New:
- [settings] add new settings to set default values for customer antispam options for new email addresses (settings advanced-mode)
- [cron] add new task to (re)configure mail/ftp services with let's encrypt; refs #1297
- [system] allow admins without change-serversettings to adjust dkim flag of domains
- [ui] hide webserver-ssl-options for new domains if no default ssl-ip-addresses are selected in the settings
- [languages] added Hungarian translation (#1310)
Security:
- force admin email addresses to be unique and not be used for customers, fixes GHSA-7j6w-p859-464f
- do not output potentially unsafe content, fixes GHSA-26xq-m8xw-6373
Fixes:
- show necessary dns entries for mail/antispan also in admin-view of domain
- fix empty firstname/name but set company when editing a customer via API
- allow cidr (forward slash) in spf settings-regex; fixes #1295
- correctly create ssl-redirect if let's encrypt is already activated; fixes #1294
- set sender-address of emails which were sent using an admin/a reseller to the global settings email so sending it using provided smtp - settings will not fail antispam checks; fixes #1289
- fix permissions of global mysql-user for customers; fixes #1286
- can-edit-domain is not required to create subdomains of that domain if subdomains are allowed
- set cookie SameSite option to 'Lax' for loginlinks to work as intended; fixes #1299
- corrected regex for dns CAA entries; fixes #1300
- add safety when unsetting isemaildomain flag in domain, fixes #1305
- fix deletion of webserver-logfiles when customer gets deleted, thx to irisdina
- fix plaintext-mail content, thx to AlexL
- fix 'show necessary dns entries for mail/antispan also in admin-view of domain' if bind is enabled but domain is not using nameserver
Full Changelog: 2.2.5...2.2.6