151e04f4a8d"><tt>94fb48c</tt></a>)</li> <li>webmail: Move config options for showing keyboard shortcuts and for showing<br> additional headers from localstorage to the settings popup, storing their values<br> on the server. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/3f727cf38094e69a99f15b455e995b735b85c53a/hovercard" href="https://github.com/mjl-/mox/commit/3f727cf38094e69a99f15b455e995b735b85c53a"><tt>3f727cf</tt></a>)</li> <li>webmail: Don't bind to shortcuts ctrl-l, ctrl-u and ctrl-I since they are<br> commonly used in browsers. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/4d3c4115f823272fa6069349838a4c042ddf2f78/hovercard" href="https://github.com/mjl-/mox/commit/4d3c4115f823272fa6069349838a4c042ddf2f78"><tt>4d3c411</tt></a>)</li> <li>webapi: Add Content-Disposition and Filename to the payload of incoming<br> webhooks (issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2714650821" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/258" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/258/hovercard" href="https://github.com/mjl-/mox/issues/258">#258</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/42793834f8b6112a40e0ee9508c40c6e1798d23d/hovercard" href="https://github.com/mjl-/mox/commit/42793834f8b6112a40e0ee9508c40c6e1798d23d"><tt>4279383</tt></a>)</li> <li>Add ability to include custom CSS &amp; JS in web interfaces (webmail, webaccount,<br> webadmin), and use css variables in webmail for easier customization.<br> (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/96d86ad6f1e6ede1a31ddaeecb02666cd553dcac/hovercard" href="https://github.com/mjl-/mox/commit/96d86ad6f1e6ede1a31ddaeecb02666cd553dcac"><tt>96d86ad</tt></a>, related to issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2069736430" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/114" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/114/hovercard" href="https://github.com/mjl-/mox/issues/114">#114</a>)</li> <li>webmail: When marking message as unread, also clear its (non)junk flags<br> (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/1f604c6a3db41edb248ec914c44f78aaf8731cf6/hovercard" href="https://github.com/mjl-/mox/commit/1f604c6a3db41edb248ec914c44f78aaf8731cf6"><tt>1f604c6</tt></a>)</li> <li>webaccount: Update text about opening apple mobileconfig profile files, it has<br> gotten harder to use in iOS18. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/636bb91df6d827187d358dd1198d56765a9ec222/hovercard" href="https://github.com/mjl-/mox/commit/636bb91df6d827187d358dd1198d56765a9ec222"><tt>636bb91</tt></a>)</li> <li>admin: Better handling of disabled MTA-STS during self-check. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/7f5e1087d42d5d7bf57649c5c6a2155c3706ce39/hovercard" href="https://github.com/mjl-/mox/commit/7f5e1087d42d5d7bf57649c5c6a2155c3706ce39"><tt>7f5e108</tt></a>)</li> <li>admin: In self-check for SPF records against our IPs, don't try checking the<br> unspecified addresses (0.0.0.0 and ::), and warn if there are no explicitly<br> configured IPs. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/726c0931f77db09d7d03c5ca319c70d737e54f1d/hovercard" href="https://github.com/mjl-/mox/commit/726c0931f77db09d7d03c5ca319c70d737e54f1d"><tt>726c093</tt></a>)</li> <li>autoconfig: More RFC compliant SRV service not available DNS records (issue<br> <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2641110448" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/240" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/240/hovercard" href="https://github.com/mjl-/mox/issues/240">#240</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/355488028db494844d4970d79668811edfccd121/hovercard" href="https://github.com/mjl-/mox/commit/355488028db494844d4970d79668811edfccd121"><tt>3554880</tt></a>)</li> </ul> <h1>Bug fixes</h1> <ul> <li>Fix verifying DANE-TA connections for outgoing email deliveries where the<br> DANE-TA record is not for the first certificate in the chain after the leaf<br> certifiate. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/f7666d1582fe0812a868f226b2aee338d1d07268/hovercard" href="https://github.com/mjl-/mox/commit/f7666d1582fe0812a868f226b2aee338d1d07268"><tt>f7666d1</tt></a>)</li> <li>junk filter: Fix adjusting word counts after train/untrain. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/17baf9a8830c92a669299649c111d420c655ff1e/hovercard" href="https://github.com/mjl-/mox/commit/17baf9a8830c92a669299649c111d420c655ff1e"><tt>17baf9a</tt></a>)</li> <li>Log when mox root process cannot forward signals to unprivileged child and<br> give the mox.service permissions to send such signals. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/32d4e9a14c2598ee64bb6fc461b5784fe64a5bc7/hovercard" href="https://github.com/mjl-/mox/commit/32d4e9a14c2598ee64bb6fc461b5784fe64a5bc7"><tt>32d4e9a</tt></a>)</li> <li>webadmin: When loading page with webserver routes, internal services would<br> always be shown with "admin" as internal services, and saving the handler would<br> overwrite the correct setting. (issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2756604928" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/264" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/264/hovercard" href="https://github.com/mjl-/mox/issues/264">#264</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/965a2b426fae8b0119ea7f65dd3d8398bf3fb7ff/hovercard" href="https://github.com/mjl-/mox/commit/965a2b426fae8b0119ea7f65dd3d8398bf3fb7ff"><tt>965a2b4</tt></a>)</li> <li>When opening an account by email address, such as during login attempts, and<br> the address is an alias, fail with proper error "no such credentials" instead of<br> with error "no such account" and printing a stack trace. (for issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2639373378" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/238" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/238/hovercard" href="https://github.com/mjl-/mox/issues/238">#238</a>,<br> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/3d4cd004309469fb1fddbf3f89afc5ab111823ac/hovercard" href="https://github.com/mjl-/mox/commit/3d4cd004309469fb1fddbf3f89afc5ab111823ac"><tt>3d4cd00</tt></a>)</li> <li>webmail: Fix using the compose window/popup after saving a draft message<br> failed. (issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2690595698" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/256" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/256/hovercard" href="https://github.com/mjl-/mox/issues/256">#256</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/ee48cf0dfd46a889ecf0a6dbf579912b9f95875d/hovercard" href="https://github.com/mjl-/mox/commit/ee48cf0dfd46a889ecf0a6dbf579912b9f95875d"><tt>ee48cf0</tt></a>)</li> <li>webmail: Fix css to not show text on button (actually html "a" element for<br> links) for downloaded (visited) attachments in blue. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/f7193bd4c321544c51c67f5ff1d25d9c330df0b8/hovercard" href="https://github.com/mjl-/mox/commit/f7193bd4c321544c51c67f5ff1d25d9c330df0b8"><tt>f7193bd</tt></a>)</li> </ul> <h1>Update procedure</h1> <p>After updating, run "mox retrain" to retrain the bayesian junk filter for all<br> accounts. Retraining an account with many messages can require quite some<br> working memory. Due to a bug (now fixed), reclassifying messages as (non)-junk<br> updated the scores of words incorrectly, sometimes resulting in very high<br> (non)-junk reputation of some words. The junk filter should perform better<br> after retraining.</p> <p>If you are using the mox.service systemd unit file on Linux, you should add<br> "CAP_KILL" to CapabilityBoundingSet (and reload &amp; restart the service) so<br> graceful shut downs are faster.</p> <p>Before upgrading, do a dry-run first.</p> <ul> <li>Make a temporary backup with the old mox version:<br> <code>mox-v0.0.13 backup data/tmp/testupgrade</code></li> <li>Verify that all is well with the old version:<br> <code>mox-v0.0.13 verifydata data/tmp/testupgrade</code></li> <li>Verify the state with the new version:<br> <code>mox-v0.0.14 verifydata data/tmp/testupgrade</code></li> </ul> <p>With a successful dry-run, the upgrade should go smoothly. Make a new backup<br> with <code>mox-v0.0.13 backup data/tmp/backup</code> (the previous backup was modified by<br> the dry-run, so couldn't be used to restore!), replace the binary and restart.<br> For further details, see<br> <a href="https://www.xmox.nl/faq/#hdr-how-do-i-upgrade-my-mox-installation" rel="nofollow">https://www.xmox.nl/faq/#hdr-how-do-i-upgrade-my-mox-installation</a></p> <p>If you run into any problems, please create a bug report.</p> <h1>Thanks</h1> <p>Thanks for all the contributions/bug reports/feedback/discussions, much<br> appreciated! Special thanks to: exander77, bwbroersma, Robby-, wneessen,<br> kiekerjan, robbo5000, morki, laura-lilly, ally9335, spectral369, mattfbacon,<br> mwyvr, s0ph0s-dog, soheilpro and many more!</p> <h1>Downloading &amp; compiling</h1> <p>See <a href="https://www.xmox.nl/install/#hdr-download" rel="nofollow">https://www.xmox.nl/install/#hdr-download</a>.</p> mjl- tag:github.com,2008:Repository/595136650/v0.0.13 2024-11-06T23:11:08Z <p>This release fixes TLS interoperability with incoming deliveries from Microsoft<br> servers by disabling TLS session tickets. If you have MTA-STS and/or DANE<br> enabled, TLS is required for successful delivery, and updating to v0.0.13 is<br> required to receive messages from Microsoft again. TLS session tickets may be<br> enabled again in a future release, possibly per port/service.</p> <h1>Improvements</h1> <ul> <li>In the IMAP server, for the "bodystructure" response item to a "FETCH"<br> command, add the content-type parameters for multiparts so IMAP clients will<br> get the MIME boundary without having to parse the message themselves. (issue<br> <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2554177621" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/217" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/217/hovercard" href="https://github.com/mjl-/mox/issues/217">#217</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/8fa197b19dfea22f3215e1768e8d90001f0ded06/hovercard" href="https://github.com/mjl-/mox/commit/8fa197b19dfea22f3215e1768e8d90001f0ded06"><tt>8fa197b</tt></a>)</li> <li>Add an HTTP handler for the acme http-01 validiation mechanism to all plain<br> http (non-tls) webservers (ports), not only to the one listening on port 80.<br> (#issue 218, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/0fbf24160c65f8dd8855533cfaa2b485ee6764d9/hovercard" href="https://github.com/mjl-/mox/commit/0fbf24160c65f8dd8855533cfaa2b485ee6764d9"><tt>0fbf241</tt></a>)</li> <li>Properly link to matrix room so users can find it. (issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2586712273" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/226" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/226/hovercard" href="https://github.com/mjl-/mox/issues/226">#226</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/76f7b9ebf64cf05132eccc1c0f13b38a79726d6e/hovercard" href="https://github.com/mjl-/mox/commit/76f7b9ebf64cf05132eccc1c0f13b38a79726d6e"><tt>76f7b9e</tt></a>)</li> </ul> <h1>Bug fixes</h1> <ul> <li>Disable session tickets for tls to workaround deliverability issues with<br> incoming email from Microsoft over smtp with starttls. Without this fix,<br> email from Microsoft is no long coming in. (issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2637495769" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/237" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/237/hovercard" href="https://github.com/mjl-/mox/issues/237">#237</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/22c8911bf3f768931d93f599b0eb03882d1c78e3/hovercard" href="https://github.com/mjl-/mox/commit/22c8911bf3f768931d93f599b0eb03882d1c78e3"><tt>22c8911</tt></a>)</li> <li>In the SMTP server, when logging about problems with recipients, actually<br> show which recipients were present in the session. (issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2599602309" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/232" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/232/hovercard" href="https://github.com/mjl-/mox/issues/232">#232</a>,<br> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/598c5ea6ac9f4a5ac0b6404102b776818f11b6d4/hovercard" href="https://github.com/mjl-/mox/commit/598c5ea6ac9f4a5ac0b6404102b776818f11b6d4"><tt>598c5ea</tt></a>).</li> <li>Webmail: During "send and archive", don't fail with error message when<br> message that is being responded to is already in archive folder. (issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2600083282" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/233" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/233/hovercard" href="https://github.com/mjl-/mox/issues/233">#233</a>,<br> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/879477a01f72fa9202bef8acc652ec8970da1bc7/hovercard" href="https://github.com/mjl-/mox/commit/879477a01f72fa9202bef8acc652ec8970da1bc7"><tt>879477a</tt></a>)</li> <li>Webmail: if we don't have loaded account settings yet, abort loading the<br> popup after showing an error that the settings aren't available yet. (issue<br> <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2554219536" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/218" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/218/hovercard" href="https://github.com/mjl-/mox/issues/218">#218</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/04305722a783902d1410beb622686135ad9f4c84/hovercard" href="https://github.com/mjl-/mox/commit/04305722a783902d1410beb622686135ad9f4c84"><tt>0430572</tt></a>)</li> </ul> <h1>Update instructions</h1> <p>Before upgrading, do a dry-run first.</p> <ul> <li>Make a temporary backup with the old mox version:<br> <code>mox-v0.0.12 backup data/tmp/testupgrade</code></li> <li>Verify that all is well with the old version:<br> <code>mox-v0.0.12 verifydata data/tmp/testupgrade</code></li> <li>Verify the state with the new version:<br> <code>mox-v0.0.13 verifydata data/tmp/testupgrade</code></li> </ul> <p>With a successful dry-run, the upgrade should go smoothly. Make a new backup<br> with <code>mox-v0.0.12 backup data/tmp/backup</code> (the previous backup was modified by<br> the dry-run, so couldn't be used to restore!), replace the binary and restart.