github docker-mailserver/docker-mailserver v10.3.0
on GitHub

latest releases: v13.3.1, v13.3.0, v13.2.0...
2 years ago

Description

This release fixes some issues with Dovecot Quotas (enabled by default), the SSL_DOMAIN ENV (rarely needed), DKIM and DMARC support.

Additionally there are some minor improvements and internal changes with HOSTNAME / DOMAINNAME handling, SSL_TYPE=letsencrypt and ACME cert extraction (Traefik specific) that should resolve some edge cases with handling cert renewals.

WARNING: This release had a small regression affecting the detection of changes for certificates provisioned in /etc/letsencrypt with the config ENV SSL_TYPE=letsencrypt, unless you use Traefik's acme.json. If you rely on this functionality to restart Postfix and Dovecot when updating your cert files, this will not work and it is advised to upgrade to v10.4.0 or newer prior to renewal of your certificates.

Changelog

  • [fix] The Dovecot userdb will now additionally create "dummy" accounts for basic alias maps (alias maps to a single real account managed by Dovecot, relaying to external providers aren't affected) when ENABLE_QUOTAS=1 (default) as a workaround for Postfix quota-status plugin querying Dovecot with inbound mail for a user, which Postfix uses to reject mail if quota has been exceeded (to avoid risk of blacklisting from spammers abusing backscatter) #2248
    • NOTE: If using aliases that map to another alias or multiple addresses, this remains a risk.
  • [fix] setup email list command will no longer attempt to query Dovecot quota status when ENABLE_QUOTAS is disabled #2264
  • [fix] SSL_DOMAIN ENV should now work much more reliably #2274, #2278, #2279
  • [fix] DKIM - Removed refile: (regex type) from KeyTable entry in opendkim.conf, fixes validation error output from opendkim-testkey #2249
  • [fix] DMARC - Removed quotes around the hostname value in opendmarc.conf. This avoids an authentication failure where an OpenDKIM header was previously ignored #2291
  • [fix] When using ONE_DIR=1 (default), the spool-postfix folder now has the correct permissions carried over. This resolves some failures notably with sieve filters #2273
  • [improvement] Warnings are now logged for ClamAV and SpamAssassin if they are enabled but Amavis is disabled (which is required for them to work correctly) #2251
  • [improvement] user-patches.sh is now invoked via bash to assist Kubernetes deployments with ConfigMap #2295

Internal

These changes are primarily internal and are only likely relevant to users that maintain their own modifications related to the changed files.

  • [chore] Redundant config from Postfix master.cf has been removed, it should not affect any users as our images have not included any of the related processes #2272
  • [refactor] check-for-changes.sh was carrying some duplicate code from setup-stack.sh that was falling out of sync, they now share common code #2260
  • [refactor] acme.json extraction was refactored into a CLI utility and updated to Python 3 (required for future upgrade to Debian 11 Bullseye base image) #2274
  • [refactor] As part of the Traefik acme.json and SSL_DOMAIN work, logic for SSL_TYPE=letsencrypt was also revised #2278
  • [improvement] Some minor tweaks to how we derive the internal HOSTNAME and DOMAINNAME from user configured hostname and domainname settings #2280

New Contributors

Full Changelog: v10.2.0...v10.3.0

Check out latest releases or
releases around docker-mailserver/docker-mailserver v10.3.0

Don't miss a new docker-mailserver release

NewReleases is sending notifications on new releases.

Get notifications