v0.25 (November 15, 2017)

-------------------------

This update is a security update addressing [CVE-2017-16651, a vulnerability in Roundcube webmail that allows logged-in users to access files on the local filesystem](https://roundcube.net/news/2017/11/08/security-updates-1.3.3-1.2.7-and-1.1.10).

Mail:

* Update to Roundcube 1.3.3.

Control Panel:

* Fix DNS validation to allow wildcard custom DNS entries to be set.

v0.24

v0.24 (October 3, 2017)

System:

• Install PHP7 via a PPA. Switch to the on-demand process manager.

Mail:

• Updated to Roundcube 1.3.1, but unfortunately dropping the Vacation plugin because it has not been supported by its author and is not compatible with Roundcube 1.3, and updated the persistent login plugin.
• Updated to Z-Push 2.3.8.
• Dovecot now uses stronger 2048 bit DH params for better forward secrecy.

Nextcloud:

• Nextcloud updated to 12.0.3, using PHP7.

Control Panel:

• Nameserver (NS) records can now be set on custom domains.
• Fix an erroneous status check error due to IPv6 address formatting.
• Aliases for administrative addresses can now be set to send mail to +tag administrative addresses.

v0.12

This is a minor update to v0.11, which was a major update. Please read v0.11's advisories.

* The administrator@ alias was incorrectly created starting with v0.11. If your first install was v0.11, check that the administrator@ alias forwards mail to you.
* Intrusion detection rules (fail2ban) are relaxed (i.e. less is blocked).
* SSL certificates could not be installed for the new automatic 'www.' redirect domains.
* PHP's default character encoding is changed from no default to UTF8. The effect of this change is unclear but should prevent possible future text conversion issues.
* User-installed SSL private keys in the BEGIN PRIVATE KEY format were not accepted.
* SSL certificates with SAN domains with IDNA encoding were broken in v0.11.
* Some IDNA functionality was using IDNA 2003 rather than IDNA 2008.

v0.11 (June 29, 2015)

---------------------

Advisories:
* Users can no longer spoof arbitrary email addresses in outbound mail. When sending mail, the email address configured in your mail client must match the SMTP login username being used, or the email address must be an alias with the SMTP login username listed as one of the alias's targets.
* This update replaces your DKIM signing key with a stronger key. Because of DNS caching/propagation, mail sent within a few hours after this update could be marked as spam by recipients. If you use External DNS, you will need to update your DNS records.
* The box will now install software from a new Mail-in-a-Box PPA on Launchpad.net, where we are distributing two of our own packages: a patched postgrey and dovecot-lucene.

Mail:
* Greylisting will now let some reputable senders pass through immediately.
* Searching mail (via IMAP) will now be much faster using the dovecot lucene full text search plugin.
* Users can no longer spoof arbitrary email addresses in outbound mail (see above).
* Fix for deleting admin@ and postmaster@ addresses.
* Roundcube is updated to version 1.1.2, plugins updated.
* Exchange/ActiveSync autoconfiguration was not working on all devices (e.g. iPhone) because of a case-sensitive URL.
* The DKIM signing key has been increased to 2048 bits, from 1024, replacing the existing key.

Web:
* 'www' subdomains now automatically redirect to their parent domain (but you'll need to install an SSL certificate).
* OCSP no longer uses Google Public DNS.
* The installed PHP version is no longer exposed through HTTP response headers, for better security.

DNS:
* Default IPv6 AAAA records were missing since version 0.09.

Control panel:
* Resetting a user's password now forces them to log in again everywhere.
* Status checks were not working if an ssh server was not installed.
* SSL certificate validation now uses the Python cryptography module in some places where openssl was used.
* There is a new tab to show the installed version of Mail-in-a-Box and to fetch the latest released version.