<br> For further details, see<br> <a href="https://www.xmox.nl/faq/#hdr-how-do-i-upgrade-my-mox-installation" rel="nofollow">https://www.xmox.nl/faq/#hdr-how-do-i-upgrade-my-mox-installation</a></p> <p>If you run into any problems, please create a bug report.</p> <h1>Thanks</h1> <p>Thanks for all the contributions/bug reports/feedback/discussions, much<br> appreciated! Special thanks to mdavids, danieleggert, startup-001-steve,<br> snabb, mattfbacon, mgkirs, exander77.</p> <p>Development on mox is funded through the NLnet NGI0 Entrust Fund,<br> <a href="https://nlnet.nl/entrust/" rel="nofollow">https://nlnet.nl/entrust/</a>, with financial support from the European<br> Commission's Next Generation Internet programme.</p> <h1>Downloading &amp; compiling</h1> <p>See <a href="https://www.xmox.nl/install/#hdr-download" rel="nofollow">https://www.xmox.nl/install/#hdr-download</a>.</p> mjl- tag:github.com,2008:Repository/595136650/v0.0.12 2024-10-06T12:11:46Z <h1>Improvements</h1> <ul> <li>webmail: Change many inline styles to using css classes, and add dark mode.<br> (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2270545348" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/163" data-hovercard-type="pull_request" data-hovercard-url="/mjl-/mox/pull/163/hovercard" href="https://github.com/mjl-/mox/pull/163">#163</a> by mattfbacon, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/a16c08681b7181d7d3eb04246caa9132348bc035/hovercard" href="https://github.com/mjl-/mox/commit/a16c08681b7181d7d3eb04246caa9132348bc035"><tt>a16c086</tt></a>)</li> <li>webmail: In compose window, merge close &amp; cancel button, and align buttons on<br> the right. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/4d28a02621f248df0d8f2a35c594fe4f9cbcb3ac/hovercard" href="https://github.com/mjl-/mox/commit/4d28a02621f248df0d8f2a35c594fe4f9cbcb3ac"><tt>4d28a02</tt></a>)</li> <li>mox backup: Add hint about systemd ReadWritePaths if hardlinking fails on<br> linux due to cross-device link. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2282444156" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/170" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/170/hovercard" href="https://github.com/mjl-/mox/issues/170">#170</a> by rdelaage, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/44a6927379cd7b674f9d06e7fe28fc7cdfb3366d/hovercard" href="https://github.com/mjl-/mox/commit/44a6927379cd7b674f9d06e7fe28fc7cdfb3366d"><tt>44a6927</tt></a>)</li> <li>mox backup: Clarify behaviour with destination directory, and exit code.<br> (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2283694847" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/172" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/172/hovercard" href="https://github.com/mjl-/mox/issues/172">#172</a> by RobSlgm, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/1fc8f165f75ee54fa7cb25fc9becdde59b8b0345/hovercard" href="https://github.com/mjl-/mox/commit/1fc8f165f75ee54fa7cb25fc9becdde59b8b0345"><tt>1fc8f16</tt></a>)</li> <li>When removing account, remove its data directory instead of leaving it<br> around. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2268267825" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/162" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/162/hovercard" href="https://github.com/mjl-/mox/issues/162">#162</a> by RobSlgm &amp; x8x, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/30ac690c8f64558487a26bc6797c9cb7ac034d7d/hovercard" href="https://github.com/mjl-/mox/commit/30ac690c8f64558487a26bc6797c9cb7ac034d7d"><tt>30ac690</tt></a>)</li> <li>Give more helpful pointers for dns-related setup, such as troubleshooting dns<br> resolving, and multi-line dkim dns records. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2263646510" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/158" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/158/hovercard" href="https://github.com/mjl-/mox/issues/158">#158</a>, <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2271857137" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/164" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/164/hovercard" href="https://github.com/mjl-/mox/issues/164">#164</a>, vipas84, RobSlgm,<br> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/83004bb18e3cd2d525fee82ad9a754dde6c77a2f/hovercard" href="https://github.com/mjl-/mox/commit/83004bb18e3cd2d525fee82ad9a754dde6c77a2f"><tt>83004bb</tt></a>)</li> <li>Improve http request handling for internal services (web interfaces) and<br> multiple domains. The handler for /admin/ is now only enabled on the listener<br> (machine) host name by default, no longer all hosted domains. The internal<br> handlers (for admin, account, webmail, webapi), can now also be explicitly<br> configured in the webserver section, for additional/custom endpoints to serve<br> those services on. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2267304760" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/160" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/160/hovercard" href="https://github.com/mjl-/mox/issues/160">#160</a> by TragicLifeHu, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/614576e409a6e2f115bc6c11bd03a50b9b45ddec/hovercard" href="https://github.com/mjl-/mox/commit/614576e409a6e2f115bc6c11bd03a50b9b45ddec"><tt>614576e</tt></a>)</li> <li>During DNS self-check, if the SRV records with just a dot (for a non-existent<br> service), is missing, show as warning, not as error. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2377515370" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/184" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/184/hovercard" href="https://github.com/mjl-/mox/issues/184">#184</a> by morki,<br> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/e350af7eed6804a32f8f9729bf99aa7de9f2b717/hovercard" href="https://github.com/mjl-/mox/commit/e350af7eed6804a32f8f9729bf99aa7de9f2b717"><tt>e350af7</tt></a>)</li> <li>During DNS self-check, warn when DANE is not configured (through static host<br> keys), instead of showing "OK". (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2377836992" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/185" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/185/hovercard" href="https://github.com/mjl-/mox/issues/185">#185</a> by morki, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/73373a19c1347e781aed16a76419ba41e2a1620d/hovercard" href="https://github.com/mjl-/mox/commit/73373a19c1347e781aed16a76419ba41e2a1620d"><tt>73373a1</tt></a>)</li> <li>Systemd service file now syslogs as facility "mail". (by kiekerjan,<br> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/151bd1a9c0446accb176091477f3c8a7b95d04df/hovercard" href="https://github.com/mjl-/mox/commit/151bd1a9c0446accb176091477f3c8a7b95d04df"><tt>151bd1a</tt></a>)</li> <li>Add favicon to web interfaces. Admins can use the webserver config to serve a<br> different file. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2378015447" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/186" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/186/hovercard" href="https://github.com/mjl-/mox/issues/186">#186</a> by morki, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/c629ae26afee9976f7c6530ecff86f561108606e/hovercard" href="https://github.com/mjl-/mox/commit/c629ae26afee9976f7c6530ecff86f561108606e"><tt>c629ae2</tt></a>)</li> <li>Attempts at improving interoperability with SMTP clients and the "login" SASL<br> authentication mechanism. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1826830581" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/51" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/51/hovercard" href="https://github.com/mjl-/mox/issues/51">#51</a> by hmfaysal, <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2560472125" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/223" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/223/hovercard" href="https://github.com/mjl-/mox/issues/223">#223</a> by gdunstone &amp; wneessen,<br> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/aead73883601ecb259e7a27d834bcbaf8e4af07a/hovercard" href="https://github.com/mjl-/mox/commit/aead73883601ecb259e7a27d834bcbaf8e4af07a"><tt>aead738</tt></a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/7ecc3f68ce9218e3881eadc4a5d213905018a16d/hovercard" href="https://github.com/mjl-/mox/commit/7ecc3f68ce9218e3881eadc4a5d213905018a16d"><tt>7ecc3f6</tt></a>)</li> <li>Recognize more charsets than utf-8/iso-8859-1/us-ascii when parsing message<br> headers with addresses. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2473481029" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/204" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/204/hovercard" href="https://github.com/mjl-/mox/issues/204">#204</a> by morki, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/5678b03324864f01668f47c6a78e2d56efe456e5/hovercard" href="https://github.com/mjl-/mox/commit/5678b03324864f01668f47c6a78e2d56efe456e5"><tt>5678b03</tt></a>)</li> <li>webapi: Implement adding "alternative files" to messages sent with the Send<br> method. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2387803243" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/188" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/188/hovercard" href="https://github.com/mjl-/mox/issues/188">#188</a> by morki, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/6c488ead0b9ea8e11e5aff28b706121ee36d9401/hovercard" href="https://github.com/mjl-/mox/commit/6c488ead0b9ea8e11e5aff28b706121ee36d9401"><tt>6c488ea</tt></a>)</li> <li>webmail: Add setting to show html version of a message by default, instead of<br> text version. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2434025245" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/196" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/196/hovercard" href="https://github.com/mjl-/mox/issues/196">#196</a> by GildedHonour, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/b77f44ab5819e7bf67fd040a628013e325c00a6b/hovercard" href="https://github.com/mjl-/mox/commit/b77f44ab5819e7bf67fd040a628013e325c00a6b"><tt>b77f44a</tt></a>)</li> <li>When login sessions to admin/account/webmail interfaces expiry or are no<br> longer valid, explain the reason in the message above the login form. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2472025856" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/202" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/202/hovercard" href="https://github.com/mjl-/mox/issues/202">#202</a><br> by ally9335, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/a977082b89db0cabb742c1e8c32e448650e91288/hovercard" href="https://github.com/mjl-/mox/commit/a977082b89db0cabb742c1e8c32e448650e91288"><tt>a977082</tt></a>)</li> <li>webapi: Add "RcptTo" to webapi MessageGet result. (mattanja on matrix,<br> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/b0c4b090102cfdcb3a2ef112fc3f4487ec21ea40/hovercard" href="https://github.com/mjl-/mox/commit/b0c4b090102cfdcb3a2ef112fc3f4487ec21ea40"><tt>b0c4b09</tt></a>)</li> <li>webadmin: At managing aliases, mention an alias member won't receive a<br> message if the member address is in the message From header. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2557208492" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/220" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/220/hovercard" href="https://github.com/mjl-/mox/issues/220">#220</a> by<br> wneessen, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/bbc419c6ab913b1ecb6246bea1081919028b4e7b/hovercard" href="https://github.com/mjl-/mox/commit/bbc419c6ab913b1ecb6246bea1081919028b4e7b"><tt>bbc419c</tt></a>)</li> <li>In ACME port config option, explain why using a HTTPS reverse proxy will not<br> work for ACME tls-alpn-01 verification. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2554219536" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/218" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/218/hovercard" href="https://github.com/mjl-/mox/issues/218">#218</a> by mgkirs, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/7d3f3071561b29d1abbbe7c287fd1906542d6c86/hovercard" href="https://github.com/mjl-/mox/commit/7d3f3071561b29d1abbbe7c287fd1906542d6c86"><tt>7d3f307</tt></a>)</li> <li>Add more details to X-Mox-Reason message header added during delivery, for<br> understanding why a message is accepted/rejected. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2356788195" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/179" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/179/hovercard" href="https://github.com/mjl-/mox/issues/179">#179</a> by Fell, <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2257026636" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/157" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/157/hovercard" href="https://github.com/mjl-/mox/issues/157">#157</a> by<br> mattfbacon, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/32b549b260a113fb25d48fa3a52214c59dd72a5b/hovercard" href="https://github.com/mjl-/mox/commit/32b549b260a113fb25d48fa3a52214c59dd72a5b"><tt>32b549b</tt></a>)</li> <li>Many small improvements.</li> </ul> <h1>Bug fixes</h1> <ul> <li>webadmin: Propagate error when quota size cannot be parsed, improve parsing<br> and hint in error message. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2078335625" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/115" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/115/hovercard" href="https://github.com/mjl-/mox/issues/115">#115</a> by pmarini-nc, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/72be3e8423f6aa3f0d457b8e836819b44eb2a864/hovercard" href="https://github.com/mjl-/mox/commit/72be3e8423f6aa3f0d457b8e836819b44eb2a864"><tt>72be3e8</tt></a>)</li> <li>webadmin: Don't show js runtime typecheck errors for invalid values in DMARC<br> and TLS reports. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2268238406" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/161" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/161/hovercard" href="https://github.com/mjl-/mox/issues/161">#161</a> by RobSlgm, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/a2c9cfc55be686f1e650d9150ae5a06268a23690/hovercard" href="https://github.com/mjl-/mox/commit/a2c9cfc55be686f1e650d9150ae5a06268a23690"><tt>a2c9cfc</tt></a>)</li> <li>webmail: In list of From address to use in compose window, don't add the<br> catchall address. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/1a0a396713ab58de002bfbe285fe5f44b05ab334/hovercard" href="https://github.com/mjl-/mox/commit/1a0a396713ab58de002bfbe285fe5f44b05ab334"><tt>1a0a396</tt></a>)</li> <li>webmail: Only show "edit" button on drafts, and similar for "e" shortcut.