Description
This release improves on 9.1.0
in many aspect, including general fixes, Fail2Ban, LDAP and documentation. This release contains breaking changes.
Changelog
- [general] Fixed many prose errors (spelling, grammar, indentation).
- [general] Documentation is better integrated into the development process and it's visibility within the project increased (#1878).
- [general] Added
stop_grace_period:
to example Compose file and supervisord (#1896 #1945) - [general]
./setup.sh email list
was enhanced, now showing information neatly (#1898) - [general] Added update check and notification (#1976, #1951)
- [general] Moved environment variables to the documentation and improvements (#1948, #1947, #1931)
- [security] Major Fail2Ban improvements (cleanup, update and breaking changes, see below)
- [fix]
./setup.sh email del ...
now works properly - [code] Added color variables to
setup.sh
and improved the script as a whole (#1879, #1886) - [ldap] Added
LDAP_QUERY_FILTER_SENDERS
(#1902) - [ldap] Use dovecots LDAP
uris
connect option instead ofhosts
(#1901) - [ldap] Complete rework of LDAP documentation (#1921)
- [docs] PRs that contain changes to docs will now be commented with a preview link (#1988)
Breaking Changes
- [security] Fail2Ban adjustments:
- Fail2ban v0.11.2 is now used (#1965).
- The previous F2B config (from an old Debian release) has been replaced with the latest default config for F2B shipped by Debian 10.
- The new default blocktype is now
DROP
, notREJECT
(#1914). - A ban now applies to all ports (
iptables-allports
), not just the ones that were "attacked" (#1914). - Fail2ban 0.11 is totally compatible to 0.10, but the database got some new tables and fields (auto-converted during the first start), so once updated to DMS 10.0.0, you have to remove the database
mailstate:/lib-fail2ban/fail2ban.sqlite3
if you would need to downgrade to DMS 9.1.0 for some reason.
- [ldap] Removed
SASLAUTHD_LDAP_SSL
. Instead provide a protocol inSASLAUTHD_LDAP_SERVER
and adjustSASLAUTHD_LDAP_
default values (#1989). - [general] Removed
stable
release tag (#1975):- Scheduled builds are now based off
edge
. - Instead of
stable
, please use the latest version tag available (or thelatest
tag). - The
stable
image tag will be removed from DockerHub in the near future.
- Scheduled builds are now based off
- [setup] Removed
./setup config ssl
command (deprecated since v9).SSL_TYPE=self-signed
remains supported however. (dc8f49de
, #2021)
New Contributors
- @shyim made their first contribution in #1897
- @moqmar made their first contribution in #1902
- @pbek made their first contribution in #1993
- @okamidash made their first contribution in #2006
Full Changelog: v9.1.0...v10.0.0