System:
* The munin system monitoring tool is now installed and accessible at /admin/munin.
* ownCloud updated to version 8.0.4. The ownCloud installation step now is reslient to download problems. The ownCloud configuration file is now stored in STORAGE_ROOT to fix loss of data when moving STORAGE_ROOT to a new machine.
* The setup scripts now run `apt-get update` prior to installing anything to ensure the apt database is in sync with the packages actually available.

v0.10

v0.10 (June 1, 2015)

• SMTP Submission (port 587) began offering the insecure SSLv3 protocol due to a misconfiguration in the previous version.
• Roundcube now allows persistent logins using Roundcube-Persistent-Login-Plugin.
• ownCloud is updated to version 8.0.3.
• SPF records for non-mail domains were tightened.
• The minimum greylisting delay has been reduced from 5 minutes to 3 minutes.
• Users and aliases weren't working if they were entered with any uppercase letters. Now only lowercase is allowed.
• After installing an SSL certificate from the control panel, the page wasn't being refreshed.
• Backups broke if the box's hostname was changed after installation.
• Dotfiles (i.e. .svn) stored in ownCloud Files were not accessible from ownCloud's mobile/desktop clients.
• Fix broken install on OVH VPS's.

v0.09

v0.09 (May 8, 2015)

Mail:

• Spam checking is now performed on messages larger than the previous limit of 64KB.
• POP3S is now enabled (port 995).
• Roundcube is updated to version 1.1.1.
• Minor security improvements (more mail headers with user agent info are anonymized; crypto settings were tightened).

ownCloud:

• Downloading files you uploaded to ownCloud broke because of a change in ownCloud 8.

DNS:

• Internationalized Domain Names (IDNs) should now work in email. If you had custom DNS or custom web settings for internationalized domains, check that they are still working.
• It is now possible to set multiple TXT and other types of records on the same domain in the control panel.
• The custom DNS API was completely rewritten to support setting multiple records of the same type on a domain. Any existing client code using the DNS API will have to be rewritten. (Existing code will just get 404s back.)
• On some systems the nsd service failed to start if network inferfaces were not ready.

System / Control Panel:

• In order to guard against misconfiguration that can lead to domain control validation hijacking, email addresses that begin with admin, administrator, postmaster, hostmaster, and webmaster can no longer be used for (new) mail user accounts, and aliases for these addresses may direct mail only to the box's administrator(s).
• Backups now use duplicity's built-in gpg symmetric AES256 encryption rather than my home-brewed encryption. Old backups will be incorporated inside the first backup after this update but then deleted from disk (i.e. your backups from the previous few days will be backed up).
• There was a race condition between backups and the new nightly status checks.
• The control panel would sometimes lock up with an unnecessary loading indicator.
• You can no longer delete your own account from the control panel.

Setup:

• All Mail-in-a-Box release tags are now signed on github, instructions for verifying the signature are added to the README, and the integrity of some packages downloaded during setup is now verified against a SHA1 hash stored in the tag itself.
• Bugs in first user account creation were fixed.

Version v0.08

CHANGELOG

v0.08 (April 1, 2015)

Mail:

• The Roundcube vacation_sieve plugin by @arodier is now installed to make it easier to set vacation auto-reply messages from within Roundcube.
• Authentication-Results headers for DMARC, added in v0.07, were mistakenly added for outbound mail --- that's now removed.
• The Trash folder is now created automatically for new mail accounts, addressing a Roundcube error.

DNS:

• Custom DNS TXT records were not always working and they can now override the default SPF, DKIM, and DMARC records.

System:

• ownCloud updated to version 8.0.2.
• Brute-force SSH and IMAP login attempts are now prevented by properly configuring fail2ban.
• Status checks are run each night and any changes from night to night are emailed to the box administrator (the first user account).

Control panel:

• The new check that system services are running mistakenly checked that the Dovecot Managesieve service is publicly accessible. Although the service binds to the public network interface we don't open the port in ufw. On some machines it seems that ufw blocks the connection from the status checks (which seems correct) and on some machines (mine) it doesn't, which is why I didn't notice the problem.
• The current backup chain will now try to predict how many days until it is deleted (always at least 3 days after the next full backup).
• The list of aliases that forward to a user are removed from the Mail Users page because when there are many alises it is slow and times-out.
• Some status check errors are turned into warnings, especially those that might not apply if External DNS is used.