<br> (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/8254e9ce66d284c59fa37cb34d8d63f5a7663ece/hovercard" href="https://github.com/mjl-/mox/commit/8254e9ce66d284c59fa37cb34d8d63f5a7663ece"><tt>8254e9c</tt></a>)</li> <li>webadmin: Show correct host TLSRPT record in dns selfcheck, and make all<br> suggested dns records absolute. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2366190191" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/182" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/182/hovercard" href="https://github.com/mjl-/mox/issues/182">#182</a> by mdavids, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/9bab3124f6fac31b455ddbdebf46ad0507445334/hovercard" href="https://github.com/mjl-/mox/commit/9bab3124f6fac31b455ddbdebf46ad0507445334"><tt>9bab312</tt></a>)</li> <li>Show the same SPF record for a domain in the dnsrecords and dnscheck<br> output/pages. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2352716040" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/176" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/176/hovercard" href="https://github.com/mjl-/mox/issues/176">#176</a> by rdelaage &amp; RobSlgm, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/7e54280a9d9df32db894ff11b45fcaeb7c1d24da/hovercard" href="https://github.com/mjl-/mox/commit/7e54280a9d9df32db894ff11b45fcaeb7c1d24da"><tt>7e54280</tt></a>)</li> <li>Fix parsing message headers with addresses that need double quotes. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2449775253" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/199" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/199/hovercard" href="https://github.com/mjl-/mox/issues/199">#199</a> by<br> gene-hightower, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/016fde8d783247129613b16b60dbe14e2a855b51/hovercard" href="https://github.com/mjl-/mox/commit/016fde8d783247129613b16b60dbe14e2a855b51"><tt>016fde8</tt></a>)</li> <li>Reject attempts at STARTTLS for SMTP &amp; IMAP when no TLS config is present.<br> Instead of dereferencing a nil pointer, which is caught by the go runtime,<br> with fallback error handling gracefully closing the SMTP connection.<br> (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/a7bdc41cd40706f8f8e54e20bec869827e61c98b/hovercard" href="https://github.com/mjl-/mox/commit/a7bdc41cd40706f8f8e54e20bec869827e61c98b"><tt>a7bdc41</tt></a>)</li> <li>For certain errors during SCRAM authentication, handle errors more gracefully<br> instead of aborting the connection. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2558672215" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/222" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/222/hovercard" href="https://github.com/mjl-/mox/issues/222">#222</a> by wneessen, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/c7315cb72d65814d1ad29b83469eb34457fe4d2c/hovercard" href="https://github.com/mjl-/mox/commit/c7315cb72d65814d1ad29b83469eb34457fe4d2c"><tt>c7315cb</tt></a>)</li> <li>For messages retired from the delivery queue, set "success" field properly,<br> and include the SMTP code/enhanced code on success too (not only on failure).<br> (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/fdc0560ac4e73e7a7f938971717b84f21efcd765/hovercard" href="https://github.com/mjl-/mox/commit/fdc0560ac4e73e7a7f938971717b84f21efcd765"><tt>fdc0560</tt></a>)</li> <li>webmail: Fix loading a "view" (messages in a mailbox) when the "initial"<br> message cannot be parsed. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2557088369" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/219" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/219/hovercard" href="https://github.com/mjl-/mox/issues/219">#219</a> by wneessen, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/fb65ec0676ab382bcbc42e0b34a2473c228bed60/hovercard" href="https://github.com/mjl-/mox/commit/fb65ec0676ab382bcbc42e0b34a2473c228bed60"><tt>fb65ec0</tt></a>)</li> <li>smtpclient: Handle server closing connection after writing its response to<br> RCPT TO in pipelined mode. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2447165652" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/198" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/198/hovercard" href="https://github.com/mjl-/mox/issues/198">#198</a> by soheilpro, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/17346d6def1db7a6fec294afa36232286e9b06fd/hovercard" href="https://github.com/mjl-/mox/commit/17346d6def1db7a6fec294afa36232286e9b06fd"><tt>17346d6</tt></a>)</li> <li>imapserver: Prevent unbounded memory allocations when handling a command<br> (solves same problem as in <a title="CVE-2024-34055" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-crp5-539g-qwq6/hovercard" href="https://github.com/advisories/GHSA-crp5-539g-qwq6">CVE-2024-34055</a>). (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/aef99a72d8f8da30530f4a8f6b4eac6f9a44aa05/hovercard" href="https://github.com/mjl-/mox/commit/aef99a72d8f8da30530f4a8f6b4eac6f9a44aa05"><tt>aef99a7</tt></a>)</li> <li>For incoming SMTP deliveries with STARTTLS, use certificate of hostname if<br> SNI hostname is unknown. Instead of failing the connection because no<br> certificates are available. Fixes interoperability with SMTP clients that do<br> opportunistic SMTP without sending a hostname. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2478042568" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/206" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/206/hovercard" href="https://github.com/mjl-/mox/issues/206">#206</a> by RobSlgm, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/62bd2f442731670a34c39926b064dfa34bb5d7ac/hovercard" href="https://github.com/mjl-/mox/commit/62bd2f442731670a34c39926b064dfa34bb5d7ac"><tt>62bd2f4</tt></a>)</li> </ul> <h1>Update instructions</h1> <p>Before upgrading, do a dry-run first.</p> <ul> <li>Make a temporary backup with the old mox version:<br> <code>mox-v0.0.11 backup data/tmp/testupgrade</code></li> <li>Verify that all is well with the old version:<br> <code>mox-v0.0.11 verifydata data/tmp/testupgrade</code></li> <li>Verify the state with the new version:<br> <code>mox-v0.0.12 verifydata data/tmp/testupgrade</code></li> </ul> <p>With a successful dry-run, the upgrade should go smoothly. Make a new backup<br> with <code>mox-v0.0.11 backup data/tmp/backup</code> (the previous backup was modified by<br> the dry-run, so couldn't be used to restore!), replace the binary and restart.<br> For further details, see<br> <a href="https://www.xmox.nl/faq/#hdr-how-do-i-upgrade-my-mox-installation" rel="nofollow">https://www.xmox.nl/faq/#hdr-how-do-i-upgrade-my-mox-installation</a></p> <p>If you run into any problems, please create a bug report.</p> <p>After upgrading, you may want to run "mox reparse" to parse the message headers<br> of all messages in all accounts. Message headers for addresses with character<br> sets other than us-ascii/utf-8/iso-8859-1 will be fixed.</p> <h1>Thanks</h1> <p>Thanks for all contributions, bug reports, feedback and discussions. It improves<br> mox, keep it coming!</p> <p>Development on mox is funded through the NLnet NGI0 Entrust Fund,<br> <a href="https://nlnet.nl/entrust/" rel="nofollow">https://nlnet.nl/entrust/</a>, with financial support from the European<br> Commission's Next Generation Internet programme.</p> <h1>Downloading &amp; compiling</h1> <p>See <a href="https://www.xmox.nl/install/#hdr-download" rel="nofollow">https://www.xmox.nl/install/#hdr-download</a>.</p> mjl- tag:github.com,2008:Repository/595136650/v0.0.11 2024-04-30T19:38:14Z <h1>New features</h1> <ul> <li>Improve queue management (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/40ade995a5e5cc40bc8cf8fb3b94e4e508079097/hovercard" href="https://github.com/mjl-/mox/commit/40ade995a5e5cc40bc8cf8fb3b94e4e508079097"><tt>40ade99</tt></a>) <ul> <li>Add option to put messages in the queue "on hold", preventing delivery<br> attempts until taken off hold again.</li> <li>Add "hold rules", to automatically mark some/all submitted messages as "on<br> hold", e.g. from a specific account or to a specific domain.</li> <li>Add operation to "fail" a message, causing a DSN to be delivered to the<br> sender. previously we could only drop a message from the queue.</li> <li>Update admin page &amp; add new cli tools for these operations, with new<br> filtering rules for selecting the messages to operate on. In the admin<br> interface, add filtering and checkboxes to select a set of messages to operate<br> on.</li> </ul> </li> <li>Add a webapi and webhooks for a simple HTTP/JSON-based API, helps with<br> sending transactional email. (for issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1709756597" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/31" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/31/hovercard" href="https://github.com/mjl-/mox/issues/31">#31</a> by cuu508, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/09fcc492234ea494b66f6508ebb63486670e3647/hovercard" href="https://github.com/mjl-/mox/commit/09fcc492234ea494b66f6508ebb63486670e3647"><tt>09fcc49</tt></a>) <ul> <li>Webapi allows submitting messages without having to compose the message<br> yourself, and without having to know SMTP.</li> <li>Webhooks makes it easy to process delivery failure/success updates, without<br> needing IMAP and process DSNs.</li> <li>History about outgoing/sent messages can be kept for a configurable interval,<br> per account. Also for the new webhook queue.</li> <li>Messages can be delivered with a "unique SMTP MAIL FROM" address, using a<br> unique id after the localpart catchall separator, e.g.<br> <code>you+&lt;unique&gt;@example.org</code>.</li> <li>Automatic suppression list management, protecting server reputation.</li> <li>Extra metadata can be attached through the webapi, or through<br> X-Mox-Extra-: headers during SMTP submission.</li> <li>Most settings are per-account, configurable through config file and<br> account web interface. The webapi must be enabled in mox.conf through field<br> WebAPIHTTP(s).</li> <li>Gopherwatch.org was created to validate this functionality, and it can now<br> operate either with SMTP/IMAP or webapi/webhooks.</li> </ul> </li> <li>Add aliases/lists: when sending to an alias, the message gets delivered to all<br> members. (for issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1882644972" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/57" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/57/hovercard" href="https://github.com/mjl-/mox/issues/57">#57</a> by hmfaysal, issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2005371443" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/99" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/99/hovercard" href="https://github.com/mjl-/mox/issues/99">#99</a> by naturalethic, feedback by<br> damir &amp; marin, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/960a51242d51fa48f1ff4f275181fd56c11a070f/hovercard" href="https://github.com/mjl-/mox/commit/960a51242d51fa48f1ff4f275181fd56c11a070f"><tt>960a512</tt></a>).</li> <li>IMAP quota extension (RFC 9208), so mail clients can show disk usage (issue<br> <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2078335625" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/115" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/115/hovercard" href="https://github.com/mjl-/mox/issues/115">#115</a> by pmarini, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/4dea2de343748b219383a8c4db56062c633fd672/hovercard" href="https://github.com/mjl-/mox/commit/4dea2de343748b219383a8c4db56062c633fd672"><tt>4dea2de</tt></a>)</li> <li>Webmail: when moving a single message out of/to the inbox, ask if user wants<br> to create/remove a rule to automatically do that server-side for future<br> deliveries, either based on list-id header if present, or message-from address.<br> (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/6c0439cf7b9e172e3be61510362196cda0b2c076/hovercard" href="https://github.com/mjl-/mox/commit/6c0439cf7b9e172e3be61510362196cda0b2c076"><tt>6c0439c</tt></a>)</li> <li>Webmail: add server-side stored settings, initially for signature, top/bottom<br> reply and showing the security indicator bars below address input fields.<br> (for issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2041827359" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/102" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/102/hovercard" href="https://github.com/mjl-/mox/issues/102">#102</a> by nixigaj, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/70adf353ee07f3c0885c6e3d07211f8de81575b6/hovercard" href="https://github.com/mjl-/mox/commit/70adf353ee07f3c0885c6e3d07211f8de81575b6"><tt>70adf35</tt></a>)</li> <li>Webmail: for replies/forwards, add button "send and archive thread" next to<br> the "send" button, and give it a control+shift+Enter shortcut. (for issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2143331923" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/135" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/135/hovercard" href="https://github.com/mjl-/mox/issues/135">#135</a><br> by mattfbacon, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/5229d01601ad110f30ee4b29039ae9c87bce3f08/hovercard" href="https://github.com/mjl-/mox/commit/5229d01601ad110f30ee4b29039ae9c87bce3f08"><tt>5229d01</tt></a>)</li> <li>Webmail: store composed message as draft until send, ask about unsaved changes<br> when closing compose window. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/9529ae0bd4f7d504fb5d9fa5681aa0a3715262a0/hovercard" href="https://github.com/mjl-/mox/commit/9529ae0bd4f7d504fb5d9fa5681aa0a3715262a0"><tt>9529ae0</tt></a>)</li> <li>Webmail: remember server-side per from-address whether we should show the<br> text/html/html-with-external-resources version of a message. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/0f735a17100b81cc2f83ced4de4b1391a10a03ad/hovercard" href="https://github.com/mjl-/mox/commit/0f735a17100b81cc2f83ced4de4b1391a10a03ad"><tt>0f735a1</tt></a>)</li> </ul> <h1>Improvements</h1> <ul> <li>Add account config option to skip first-time sender delay for incoming<br> messages over SMTP. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/8b2c97808d8875a817e4de0eab66ffd9ed408201/hovercard" href="https://github.com/mjl-/mox/commit/8b2c97808d8875a817e4de0eab66ffd9ed408201"><tt>8b2c978</tt></a>)</li> <li>In quickstart, check if outgoing SMTP connection on port 25 can be made. New<br> cloud machines tend to have the port blocked, early warning is helpful.<br> (reported by arnt, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/0262f4621e13a4a7e85bbb5abc21a470d6950111/hovercard" href="https://github.com/mjl-/mox/commit/0262f4621e13a4a7e85bbb5abc21a470d6950111"><tt>0262f46</tt></a>)</li> <li>In quickstart, use "postmaster@" for the contact address with the ACME account<br> for Let's Encrypt if the initial address has a non-ASCII localpart, to prevent<br> account registration from failing. (reported by arnt, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/f4b6e14cb9f74d837da2eaff8c563caa20e431ba/hovercard" href="https://github.com/mjl-/mox/commit/f4b6e14cb9f74d837da2eaff8c563caa20e431ba"><tt>f4b6e14</tt></a>)</li> <li>Add a "direct" transport, that allows influencing behaviour of the normal<br> delivery mechanism of dialing MX records: The IP address family can be limited<br> to IPv4 or IPv6 (either may not have proper reverse DNS set up). (for issue<br> <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2228419374" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/149" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/149/hovercard" href="https://github.com/mjl-/mox/issues/149">#149</a>, PR <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2238259849" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/153" data-hovercard-type="pull_request" data-hovercard-url="/mjl-/mox/pull/153/hovercard" href="https://github.com/mjl-/mox/pull/153">#153</a> by lmeunier, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/be570d1c7d3de0ddacb011b6411a302d7f7e9f9e/hovercard" href="https://github.com/mjl-/mox/commit/be570d1c7d3de0ddacb011b6411a302d7f7e9f9e"><tt>be570d1</tt></a>)</li> <li>Also give delivery another try with 5xx response when it happens during MAIL<br> FROM/RCPT TO, not only EHLO as before. (related to <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2228419374" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/149" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/149/hovercard" href="https://github.com/mjl-/mox/issues/149">#149</a>, PR <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2233961953" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/152" data-hovercard-type="pull_request" data-hovercard-url="/mjl-/mox/pull/152/hovercard" href="https://github.com/mjl-/mox/pull/152">#152</a> by lmeunier,<br> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/feb8e6c37947b21baaa7dcf724ade0f2435a8280/hovercard" href="https://github.com/mjl-/mox/commit/feb8e6c37947b21baaa7dcf724ade0f2435a8280"><tt>feb8e6c</tt></a>)</li> <li>Make error messages around syntax errors in config files related to<br> spurious spaces more helpful/understandable. (reported by arnt, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/6516a27689cbbacdf9653238500a9857eadcc32a/hovercard" href="https://github.com/mjl-/mox/commit/6516a27689cbbacdf9653238500a9857eadcc32a"><tt>6516a27</tt></a>)</li> <li>In SMTP server, reevaluate if SMTPUTF8 extension is needed for delivery, to<br> prevent potential delivery problems to servers that don't implement SMTPUTF8.<br> (issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2204520421" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/145" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/145/hovercard" href="https://github.com/mjl-/mox/issues/145">#145</a>, by lmeunier, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/9c5d2341629f598c298f4b9ae14009d108d814af/hovercard" href="https://github.com/mjl-/mox/commit/9c5d2341629f598c298f4b9ae14009d108d814af"><tt>9c5d234</tt></a>)</li> <li>When importing maildir, use file mtime as received timestamp if no timestamp<br> is available in filename. (based on message from abdul h, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/6d38a1e9a4bb5d266c2789910676585af76359bd/hovercard" href="https://github.com/mjl-/mox/commit/6d38a1e9a4bb5d266c2789910676585af76359bd"><tt>6d38a1e</tt></a>)</li> <li>If webauth login cookie is missing, and forwarding was configured, hint that<br> reverse proxy may be stripping path. (for issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2229452863" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/151" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/151/hovercard" href="https://github.com/mjl-/mox/issues/151">#151</a> by naturalethic,<br> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/afc47c8108f8961274ffd4260286ac627e4092d3/hovercard" href="https://github.com/mjl-/mox/commit/afc47c8108f8961274ffd4260286ac627e4092d3"><tt>afc47c8</tt></a>)</li> <li>Webmail: When adding submitted message to Sent mailbox, keep any Bcc address<br> in Bcc header. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/c9451d4d065e321eb73d51559c3bd7d96bcd17c7/hovercard" href="https://github.com/mjl-/mox/commit/c9451d4d065e321eb73d51559c3bd7d96bcd17c7"><tt>c9451d4</tt></a>)</li> <li>Make more of the dynamic config options (in domains.conf) configurable through<br> the web interfaces, instead of requiring editing the config file. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/baf4df55a6cd17f5992a0135b62122f0cff22729/hovercard" href="https://github.com/mjl-/mox/commit/baf4df55a6cd17f5992a0135b62122f0cff22729"><tt>baf4df5</tt></a>,<br> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/a69887bfabe3bbb317e803f6cb12ecf4c24d343c/hovercard" href="https://github.com/mjl-/mox/commit/a69887bfabe3bbb317e803f6cb12ecf4c24d343c"><tt>a69887b</tt></a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/e702f45d32d30fcbbcd10c2d17c62c6cd509df16/hovercard" href="https://github.com/mjl-/mox/commit/e702f45d32d30fcbbcd10c2d17c62c6cd509df16"><tt>e702f45</tt></a>)</li> <li>Webmail: Allow resizing of compose window, and remember width/height for<br> viewport dimension. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/e8bbaa451b130be546b0849c38739de7363fdd3b/hovercard" href="https://github.com/mjl-/mox/commit/e8bbaa451b130be546b0849c38739de7363fdd3b"><tt>e8bbaa4</tt></a>)</li> <li>Webmail: Show all images (inline and attachment) below the text part (for the<br> text view, not for html view). (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/3a58b2a1f49f34309b629501f3a613a22ff67b9c/hovercard" href="https://github.com/mjl-/mox/commit/3a58b2a1f49f34309b629501f3a613a22ff67b9c"><tt>3a58b2a</tt></a>)</li> <li>Webmail: Add export functionality, similar to existing option in account web<br> interface, but not also possible per mailbox or hierarchy. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/bf5cfca6b99feabd7e8b3a283d9770101acd0d7b/hovercard" href="https://github.com/mjl-/mox/commit/bf5cfca6b99feabd7e8b3a283d9770101acd0d7b"><tt>bf5cfca</tt></a>)</li> <li>Webmail: ctrl+Backspace on empty address input field removes the field (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/b54e903f015ac9237bbf1072f43919d8ad8cd3c5/hovercard" href="https://github.com/mjl-/mox/commit/b54e903f015ac9237bbf1072f43919d8ad8cd3c5"><tt>b54e903</tt></a>)</li> <li>Localserve: delivery from queue now goes through the smtp server instead of<br> directly from queue to local accounts. To go through the full regular delivery<br> paths. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/1cf747764266ed65dbf340e1b05fa65fb8e23cb1/hovercard" href="https://github.com/mjl-/mox/commit/1cf747764266ed65dbf340e1b05fa65fb8e23cb1"><tt>1cf7477</tt></a>)</li> <li>Many small improvements.</li> </ul> <h1>Bug fixes</h1> <ul> <li>Always properly escape values in Authentication-Results header added to<br> incoming messages. Some generated values could have characters that weren't<br> escaped. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/2c9cb5b847a7708ba401351e092098048eb8297b/hovercard" href="https://github.com/mjl-/mox/commit/2c9cb5b847a7708ba401351e092098048eb8297b"><tt>2c9cb5b</tt></a>)</li> <li>Fix logging in on account and webmail interface for account names (not email<br> addresses) with non-ASCII characters. (reported by arnt, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/666f84edead68ed68483d0eb3803954d98b93d5c/hovercard" href="https://github.com/mjl-/mox/commit/666f84edead68ed68483d0eb3803954d98b93d5c"><tt>666f84e</tt></a>)</li> <li>Update to latest bstore with a fix for ordering of certain database results.<br> Only a single query in mox would have triggered the issue, with no expected<br> impact. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/d34dd8aae6ca4ccf0981bd36bbdf96d7e5128372/hovercard" href="https://github.com/mjl-/mox/commit/d34dd8aae6ca4ccf0981bd36bbdf96d7e5128372"><tt>d34dd8a</tt></a>)</li> <li>For incoming TLS connections (HTTPS, but also SMTP and IMAP) for unrecognized<br> domain names (for which we don't have a TLS certificate), don't respond with an<br> "internal error" TLS alert, but with an "unrecognized name" alert. More helpful<br> to user figuring out what's going on. (reported by arnt, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/89a9a8bc97962754b8ba8e57e92eb27db3829f26/hovercard" href="https://github.com/mjl-/mox/commit/89a9a8bc97962754b8ba8e57e92eb27db3829f26"><tt>89a9a8b</tt></a>).</li> </ul> <h1>Update instructions</h1> <p>Before upgrading, do a dry-run first.</p> <ul> <li>Make a temporary backup with the old mox version:<br> <code>mox-v0.0.10 backup data/tmp/testupgrade</code></li> <li>Verify that all is well with the old version:<br> <code>mox-v0.0.10 verifydata data/tmp/testupgrade</code></li> <li>Verify the state with the new version:<br> <code>mox-v0.0.11 verifydata data/tmp/testupgrade</code></li> </ul> <p>With a successful dry-run, the upgrade should go smoothly. Make a new backup<br> with <code>mox-v0.0.10 backup data/tmp/backup</code> (the previous backup was modified by<br> the dry-run, so couldn't be used to restore!), replace the binary and restart.<br> For further details, see<br> <a href="https://www.xmox.nl/faq/#hdr-how-do-i-upgrade-my-mox-installation" rel="nofollow">https://www.xmox.nl/faq/#hdr-how-do-i-upgrade-my-mox-installation</a></p> <p>If you run into any problems, please create a bug report.</p> <h1>Thanks</h1> <p>Thanks for contributions and/or feedback from: pmarini, tabatinga0xffff,<br> lmeunier, alex, arnt, abdul h, cuu508, naturalethic, nixigaj, mattfbacon,<br> jsfan3, hmfaysal, damir &amp; marin from sartura, RobSlgm, daftaupe, vipas84,<br> TragicLifeHu, manaus0xff, jdlawrie, Bloomers7577, kbrgmn (and all those I<br> missed).</p> <p>Feedback, feature requests, bug reports, contributions (start small!) are all<br> welcome. An easy way to help mox is to use it and spread the word!</p> <p>Development on mox is funded through the NLnet NGI0 Entrust Fund,<br> <a href="https://nlnet.nl/entrust/" rel="nofollow">https://nlnet.nl/entrust/</a>, with financial support from the European<br> Commission's Next Generation Internet programme.</p> mjl- tag:github.com,2008:Repository/595136650/v0.0.10 2024-03-09T19:29:42Z <h1>New features</h1> <ul> <li>Implement SMTP "FUTURERELEASE" extension in SMTP server. For submitting a<br> message for delivery from the queue at a time in the future, e.g. tomorrow<br> morning 9:00. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/93c52b01a02d9f4558a0c9eb29b8accc21b6da66/hovercard" href="https://github.com/mjl-/mox/commit/93c52b01a02d9f4558a0c9eb29b8accc21b6da66"><tt>93c52b0</tt></a>)</li> <li>Delivery from the queue to multiple recipients in a single SMTP transaction,<br> transferring data only once. This is only done for recipients with the same<br> recipient domain. The maximum recipients limit from the RFC 9422 SMTP LIMITS is<br> honored and mox now announces its own limit. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/47ebfa81526cb87bd44f4452fcb080fda1be515a/hovercard" href="https://github.com/mjl-/mox/commit/47ebfa81526cb87bd44f4452fcb080fda1be515a"><tt>47ebfa8</tt></a>)</li> <li>Allow configuring DNS blocklists (DNSBLs) only for monitoring, without using<br> them for incoming email. Previously, mox would only monitor DNSBLs that are<br> used for incoming connections. But it is useful to know if your IPs are on a<br> blocklist, unrelated to whether you're using the blocklist. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/15e450df61173701fbbf2be52bf2e944cbe4b0f7/hovercard" href="https://github.com/mjl-/mox/commit/15e450df61173701fbbf2be52bf2e944cbe4b0f7"><tt>15e450d</tt></a>)</li> </ul> <h1>Improvements</h1> <ul> <li>Mox has a separate website now, <a href="https://www.xmox.nl" rel="nofollow">https://www.xmox.nl</a>. It should be more<br> friendly for first-time visitors than the github page. It also has an initial<br> video, with more to come. Content, except images/videos, is in the mox git<br> repository, so functionality and documentation can be changed together.<br> (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/0bc30729440cc61bbaddf9c84f1f9431eba7300d/hovercard" href="https://github.com/mjl-/mox/commit/0bc30729440cc61bbaddf9c84f1f9431eba7300d"><tt>0bc3072</tt></a>)</li> <li>Fix interpreting a per-account negative total size quota as "no limit",<br> overriding the global/default setting. (issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2078335625" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/115" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/115/hovercard" href="https://github.com/mjl-/mox/issues/115">#115</a> by pmarini-nc)</li> <li>Webmail: When Q/B-word-decoding attachment filenames, recognize more<br> character set encodings. (issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2069648305" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/113" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/113/hovercard" href="https://github.com/mjl-/mox/issues/113">#113</a> by jsfan3)</li> <li>Webmail: show unicode for internationalized email addresses by default. Not<br> the xn-- names, which are not user-friendly. A hover still shows the xn--<br> names. After talking to arnt at FOSDEM.</li> <li>Localparts of addresses are now normalized to Unicode NFC throughout mox,<br> including for incoming deliveries. Previously, incoming SMTPUTF8 deliveries<br> with non-NFC-normalized unicode localparts (e.g. with separate code points for<br> accents and such (NFD)) would not be accepted. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/8e6fe7459b6f9478e83097ea8c96b06708b58941/hovercard" href="https://github.com/mjl-/mox/commit/8e6fe7459b6f9478e83097ea8c96b06708b58941"><tt>8e6fe74</tt></a>)</li> <li>The PRECIS (RFC 8265) password profile is now applied when setting/using<br> passwords. It prevents confusing users who use unusual unicode whitespace<br> codepoints in their passwords. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/c57aeac7f09eb003f5475a9882a0640264b533f2/hovercard" href="https://github.com/mjl-/mox/commit/c57aeac7f09eb003f5475a9882a0640264b533f2"><tt>c57aeac</tt></a>)</li> <li>Webmail: Implement registering "mailto:" links. Click the new button in the<br> Help popup to register. From Hans-Jörg. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/ee1db2dde705a70dc353ae039f1b1880c6678341/hovercard" href="https://github.com/mjl-/mox/commit/ee1db2dde705a70dc353ae039f1b1880c6678341"><tt>ee1db2d</tt></a>)</li> <li>In DSNs, show the full (multiline) SMTP response, not just the first line. It<br> often has helpful details. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/50c13965a72bf4f2fbf75c9b676315ae553f9ec9/hovercard" href="https://github.com/mjl-/mox/commit/50c13965a72bf4f2fbf75c9b676315ae553f9ec9"><tt>50c1396</tt></a>)</li> <li>More DSN improvements: put the full SMTP reply in field Diagnostic-Code<br> (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/1c934f0103d51ccc321f89a4776a67d99dd41bd3/hovercard" href="https://github.com/mjl-/mox/commit/1c934f0103d51ccc321f89a4776a67d99dd41bd3"><tt>1c934f0</tt></a>), when delivering a local DSN add Delivered-To header<br> (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/79da4faaa1e7cdf944ef3d35a2fc0c2d97894ae7/hovercard" href="https://github.com/mjl-/mox/commit/79da4faaa1e7cdf944ef3d35a2fc0c2d97894ae7"><tt>79da4fa</tt></a>), when parsing an incoming DSN set the Action field (e.g. failed,<br> delayed) (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/f6497b1aaf65e80b0dc5d96e143c834aefc7185f/hovercard" href="https://github.com/mjl-/mox/commit/f6497b1aaf65e80b0dc5d96e143c834aefc7185f"><tt>f6497b1</tt></a>), match DSN to threads based on Referenced/In-Reply-To<br> only, not subject (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/13923e4b7bfe30a9bfd67e7abbadc8bf0bfbc2d0/hovercard" href="https://github.com/mjl-/mox/commit/13923e4b7bfe30a9bfd67e7abbadc8bf0bfbc2d0"><tt>13923e4</tt></a>).</li> <li>In quickstart and self-check, improve the check whether resolver verifies<br> DSNSEC. We were looking up NS on ".", but some DNSSEC-verifying resolvers<br> respond to that with unauthentic data. (issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2171176940" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/139" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/139/hovercard" href="https://github.com/mjl-/mox/issues/139">#139</a> by triatic)</li> <li>More helpful instructions about setting up a DNSSEC-verifying resolver, and<br> how to test it. (issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2136591426" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/131" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/131/hovercard" href="https://github.com/mjl-/mox/issues/131">#131</a> by romner-set)</li> <li>Relevant for reusable components: the "slog" package from golang.org/x/exp is<br> now replaced with slog from the standard library. Function signatures have<br> changed. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/d1b87cdb0da173fb15c33e38ac81a57494c8d226/hovercard" href="https://github.com/mjl-/mox/commit/d1b87cdb0da173fb15c33e38ac81a57494c8d226"><tt>d1b87cd</tt></a>)</li> </ul> <h1>Bug fixes</h1> <ul> <li>smtpserver: Spurious \r were sometimes injected when fixing up crlf line<br> endings for incoming messages. The check could look at wrong a buffer,<br> seemingly randomly incorrectly concluding a \r was missing before a \n.<br> Messages with the extra \r added shouldn't cause any trouble.<br> You can find these messages with <code>grep -rn $'\r\r$' data/accounts/$youraccount/msg/</code>,<br> remove one \r manually and run <code>mox fixmsgsize $youraccount</code> to<br> reparse the message. (issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2081122035" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/117" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/117/hovercard" href="https://github.com/mjl-/mox/issues/117">#117</a>, by haraldrudell)</li> <li>Deliveries could seemingly randomly but consistencly fail with an incorrect<br> diagnostic about the message containing a bare newline. It would happy due to<br> crlf handling around buffer starts/ends. (issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2133935573" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/129" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/129/hovercard" href="https://github.com/mjl-/mox/issues/129">#129</a> by x8x)</li> <li>When adding a message to the queue for delivery, set the correct local<br> account, so DSNs about delivery failures go to the correct user, not the<br> postmaster account. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/dc83ad1df55914c763d5235beaa8364e806df05f/hovercard" href="https://github.com/mjl-/mox/commit/dc83ad1df55914c763d5235beaa8364e806df05f"><tt>dc83ad1</tt></a>)</li> <li>imapserver: In a sequence/uid pattern, the "*" would in some cases be interpreted<br> as the first message, but it should always be the last message in a mailbox.<br> (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/14aa85482e0e2baf2c515adb29ab6a7718150a44/hovercard" href="https://github.com/mjl-/mox/commit/14aa85482e0e2baf2c515adb29ab6a7718150a44"><tt>14aa854</tt></a>).</li> <li>Fix displaying DMARC reports with empty values for some fields. The<br> TypeScript checks would reject them for being invalid enums, empty strings<br> are now part of the enum. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/20812dcf62aff3e5796f95b6cbe92ce2a4942294/hovercard" href="https://github.com/mjl-/mox/commit/20812dcf62aff3e5796f95b6cbe92ce2a4942294"><tt>20812dc</tt></a>)</li> <li>In outgoing TLS reports, always use DNS ASCII A-labels, not unicode U-labels.<br> (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/62be829df078f93e12bd7a1adbdbe604d23f1946/hovercard" href="https://github.com/mjl-/mox/commit/62be829df078f93e12bd7a1adbdbe604d23f1946"><tt>62be829</tt></a>)</li> <li>For domains configured only for TLS/DMARC reporting, don't reject messages to<br> that domain during submission, but deliver them as normal. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/1d9e80fd705945e21983fe8bc0a1e81377c2aad1/hovercard" href="https://github.com/mjl-/mox/commit/1d9e80fd705945e21983fe8bc0a1e81377c2aad1"><tt>1d9e80f</tt></a>)</li> <li>smtpclient: Treat server's size limit of SIZE=0 as "no limit", instead of<br> failing to deliver. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/39bfa4338a124f3908b4b38f5af5a98fb6d9e50f/hovercard" href="https://github.com/mjl-/mox/commit/39bfa4338a124f3908b4b38f5af5a98fb6d9e50f"><tt>39bfa43</tt></a>)</li> <li>Accept TLS reports that reference multiple domains, and that mix reports<br> about hosts and recipient domains. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/e0c36edb8f1b13a9e9acfab08842ac2f200c9b1a/hovercard" href="https://github.com/mjl-/mox/commit/e0c36edb8f1b13a9e9acfab08842ac2f200c9b1a"><tt>e0c36ed</tt></a>)</li> <li>Admin: Prevent writing out an invalid domains.conf that cannot be parsed<br> again. Happened when the last address of an account was removed through the<br> admin web interface. (issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2140098289" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/133" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/133/hovercard" href="https://github.com/mjl-/mox/issues/133">#133</a> by ally9335)</li> <li>Webmail: sending to invalid addresses could result in (failing) attempts to an<br> empty address instead of returning an error message to the user. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/63cef8e3a59bd09dbca863854bec7d40c444715e/hovercard" href="https://github.com/mjl-/mox/commit/63cef8e3a59bd09dbca863854bec7d40c444715e"><tt>63cef8e</tt></a>)</li> </ul> <h1>Update instructions</h1> <p>Before upgrading, do a dry-run first.</p> <ul> <li>Make a temporary backup with the old mox version:<br> <code>mox-v0.0.9 backup data/tmp/testupgrade</code></li> <li>Verify that all is well with the old version:<br> <code>mox-v0.0.9 verifydata data/tmp/testupgrade</code></li> <li>Verify the state with the new version:<br> <code>mox-v0.0.10 verifydata data/tmp/testupgrade</code></li> </ul> <p>With a successful dry-run, the upgrade should go smoothly. Make a new backup<br> with <code>mox-v0.0.9 backup data/tmp/backup</code> (the previous backup was modified by<br> the dry-run, so couldn't be used to restore!), replace the binary and restart.<br> For further details, see<br> <a href="https://www.xmox.nl/faq/#hdr-how-do-i-upgrade-my-mox-installation" rel="nofollow">https://www.xmox.nl/faq/#hdr-how-do-i-upgrade-my-mox-installation</a></p> <p>If you run into any problems, please create a bug report.</p> <h1>Thanks</h1> <p>Thanks for contributions and/or feedback from: haraldrudell, x8x, romner-set,<br> triatic, mteege, Hans-Jörg, arnt, jsfan3, pmarini-nc, ArnoSen, andreasheil,<br> theduke, daluntw, lmeunier, ally9335, p-rintz, daftaupe (and everyone at the<br> FOSDEM email devroom, and all those I missed).</p> <p>Feedback, feature requests, bug reports, contributions (start small!) are all<br> welcome. An easy way to help mox is to use it and spread the word!</p> <p>Development on mox is funded through the NLnet NGI0 Entrust Fund,<br> <a href="https://nlnet.nl/entrust/" rel="nofollow">https://nlnet.nl/entrust/</a>, with financial support from the European<br> Commission's Next Generation Internet programme.</p> <h1>Download or compiling</h1> <p>See <a href="https://www.xmox.nl/install/#hdr-download" rel="nofollow">https://www.xmox.nl/install/#hdr-download</a>.</p> mjl- tag:github.com,2008:Repository/595136650/v0.0.9 2024-01-09T11:06:34Z <h1>New features</h1> <ul> <li>Per-account disk space quota. Mox now tracks the total size of messages in an<br> account (overhead from the message index database or file system is not<br> included). A maximum disk usage can be configured globally and/or per account.<br> If configured, the maximum allowed disk usage is enforced. By default, no<br> maximum is configured. Setting quota for accounts can prevent a single account<br> from filling up the disks. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/d73bda7511192a903d56bcf25a503fccee67be36/hovercard" href="https://github.com/mjl-/mox/commit/d73bda7511192a903d56bcf25a503fccee67be36"><tt>d73bda7</tt></a>)</li> <li>When suggesting CAA DNS records (specifying which Certificate Authorities are<br> allowed to sign certificates for a domain), suggest variants that bind to the<br> ACME account ID, and restricts the validation methods to those used by mox.<br> Should prevent MitM close to a machine from requesting TLS certificates through<br> ACME as seen on the internet recently. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/db3fef4981f25f080803d78b491ca6615b0d9577/hovercard" href="https://github.com/mjl-/mox/commit/db3fef4981f25f080803d78b491ca6615b0d9577"><tt>db3fef4</tt></a>)</li> <li>Add config file fields for ACME external account binding (EAB). Some ACME<br> providers require EAB to link an ACME account with a non-ACME account at the<br> provider. With EAB, more ACME providers can be used with mox. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/ee1094e1cb7cb344c88d1c62e7c8d59dd4310ff0/hovercard" href="https://github.com/mjl-/mox/commit/ee1094e1cb7cb344c88d1c62e7c8d59dd4310ff0"><tt>ee1094e</tt></a>)</li> <li>Implement the PLUS-variants of the SCRAM authentication mechanisms:<br> SCRAM-SHA-256-PLUS and SCRAM-SHA-1-PLUS. The PLUS variants add TLS channel<br> binding: Authentication only succeeds if the client and server are on the same<br> TLS connection. Authentication will fail if there is a MitM (that has a valid<br> TLS certificate). (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/e7478ed6acb9dd6220fe2b95e0e1b246f93bd3de/hovercard" href="https://github.com/mjl-/mox/commit/e7478ed6acb9dd6220fe2b95e0e1b246f93bd3de"><tt>e7478ed</tt></a>)</li> <li>Use a <code>mail.&lt;domain&gt;</code> CNAME for the SMTP (submission) and IMAP servers of a<br> domain, pointing to the mail server host name. Before, clients were instructed<br> to configure the mail server host name directly, but that makes it harder to<br> migrate the domain to another mail server in the future: All clients would need<br> to update their settings. A CNAME can be pointed to a new server without<br> requiring changes to client settings. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/da3ed38a5cb07617690e6a0b2f484e78a79eefc5/hovercard" href="https://github.com/mjl-/mox/commit/da3ed38a5cb07617690e6a0b2f484e78a79eefc5"><tt>da3ed38</tt></a>)</li> </ul> <h1>Improvements</h1> <ul> <li>The admin, account and mail web interfaces now use session cookie-based<br> authentication (with csrf) instead of HTTP authentication. These interfaces<br> now have a "logout" button (not possible with HTTP authentication). (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1885975197" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/58" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/58/hovercard" href="https://github.com/mjl-/mox/issues/58">#58</a>,<br> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/0f8bf2f220887078d4f3b54efff643c93580e9ed/hovercard" href="https://github.com/mjl-/mox/commit/0f8bf2f220887078d4f3b54efff643c93580e9ed"><tt>0f8bf2f</tt></a>)</li> <li>Webmail: Don't automatically mark unclassified messages in the Rejects mailbox<br> as non-junk when reading them. For all other mailboxes the behaviour is<br> unchanged. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/416113af723a77de03799975a4f3555ea80995c7/hovercard" href="https://github.com/mjl-/mox/commit/416113af723a77de03799975a4f3555ea80995c7"><tt>416113a</tt></a>)</li> <li>Webmail: Ask user to reload the application when the server version has<br> changed. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/8e37fadc131054c094d22629ef4a4932ad79b116/hovercard" href="https://github.com/mjl-/mox/commit/8e37fadc131054c094d22629ef4a4932ad79b116"><tt>8e37fad</tt></a>)</li> <li>Webmail: In the message view, show the DMARC status of the domain of the<br> message "From" address. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/fb81effe45cf657112f5744c01359e5d8bb847b8/hovercard" href="https://github.com/mjl-/mox/commit/fb81effe45cf657112f5744c01359e5d8bb847b8"><tt>fb81eff</tt></a>)</li> <li>Webmail: When composing, leave out our own address when replying. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/7c1879da828c949cfdee3155df023d63f49b0bbc/hovercard" href="https://github.com/mjl-/mox/commit/7c1879da828c949cfdee3155df023d63f49b0bbc"><tt>7c1879d</tt></a>)</li> <li>Junk filtering: Make content-based filtering for first-time senders more<br> strict for messages delivered over non-TLS connections, or when the addressee<br> isn't in a To/Cc message header. Common for junk, uncommon for non-junk.<br> (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/2ff87a0f9c84e1931d5396fe745d07ce46be6d72/hovercard" href="https://github.com/mjl-/mox/commit/2ff87a0f9c84e1931d5396fe745d07ce46be6d72"><tt>2ff87a0</tt></a>)</li> <li>SMTP server: after "MAIL FROM:" and "RCPT TO:" commands, allow a space (which<br> is invalid syntax) also for delivery. We only allowed it for submission,<br> assuming only (submitting) mail clients or spammers had sloppy SMTP<br> implementations. In practice, also legitimate delivering mail servers have<br> sloppy implementations. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2030877879" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/101" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/101/hovercard" href="https://github.com/mjl-/mox/issues/101">#101</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/af5da176239b3eca22046a1d92cacfc60bd0ef9d/hovercard" href="https://github.com/mjl-/mox/commit/af5da176239b3eca22046a1d92cacfc60bd0ef9d"><tt>af5da17</tt></a>)</li> <li>When generating a Authentication-Results message header (with results for<br> SPF/DKIM/DMARC/etc), put each result on a new line for better readability.<br> (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/2710a5b97122e1c8576ef94d2040314766533ac8/hovercard" href="https://github.com/mjl-/mox/commit/2710a5b97122e1c8576ef94d2040314766533ac8"><tt>2710a5b</tt></a>)</li> <li>Make many non-server Go packages more easily reusable. Package imports were<br> changed so more packages can be imported without pulling in mox internals. See<br> <a href="https://github.com/mjl-/moxtools">https://github.com/mjl-/moxtools</a> for a tool that reuses Go packages. It is<br> deployed publicly at <a href="https://tools.xmox.nl/" rel="nofollow">https://tools.xmox.nl/</a>. As part of this change, mox now<br> uses Go's slog package for logging. Changes in the API's between releases are<br> tracked at <a href="https://github.com/mjl-/mox/tree/main/apidiff">https://github.com/mjl-/mox/tree/main/apidiff</a>. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/5b20cba50aa1e7d81678b36f925e1cc6e2c99438/hovercard" href="https://github.com/mjl-/mox/commit/5b20cba50aa1e7d81678b36f925e1cc6e2c99438"><tt>5b20cba</tt></a>,<br> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/72ac1fde29fb56ac27468d51ce7987e4225f6f55/hovercard" href="https://github.com/mjl-/mox/commit/72ac1fde29fb56ac27468d51ce7987e4225f6f55"><tt>72ac1fd</tt></a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/f3a35a67663e839ffe467f7539b90826596a6c86/hovercard" href="https://github.com/mjl-/mox/commit/f3a35a67663e839ffe467f7539b90826596a6c86"><tt>f3a35a6</tt></a>)</li> <li>SMTP server: for submission, if a message has a Return-Path header, only fail<br> in pedantic mode. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2051104920" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/103" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/103/hovercard" href="https://github.com/mjl-/mox/issues/103">#103</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/57fc37af2296bfa7114abd8dffd8edb88efec2e7/hovercard" href="https://github.com/mjl-/mox/commit/57fc37af2296bfa7114abd8dffd8edb88efec2e7"><tt>57fc37a</tt></a>)</li> <li>Webmail: For messages in the Sent mailbox, show To/Cc/Bcc in italic, and show<br> all correspondents in collapsed threads. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2051663875" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/104" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/104/hovercard" href="https://github.com/mjl-/mox/issues/104">#104</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/802dcef192c028cf4462336b8beb311796b8ff0f/hovercard" href="https://github.com/mjl-/mox/commit/802dcef192c028cf4462336b8beb311796b8ff0f"><tt>802dcef</tt></a>)</li> <li>The admin and account web interfaces were changed from JavaScript to<br> TypeScript, making it easier to maintain. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/a9940f9855d430760c888a43001f347064340d51/hovercard" href="https://github.com/mjl-/mox/commit/a9940f9855d430760c888a43001f347064340d51"><tt>a9940f9</tt></a>).</li> <li>Implement IMAP-UTF-7 more fully, and allow creating mailboxes with "special"<br> characters: "&amp;" (the IMAP-UTF-7 escape character), "#" (the IMAP namespace<br> character), "*" and "%" (matching characters). These were not allowed out of<br> caution, but occur in real-world mailbox names. Mox now uses IMAP-UTF-7 when<br> sending mailbox names for clients that did not enable IMAP4rev2 or UTF8=ACCEPT.<br> Before, mox would always send UTF-8, but not all clients understand that, and it<br> can cause confusion with IMAP-UTF-7 and "&amp;" escaping. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2060992116" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/110" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/110/hovercard" href="https://github.com/mjl-/mox/issues/110">#110</a>, <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/d84c96eca585490bc1f9ca42cbcf7e364c6a766c/hovercard" href="https://github.com/mjl-/mox/commit/d84c96eca585490bc1f9ca42cbcf7e364c6a766c"><tt>d84c96e</tt></a>)</li> <li>IMAP server: Add STATUS=SIZE as capability. It was already implemented as<br> part of IMAP4rev2, but older clients won't recognize that. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/59bffa470153629da99bb0eddfe80571be745a17/hovercard" href="https://github.com/mjl-/mox/commit/59bffa470153629da99bb0eddfe80571be745a17"><tt>59bffa4</tt></a>)</li> <li>And more smaller improvements.</li> </ul> <h1>Bug fixes</h1> <ul> <li>SMTP server and SMTP smuggling: Mox was itself not vulnerable to SMTP<br> smuggling, treating only "\r\n.\r\n" as end of transaction. But two<br> improvements have been made: (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/1f9b640d9ae8dbd92d90fa3a5e26caaa67411eb8/hovercard" href="https://github.com/mjl-/mox/commit/1f9b640d9ae8dbd92d90fa3a5e26caaa67411eb8"><tt>1f9b640</tt></a>) <ol> <li>Bare carriage returns are no longer accepted during SMTP transactions. Bugs<br> in other mail servers can lead them to accept other sequences as<br> end-of-transaction, notably "\r.\r". Mox would accept submitted messages with<br> that sequence for delivery. Such messages could trigger bugs in other mail<br> servers causing them to materialize non-existent messages. By no longer<br> accepting bare carriage returns in submitted messages, mox can no longer be used<br> to trigger the "\r.\r"-bug in other mail servers. SMTP transactions with a bare<br> carriage return now result in an error mentioning SMTP smuggling. Mox can still<br> store messages with bare carriage returns, e.g. from imports. Mox already added<br> missing carriage returns to bare newlines.</li> <li>A bug in mox caused sequences of "\nX\n" for any X (including "\n.\n") to<br> result in a temporary processing error. For "\n.\n" this accidentially was fine<br> behaviour, for other characters the bug has been fixed. Any sequence of<br> "\r\n.\r\n" where one or both carriage returns are missing now result in an<br> error mentioning SMTP smuggling.</li> </ol> </li> <li>IMAP server: The on-disk message size was not correctly calculated for messages<br> added with the APPEND command (typically used for imported messages and when a<br> mail client sends a message) when bare newlines ("\n") got a missing carriage<br> return added ("\r\n"). This would cause errors when attempting to read the<br> message. If you are affected by this, run "mox fixmsgsize " to fix up<br> incorrect message sizes. Reported by daftaupe. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/02eb7b50330ef671fa25e4895531a7de12711e8c/hovercard" href="https://github.com/mjl-/mox/commit/02eb7b50330ef671fa25e4895531a7de12711e8c"><tt>02eb7b5</tt></a>)</li> <li>SMTP server: When writing "slow responses" (when a message is deemed junk),<br> ensure the total response time isn't too long (slightly less than 30 seconds).<br> Slow responses were writing 1 byte per second. With a long response (e.g. long<br> error message), a sending mail server may not consume a full response. If mox<br> was the sending server, it would report a timeout after 30 seconds. Report by<br> naturalethic. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/fbc18d522d29514d097b5ce62dd64a252cc0738d/hovercard" href="https://github.com/mjl-/mox/commit/fbc18d522d29514d097b5ce62dd64a252cc0738d"><tt>fbc18d5</tt></a>)</li> <li>IMAP server: Only send "OLDNAME" in a response to the LIST command when<br> IMAP4rev2 is enabled. IMAP4rev1 clients (most common) don't understand it. From<br> duesee with imap-flow. (<a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/41e3d1af10579de6c7a718906061d03b38aba613/hovercard" href="https://github.com/mjl-/mox/commit/41e3d1af10579de6c7a718906061d03b38aba613"><tt>41e3d1a</tt></a>)</li> </ul> <h1>Update instructions</h1> <p>Before upgrading, do a dry-run first.</p> <ul> <li>Make a temporary backup with the old mox version:<br> <code>mox-v0.0.8 backup data/tmp/testupgrade</code></li> <li>Verify that all is well with the old version:<br> <code>mox-v0.0.8 verifydata data/tmp/testupgrade</code></li> <li>Verify the state with the new version:<br> <code>mox-v0.0.9 verifydata data/tmp/testupgrade</code></li> </ul> <p>With a successful dry-run, the upgrade should go smoothly. Make a new backup<br> with <code>mox-v0.0.8 backup data/tmp/backup</code> (the previous backup was modified by<br> the dry-run, so couldn't be used to restore!), replace the binary and restart.<br> For further details, see<br> <a href="https://github.com/mjl-/mox#how-do-i-upgrade-my-mox-installation">https://github.com/mjl-/mox#how-do-i-upgrade-my-mox-installation</a></p> <p>If you run into any problems, please create a bug report.</p> <p>After upgrading, you may want to:</p> <ul> <li>Run "mox fixmsg " if you've imported messages over IMAP that have<br> bare newlines ("\n" instead of "\r\n").</li> <li>Configure your email clients to use authentication mechanism<br> SCRAM-SHA-256-PLUS for SMTP (submission) and IMAP, if they support it. If mail<br> clients have trouble logging in after upgrading, they may be picking a SCRAM<br> PLUS variant without properly supporting it. Explicitly configuring the non-PLUS<br> authentication mechanism should fix the problem and ensures a MitM cannot<br> downgrade the chosen authentication mechanism by altering the list of supported<br> authentication mechanisms.</li> <li>Change the CAA records for your domains to include the ACME account id and<br> allowed validation methods. See the suggested DNS records for each configured<br> domain.</li> <li>Set disk usage quota, either globally for all accounts or per account. See<br> QuotaMessageSize in mox.conf, <a href="https://pkg.go.dev/github.com/mjl-/mox/config" rel="nofollow">https://pkg.go.dev/github.com/mjl-/mox/config</a>.</li> <li>Add <code>ClientSettingsDomain: mail.&lt;yourdomain&gt;</code> to each domain in domains.conf,<br> add the CNAME record as afterwards suggested in the DNS records page, and<br> update client account settings to use the new host name.</li> <li>For mox setups configured behind an existing webserver, add "Forwarded: true"<br> to the (Admin|Account|Webmail)HTTP(S) sections in mox.conf. It causes them to<br> use X-Forwarded-* headers for determining if HTTPS was active (for secure<br> cookies), and for the IP used for rate limiting.</li> </ul> <h1>Thanks</h1> <p>Thanks for contributions and/or feedback from: Fell, duesee (and<br> <a href="https://github.com/duesee/imap-flow/">https://github.com/duesee/imap-flow/</a>), daftaupe, naturalethic, jsfan3, Halyul,<br> mattfbacon, jsaponara, pmarini (and those I missed).</p> <p>Feedback, feature requests, bug reports, contributions (start small!) are all<br> welcome. An easy way to help mox is to use it and spread the word!</p> <p>Development on mox is funded through the NLnet NGI0 Entrust Fund,<br> <a href="https://nlnet.nl/entrust/" rel="nofollow">https://nlnet.nl/entrust/</a>, with financial support from the European<br> Commission's Next Generation Internet programme.</p> mjl- tag:github.com,2008:Repository/595136650/v0.0.8 2023-11-22T22:25:23Z <p>New features:</p> <ul> <li>DNSSEC-awareness throughout the code base, based on<br> <a href="https://github.com/mjl-/adns">https://github.com/mjl-/adns</a>, a fork of Go's DNS resolver. DNSSEC<br> is a requirement for DANE (see below). If you don't have a<br> DNSSEC-verifying stub resolver configured, DNS lookups are regarded<br> as unverified. Installing unbound and and is still the recommended<br> action.</li> <li>DANE for incoming and outgoing delivery (RFCs 7672, 6698 and 7671).<br> DANE is a mechanism to require verified TLS (with STARTTLS) for delivery<br> over SMTP. Verification with DANE does not use the global WebPKI/PKIX<br> pool of Certificate Authorities. With DANE, verification is done based<br> on DNS records of type TLSA. These records specify (hashes of) public<br> keys to allow (DANE-EE), ignoring expiration/hostname-match/issuing<br> party, and/or they specify (hashes of) certificates of allowed<br> certificates authorities (DANE-TA), regardless of whether those<br> authorities are in the globally trusted WebPKI/PKIX CA pool.<br> DANE requires that DNS records are DNSSEC-protected, both to protect<br> the MX records and the TLSA records. MTA-STS (already implemented)<br> has similar goals, but does use the WebPKI/PKIX Certificate Authorities<br> pool, both to verify TLS certificates and to protect MX records.<br> DANE and MTA-STS can coexist: In the default configuration, mox<br> generates private keys, then retrieves certificates from Let's Encrypt<br> for these private keys (through <a href="https://github.com/mjl-/autocert">https://github.com/mjl-/autocert</a>, a<br> fork of golang.org/x/crypto/acme/autocert). These certificates are<br> valid for MTA-STS, and TLSA records are generated for the keys for<br> verification with DANE. For inbound delivery with DANE protection,<br> your DNS records must be DNSSEC-protected. For outbound delivery with<br> DANE protection, a trusted DNSSEC-verifying stub resolver is required.</li> <li>Mox now compiles on Windows, so "mox localserve" and most other<br> commands to work, but "mox serve" (the actual mail server) does not<br> yet work.</li> <li>"SMTP Require TLS Option" (RFC 8689), consisting of two mechanisms: <ol> <li>A REQUIRETLS SMTP extension to require verified TLS along each hop<br> in message delivery, either through MTA-STS or DANE.</li> <li>A message header "TLS-Required: No", that overrides any TLS<br> requirement along the way as specified by any MTA-STS or DANE<br> policy.<br> These mechanisms can be used to ensure secure delivery, or to work<br> around delivery issues due to TLS requirements. Mox remembers whether<br> an SMTP server offered the REQUIRETLS extension. Webmail automatically<br> selects it if all recipients support it. Webmail also lets the user<br> select the "TLS-Required: No" header.</li> </ol> </li> <li>Outgoing DMARC reports (RFC 7489). Mox now stores the results of DMARC<br> evaluations for inbound messages. These results can be viewed in the<br> admin web pages. Reports are typically sent every 24 hours (covering a<br> 24 UTC day), but will be sent for up to 1 hour intervals if requested<br> by a domain. Sending DMARC reports is enabled by default, but can<br> be disabled through new option NoOutgoingDMARCReports in mox.conf.<br> Reporting addresses can be added to a suppression list, to reduce<br> noise due to deliverability issues. Incoming DMARC reports were<br> already implemented.</li> <li>Outgoing SMTP TLS reporting (RFC 8460). When delivering outbound<br> messages, the SMTP client will look up MTA-STS and/or DANE policies<br> for TLS requirements, with a fallback to opportunistic TLS.<br> The evaluated security policies, (TLS) connection success/failure<br> counts, and any failure details, are stored. Reports are sent once<br> per day to reporting addresses in the TLSRPT DNS record of a domain,<br> over a 24 hour UTC day period. By default, reports are only sent<br> if there was a failure. The pending results can be viewed in the<br> admin web pages. Sending reports can be disabled with new option<br> NoOutgoingTLSReports in mox.conf. Reports with only successes can be<br> enabled through OutgoingTLSReportsForAllSuccess. Reporting addresses<br> can be added to a suppression list to reduce noise due to delivery<br> failures.</li> </ul> <p>Improvements:</p> <ul> <li>Webmail: Recognize encoded file names in message attachments. Either with<br> RFC2231-encoding (as specified) or Q/B-word encoding (as used in practice).<br> (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1940581625" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/82" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/82/hovercard" href="https://github.com/mjl-/mox/issues/82">#82</a>)</li> <li>Webmail: For portait images, don't let image extend beyond window height.</li> <li>Webmail: Wrap long header lines, instead of showing horizontal scrollbar.</li> <li>Webmail: Replying without having text selected now starts a top-post<br> with an "On ... wrote:"-line. Replying with text selected still starts<br> a bottom-post containing only the selected text, quoted. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1942193623" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/83" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/83/hovercard" href="https://github.com/mjl-/mox/issues/83">#83</a>)</li> <li>Webmail: In the compose window, autoresize address input fields to<br> match the content.</li> <li>Webmail: When composing a message, show security properties of recipient<br> addresses: Whether STARTTLS is known to be offered by the SMTP server<br> (historically), whether MTA-STS is implemented, whether MX records are<br> DNSSEC-signed, whether DANE is implemented, and whether REQUIRETLS is<br> offered by the SMTP server (historically).</li> <li>Webmail: Add clear marker between message header and body, so an<br> HTML message cannot fake being part of the UI.</li> <li>Webmail: If a "display name" of an address contains address-like<br> characters ("@" or "&lt;" or "&gt;"), only display the actual email address<br> in the message listing, not the display name. Should prevent confusion<br> attacks with messages specifying an unrelated email address in the<br> display name.</li> <li>The suggested SRV DNS record for autodiscovery now points directly to<br> the host name, not to a CNAME (which is technically invalid, but seems<br> to work in practice).</li> <li>When ACME-validation for a new TLS certificate fails, log error messages that<br> may explain the reason. E.g. "your CAA record forbids Let's Encrypt from<br> issuing certificates".</li> <li>SMTP server: workaround for Windows Mail that has invalid additional space in<br> its "AUTH PLAIN" command.</li> <li>Fix delivery to recipient domains with an MX host containing an underscore,<br> such as "_dc-mx.." as apparently used by cloudflare. From<br> richard g.</li> <li>When generating a DSN message (for delivery failure), try harder to DKIM-sign<br> it: With a configured domain, also when sending from<br> postmaster@mailhost..</li> <li>For incoming messages, track whether TLS and REQUIRETLS was used during<br> delivery, and whether the message matched a forwarding or mailing list rule,<br> and show it in the webmail.</li> <li>In logging, change "fatal io error" to just "io error". The "fatal" sounds<br> too serious, it's just the connection that will be closed. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1755610179" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/39" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/39/hovercard" href="https://github.com/mjl-/mox/issues/39">#39</a>)</li> <li>Add rfc/xr.go to generate HTML pages with cross-referenced code and<br> RFC. These HTML pages are published at <a href="https://www.xmox.nl/xr/dev/" rel="nofollow">https://www.xmox.nl/xr/dev/</a></li> <li>Webmail: In case of long lists of addresses in To/Cc/Bcc headers, only show<br> the first 4 addresses along with a "More" button. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2000136417" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/98" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/98/hovercard" href="https://github.com/mjl-/mox/issues/98">#98</a>)</li> <li>Clarify documentation on importing messages from the command-line,<br> which can be unintuitive due to systemd service file mount points. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1938515229" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/79" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/79/hovercard" href="https://github.com/mjl-/mox/issues/79">#79</a>)</li> <li>Implement obsolete SASL LOGIN for submission, for interoperability with the<br> new cloud Outlook.</li> <li>Fix IMAP ESEARCH response for clients before IMAP4rev2, notably cloud<br> Outlook.</li> <li>Many small improvements.</li> </ul> <p>Bug fixes:</p> <ul> <li>Security: When looking up MTA-STS policies, don't follow CNAME records<br> for the recipient domain. A single unauthenticated CNAME response<br> could redirect policy lookup to another domain.</li> <li>Webmail: When replying to selected text consisting of characters in multiple<br> unicode blocks, don't loose some of the selected text in the reply.</li> <li>Don't parse DKIM "selectors" as IDNA domains. They are just DNS<br> labels. Based on email from richard g.</li> <li>Update to latest bstore (database library) to fix a bug with<br> deleting/updating records. Problem found during development of new<br> features, behaviour not seen in any committed version.</li> <li>Webmail: Fix the date shown in the message headers. It was off by the timezone.</li> <li>Fix concurrency bug with accessing a math/rand PRNG with Read. Mostly<br> replaced with crypto/rand. Found during development and tests.</li> <li>The queue page on the webadmin would fail with a JS error when a message was<br> in the queue and no transport was configured (which is the default).</li> <li>For domains configured only to accept DMARC reports, don't request an<br> autoconfig TLS certificate through ACME at startup.</li> <li>For incoming messages, convert bare newlines to carriage<br> return+newline. The import code already did this. Having bare newlines<br> could cause imapserver's fetch command to fail with a (connection)<br> panic in some cases.</li> </ul> <p>Update instructions:</p> <p>Before upgrading, you should do a dry-run first:</p> <ul> <li>Make a temporary backup with the old mox version:<br> mox-v0.0.7 backup data/tmp/testupgrade</li> <li>Verify that all is well with the old version:<br> mox-v0.0.7 verifydata data/tmp/testupgrade</li> <li>Verify the state with the new version:<br> mox-v0.0.8 verifydata data/tmp/testupgrade</li> </ul> <p>With a successful dry-run, the upgrade should go smoothly. Make a new backup<br> with <code>mox-v0.0.7 backup data/tmp/backup</code> (the previous backup used for the<br> dry-run has been modified, so couldn't be used to restore!), replace the binary<br> and restart.</p> <p>If you are upgrading from v0.0.6, see its upgrade instructions for commands to<br> execute. It's better to immediately upgrade to v0.0.8 (see issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1919618322" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/71" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/71/hovercard" href="https://github.com/mjl-/mox/issues/71">#71</a>).</p> <p>If you run into any problems, please create an issue.</p> <p>After upgrading, you may want to configure DANE:</p> <p>To make use of DANE for outbound deliveries, make sure you have a<br> trusted DNSSEC-verifying stub resolver. Unbound is recommended. Don't<br> use systemd-resolved, its DNSSEC support is not ready for use.</p> <p>To make use of DANE for inbound deliveries, first make sure your<br> DNS records are DNSSEC signed, and your DNS operator supports TLSA<br> records. The SMTP TLS private keys ("host keys) should be added to<br> the TLS section of the "public" listener in mox.conf. If you use ACME<br> (e.g. with Let's Encrypt), you will want to use the private keys of<br> existing certificates. Run "mox config ensureacmehostprivatekeys"<br> to find existing or generate new private keys, and print the config<br> snippets you'll have to apply to mox.conf.</p> <p>You may want to update your autodiscovery DNS record. See the "DNS check"<br> admin page or run "mox config dnscheck ".</p> <p>Thanks:</p> <p>Thanks for contributions and/or feedback from: taavi, naturalethic,<br> mattfbacon, duesee, mpldr, richard g, ArnoSen (and those I missed).</p> <p>Feedback, requests, bug reports, contributions (start small!) are all welcome.</p> <p>Development on mox is funded through the NLnet NGI0 Entrust Fund,<br> <a href="https://nlnet.nl/entrust/" rel="nofollow">https://nlnet.nl/entrust/</a>, with financial support from the European<br> Commission's Next Generation Internet programme.</p> <p>To download, see <a href="https://github.com/mjl-/mox#download">https://github.com/mjl-/mox#download</a></p> mjl- tag:github.com,2008:Repository/595136650/v0.0.7 2023-10-05T20:57:58Z <p>version: v0.0.7<br> date: 2023-09-24</p> <p>Update instructions:</p> <p>Due to a bug with "expunging" (deleting) messages that were<br> junk-filter-trained, messages that were removed from disk could be resurrected,<br> causing errors when mox would later try to open such messages again. Before<br> upgrading, you should first check and resolve this problem:</p> <ul> <li>Find missing files by running: mox-v0.0.6 fixmsgsize</li> <li>Create empty replacements for the missing files (use "touch data/accounts/...").</li> <li>Update the message metadata in the database for the newly created files:<br> mox-v0.0.6 fixmsgsize<br> (this will fix the previously missing files, but should no longer find new<br> missing files)</li> <li>Fix per-mailbox message/unread counts for each affected account, run:<br> mox-v0.0.6 recalculatemailboxcounts <br> ("account" is the name as it appears in the data/accounts/ directory,<br> not necessarily an email address)</li> <li>The affected accounts will see the recreated empty messages, which<br> can be deleted.</li> </ul> <p>Now with the storage consistency resolved, you can start with the upgrade. Mox<br> v0.0.7 adds message threading, and all messages will be read and assigned a<br> message thread. This is done in the background, in two steps, and may take a<br> while. The first step adds Message-ID and a "thread base subject" to each<br> message in the database. The second step reads through all messages and uses<br> their References/In-Reply-To/Subject message headers to match threads. In<br> testing, upgrading took approximately 1 minute per 100k messages, but it will<br> depend on the hardware. Accounts are available for reading and delivery during<br> the upgrade, but the webmail may tell you that threading is not yet available.</p> <p>You should do a dry-run of the upgrade first:</p> <ul> <li>Make a temporary backup with the old mox version:<br> mox-v0.0.6 backup data/tmp/testupgrade</li> <li>Verify that all is well with the old version:<br> mox-v0.0.6 verifydata data/tmp/testupgrade<br> NOTE: If you still get an error about a message with the wrong size, see<br> <a href="https://github.com/mjl-/mox/issues/71">https://github.com/mjl-/mox/issues/71</a> for a fix.</li> <li>Trigger the threading upgrade using the new version:<br> mox-v0.0.7 openaccounts data/tmp/testupgrade <br> (it prints nothing until done; the live upgrade prints progress)</li> <li>Verify the new state:<br> mox-v0.0.7 verifydata data/tmp/testupgrade</li> </ul> <p>With a successful dry-run, the upgrade should go smoothly. Make a new backup<br> with <code>mox-v0.0.6 backup data/tmp/backup</code> (the previous backup used for the<br> dry-run has been modified, so couldn't be used to restore!), replace the binary<br> and restart.</p> <p>After the upgrade, any accounts affected by the "missing file" problem should<br> get their "uid validity" increased, so IMAP clients will resynchronize. Run<br> "mox-v0.0.7 bumpuidvalidity " for each affected account. The change is<br> made directly in the database file, so no IMAP/webmail sessions should be<br> active for the account. If any sessions are active, the database file is locked<br> and "bumpuidvalidity" will print a timeout error. Briefly shutting down mox is<br> an option, the bumpuidvalidity command operates quickly.</p> <p>Apologies for the inconvenience, mox aims to make administrating a mail server<br> easier than this.</p> <p>If you run into any problems, please create an issue.</p> <p>New features:</p> <ul> <li>Keep track of message threading, and add a threaded view to the webmail. Newly<br> delivered messages are matched against threads, as are imported messages. The<br> message threading is currently only exposed through the webmail client, not yet<br> through IMAP. The webmail has new keyboard shortcuts to navigate between<br> threads, collapse/expand them (with state remembered), or mute them (so new<br> deliveries to the thread are marked as read).</li> <li>Add option to accept DMARC and TLS reports for other domains. You would add<br> the other domain in mox, and specify an alternative domain (of your regular<br> dmarc/tls reporting address) for the recipient of the reports. The webadmin<br> DNS-check page will show the required DNS records for delegated reporting.<br> Incoming reports will be delivered to the configured reporting address, and<br> processed by mox.</li> <li>Easier account setup on Apple devices without device management profiles<br> (.mobileconfig files). Download a profile from the account web interface, at an<br> email address. Or open the QR-code to easily get the profile on a mobile device.<br> For issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1908725492" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/65" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/65/hovercard" href="https://github.com/mjl-/mox/issues/65">#65</a> by x8x.</li> <li>Transparent gzip compression when webserving files for selected content-types<br> that are likely compressible. Both for static files (with a cache of compressed<br> files, max 512MB stored in $datadir/tmp/httpstaticcompresscache), and for<br> forwarded requests (gzip level "fast"). Compression can be enabled per handler.</li> </ul> <p>Improvements:</p> <ul> <li>In SMTP server, for submission (with authenticated clients), don't fail on a<br> bad domain/IP address in the EHLO command. With submission the domain/IP is<br> irrelevant, and clients often fill in something that isn't strictly correct. No<br> need to prevent those users from submitting email (except in pedantic mode).<br> For issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1866860624" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/55" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/55/hovercard" href="https://github.com/mjl-/mox/issues/55">#55</a> reported by gimpf.</li> <li>At top of config files, mention the config file format, and hints to prevent<br> likely mistakes (given how sconf is different from what admins may be used to),<br> including a pointer to the sconf documentation page. For issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1870750488" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/56" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/56/hovercard" href="https://github.com/mjl-/mox/issues/56">#56</a> reported by<br> kikoreis.</li> <li>Recognize when quickstart is probably run behind a NAT, possibly a container,<br> and set the "NATIPs" field of the "public" listener in mox.conf accordingly.<br> This triggers when you set up mox for a public domain, but only have<br> private/loopback IPs on the machine. For issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1886036260" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/59" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/59/hovercard" href="https://github.com/mjl-/mox/issues/59">#59</a> reported by pmarini.</li> <li>When moving a message out of Rejects mailbox, mark it as unread. For issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1908691068" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/63" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/63/hovercard" href="https://github.com/mjl-/mox/issues/63">#63</a><br> by x8x.</li> <li>The "mox setaccountpassword" subcommand now takes an account name as<br> parameter instead of an email address. The email address could be confusing<br> in the face of wildcard addresses and a typo/non-explicitly-created address:<br> The account holding the wildcard address would get a new password. For issue<br> <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1908780303" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/68" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/68/hovercard" href="https://github.com/mjl-/mox/issues/68">#68</a> by x8x.</li> <li>Make Mac OS X Mail use the special-use mailbox attributes so it finds the<br> correct "Sent" and "Trash" mailboxes (instead of creating its own "Sent<br> Messages" and "Deleted Messages" mailboxes). The IMAP server now<br> unconditionally sends the special-use flags, even if the mail client doesn't<br> request it. For issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1908758574" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/66" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/66/hovercard" href="https://github.com/mjl-/mox/issues/66">#66</a> by x8x.</li> </ul> <p>Bug fixes:</p> <ul> <li>Fix expunging of messages marked junk/nonjunk. The messages would be marked<br> as expunged, then the junkfilter would retrain and clear the expunged field<br> again. This would cause the message to be resurrected while the on-disk message<br> file was already removed. Trying to read such messages would fail. The update<br> instructions should help fix the problem.</li> <li>Fix "mox sendmail" when submitting over a TLS connection by setting the remote<br> host name to verify the certificate of. Due to a logic bug the name wasn't set<br> and the connection would fail due to the missing setting.</li> <li>Don't generate duplicate suggested SPF record if hostname is equal to domain<br> name, e.g. <a href="mailto:postmaster@mail.domain.example">postmaster@mail.domain.example</a>. Fixes issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1814867828" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/46" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/46/hovercard" href="https://github.com/mjl-/mox/issues/46">#46</a> reported by x8x.</li> <li>Fix showing attachments of type text/plain in webmail, they weren't shown at<br> all because they were skipped when parsing the message during webmail message<br> processing.</li> <li>Fix parsing the List-Post header in messages, for use in webmail when replying<br> to a mailing list message.</li> <li>When moving a message to the mailbox that has the special-use "junk" flag,<br> mark the message as junk and retrain. This should have already worked just like<br> the "AutomaticJunkFlags" config option, and the default account config already<br> handles marking messages as junk based on that option, but the special-use flag<br> should be recognized independently and now also takes precedence.</li> <li>Set the correct special-use mailbox flag "\Drafts" instead of "\Draft" on the<br> draft mailbox. Mail clients may have not found the correct drafts mailbox<br> before. For issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1908758574" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/66" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/66/hovercard" href="https://github.com/mjl-/mox/issues/66">#66</a> by x8x.</li> <li>Fix "mox bumpuidvalidity" to not create a (mostly harmless) uidvalidity<br> inconsistency that "mox verifydata" will warn about. For issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1908676230" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/61" data-hovercard-type="issue" data-hovercard-url="/mjl-/mox/issues/61/hovercard" href="https://github.com/mjl-/mox/issues/61">#61</a> by x8x.</li> <li>And quite a few smaller tweaks/improvements/fixes.</li> </ul> <p>Special thanks for contributions and/or feedback from: x8x, gimpf, kikoreis,<br> pmarini, fairking, gedw99, hmfaysal (and those I missed).</p> <p>Feedback, requests, bug reports, contributions (start small!) are all welcome.</p> <p>Good news: Mox is now being funded for a year of continued development through<br> the NGI0 Entrust Fund, a fund established by NLnet with financial support from<br> the European Commission's Next Generation Internet programme,<br> <a href="https://nlnet.nl/project/Mox/" rel="nofollow">https://nlnet.nl/project/Mox/</a>!</p> mjl- tag:github.com,2008:Repository/595136650/v0.0.6 2023-08-16T15:24:40Z <p>Update instructions:</p> <p>Make a backup, replace the binary and restart.</p> <p>After the upgrade, the first time an account is opened with this new version,<br> new message indexes are created and mailbox message count statistics are<br> calculated. For large mailboxes, the time and memory this takes can be<br> noticable. The upgrade tests take about 15 seconds on 570k messages on a<br> thinkpad x1 from 2018, and run with a max memory data size of 768MB.</p> <p>Don't forget to make a backup of the data directory with your currently running<br> mox before upgrading (e.g. "mox-v0.0.5 backup data/tmp/backup"). You can<br> dry-run the upgrade by making a separate backup ("mox-v0.0.5 backup<br> data/tmp/testupgrade") and running the "verifydata" command with the new mox<br> version ("mox-v0.0.6 verifydata data/tmp/testupgrade"). Running "verifydata"<br> with a newer mox will make changes to the database files, so don't run it on a<br> backup you may need to restore.</p> <p>It is recommended to run the new "mox reparse" command after upgrading. It will<br> reparse all messages with the improved message parsing code.</p> <p>For existing installations, the new webmail must be enabled manually in mox.conf<br> with config options "WebmailHTTP" and/or "WebmailHTTPS", similar to<br> "AccountHTTP(s)". See the example config printed by "mox config<br> describe-static".</p> <p>If you are forwarding email to an address hosted with mox, you may want to<br> configure the new "IsForward" and possibly "AcceptRejectsToMailbox" options in<br> a delivery ruleset for better junk handling/analysis.</p> <p>If your mox is behind a NAT, and your mox.conf uses config option IPsNATed, you<br> should switch to new config option NATIPs, and specify the public IPs that are<br> NATed.</p> <p>New features:</p> <ul> <li>Webmail, for reading/writing messages. It is similar to other regular and<br> webmail clients, with a decent set of features for a first version (with more to<br> come in the future). Webmail is enabled for new installs created with the<br> quickstart. For more details about the implementation, see<br> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/mjl-/mox/commit/849b4ec9e9f9bf7cdd2862de9e2a2dd096858d5c/hovercard" href="https://github.com/mjl-/mox/commit/849b4ec9e9f9bf7cdd2862de9e2a2dd096858d5c"><tt>849b4ec</tt></a>.</li> <li>IMAP extensions CONDSTORE and QRESYNC have been implemented. With CONDSTORE,<br> changes to messages are tracked with a modification sequence, "modseq".<br> This is used by mail clients both to efficiently find changes when reconnecting,<br> and for conditionally storing updated message flags (only if modseq is still as<br> expected). QRESYNC is an additional extension for faster full mailbox<br> synchronization. These are useful by themselves, but keeping track of the<br> "modseq" will also help with JMAP.</li> </ul> <p>Improvements:</p> <ul> <li>Faster IMAP "STATUS" command (which checks mailbox status), because mox now<br> keeps track of total/unseen/deleted number of messages in mailboxes. Noticable<br> in larger mailbox (&gt;50k messages).</li> <li>Be less strict by default when parsing messages, and handle non-ascii/utf-8<br> encodings in message subjects. We already accepted messages with problems, but<br> stored them mostly unparsed. IMAP clients would parse the message themselves so<br> users wouldn't notice anything, but now that we have webmail it is more<br> important to have parsed forms of messages for problematic messages.</li> <li>Properly decode character encodings other than ASCII and UTF-8 when<br> returning/searching text in messages.</li> <li>Be more lenient for (authenticated) submission of email over SMTP (but not<br> during regular SMTP delivery). Before, we were strict about certain protocol<br> violations, but that wasn't helpful behaviour for legitimate users. In pedantic<br> mode, mox still rejects these violating commands.</li> <li>New config options "AcceptRejectsToMailbox" and "IsForward" in Rulesets, for<br> handling incoming messages that are forwards from another address. By setting<br> "AcceptRejectsToMailbox", if the junk analysis says a message is junk, the<br> message is accepted during SMTP instead of rejected, but delivered to the<br> configured mailbox. It isn't always a good idea to reject forwarded messages<br> that are junk. By setting "IsForward", the junk analysis and future<br> classification based on such a message is done differently. See the config<br> option for details. (PR <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1817254347" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/50" data-hovercard-type="pull_request" data-hovercard-url="/mjl-/mox/pull/50/hovercard" href="https://github.com/mjl-/mox/pull/50">#50</a> by bobobo1618)</li> <li>Add a KeepRejects options to account configurations, so the Rejects mailbox<br> isn't automatically cleaned up. (PR <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1816866231" data-permission-text="Title is private" data-url="https://github.com/mjl-/mox/issues/49" data-hovercard-type="pull_request" data-hovercard-url="/mjl-/mox/pull/49/hovercard" href="https://github.com/mjl-/mox/pull/49">#49</a> by bobobo1618)</li> <li>Add option NATIPs to a listener in mox.conf for better handling when mox is<br> configured behind a NAT.</li> <li>"mox verifydata" now checks for more potential issues, and mox gained a few<br> subcommands to fix those issues.</li> </ul> <p>Bug fixes:</p> <ul> <li>Fix showing the progress while importing messages. Messages were still<br> imported, but the SSE connection with progress updates was broken.</li> <li>Fix potential delays in propagating changes to IMAP IDLE connections.</li> <li>IMAP compliance: add missing space after continuation line ("+").</li> <li>IMAP compliance: add missing empty untagged response for SEARCH in case of no<br> matches.</li> <li>Fix the -existing-webserver flag for "mox quickstart". Its TLS key/cert check<br> tripped it up.</li> <li>And many more small fixes and improvements.</li> </ul> <p>Special thanks for contributions and/or feedback from: Mendel, bobobo1618,<br> hmfaysal, x8x, kikoreis, gerben, andrii, liesbeth, morki, gedw99 and everyone I<br> forgot. More feedback/bug reports welcome!</p> <p>To download, see <a href="https://github.com/mjl-/mox#download">https://github.com/mjl-/mox#download</a></p> mjl-