-
-
Notifications
You must be signed in to change notification settings - Fork 789
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Initial changes for new release. #3195
base: master
Are you sure you want to change the base?
Conversation
Thanks for submitting this pull request. bors try Note: if this build fails, read this. |
tryBuild failed: |
bors try |
tryBuild succeeded: |
bors try |
tryBuild succeeded: |
Highlights | ||
`````````` | ||
|
||
Managieve sieve support |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Managieve sieve support | |
Managieve sieve support | |
^^^^^^^^^^^^^^^^^^^^^^^ |
`````````` | ||
|
||
Managieve sieve support | ||
Previously the sieve filters could only be edited via the webmail client. It is now also possible to use an external sieve client for manageming the sieve rules. Configure the sieve client to connect to Mailu on the default sieve port 4190. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Previously the sieve filters could only be edited via the webmail client. It is now also possible to use an external sieve client for manageming the sieve rules. Configure the sieve client to connect to Mailu on the default sieve port 4190. | |
It is now also possible to use [an external sieve client](http://sieve.info/clients) for managing sieve rules using port 4190. Previously sieve filters could only be edited through webmails. |
^^^^^^^^^^^^^^^^^^^^^^^^ | ||
The User interface is enhanced with the quota bytes used (quota_bytes_used) attribute. This attribute states the usage (in bytes) of the mailbox. In combination with the attribute quota_bytes, it is possible to check how much storage an user has left via the RESTful API. | ||
|
||
The new `token` endpoint allows the management of authentication tokens. It is recommened to create authentication tokens for all users and configure the email clients to use these authentication tokens for connecting to Mailu. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The new `token` endpoint allows the management of authentication tokens. It is recommened to create authentication tokens for all users and configure the email clients to use these authentication tokens for connecting to Mailu. | |
The new `token` endpoint allows the management of authentication tokens. It is **strongly** recommended to create authentication tokens for all users and to configure email clients to use these authentication tokens for connecting to Mailu instead of user passwords. Tokens are not subject to rate-limiting and are verified server-side in a less resource intensive way. Their usage can be enforced using the newly introduced [AUTH_REQUIRE_TOKENS](https://mailu.io/master/configuration.html#advanced-settings) setting. |
|
||
Force password change | ||
^^^^^^^^^^^^^^^^^^^^^ | ||
A setting is introduced to force an user to change its password. After changing the password, all sessions are invalidated. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A setting is introduced to force an user to change its password. After changing the password, all sessions are invalidated. | |
This new feature has been introduced to coerce a user into changing his password. When a password is changed, all associated sessions are invalidated. |
* Chinese | ||
* Persion (a.k.a Farsi) | ||
* Ukrainian | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
|
||
The dovecot indexer has been switched from fts-xapian to fts-flatcurve. In the future this will be the new default indexer for dovecot. This indexer is quicker and results in smaller index files. | ||
|
||
Apache Tika has been added to Mailu to add support for attachments indexing. As a result the server-side search functionality does not only search through emails, but also through the attachments of emails. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Apache Tika has been added to Mailu to add support for attachments indexing. As a result the server-side search functionality does not only search through emails, but also through the attachments of emails. | |
Apache Tika has been added to Mailu to add support for attachments indexing. The server-side search functionality now crawls through both emails and their attachments (including office documents, PDFs, images via OCR). |
|
||
Improved mailbox indexer and full attachment indexing | ||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | ||
The dovecot indexer indexes all emails for the server-side search functionality. It is used when searching via the webmail client. In email clients it might be required to enable server-side searching. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The dovecot indexer indexes all emails for the server-side search functionality. It is used when searching via the webmail client. In email clients it might be required to enable server-side searching. | |
Full Text Search has now been improved and server-side search enabled by default on webmails. Other email clients may need to be reconfigured to ensure searches are performed server-side. |
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | ||
The environment variable `AUTH_REQUIRE_TOKENS` has been introduced. This setting can be enabled to force email clients to use authentication tokens (instead of passwords) for authenticating to Mailu. Note that authentication tokens can now also be generated via the RESTful API. | ||
|
||
It is recommended to use authentication tokens instead of passwords for connecting email clients to Mailu. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It is recommended to use authentication tokens instead of passwords for connecting email clients to Mailu. | |
It is recommended to use authentication tokens instead of passwords for connecting email clients to Mailu as verifying them is less resource intensive server-side and they are not subject to rate limits (since they cannot be brute-forced online by a potential attacker). |
|
||
The new FAQ entry `How can I view and export the logs of a Mailu container?` describes how log files can be viewed via journald. It also provides instructions for how to install and configure rsyslogd for saving container logs to file system (including log rotation). | ||
|
||
The hardened malloc is disabled by default |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That heading is wrong. It is not disabled by default... we just enable it later in the process once we have ensured the CPU can handle it.
For optimal protection we do recommend that users set the variable so that it gets enabled sooner that it would otherwise be.
docker compose exec imap doveadm user '*'|while read u; do docker compose exec imap doveadm index -u $u '*'; done | ||
|
||
|
||
Enabled the hardened memory allocator |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This needs to be consolidated with The hardened malloc is disabled by default
above
.. code-block:: bash | ||
|
||
docker compose exec imap doveadm fts rescan -A | ||
docker compose exec imap doveadm user '*'|while read u; do docker compose exec imap doveadm index -u $u '*'; done |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
docker compose exec imap doveadm user '*'|while read u; do docker compose exec imap doveadm index -u $u '*'; done | |
docker compose exec imap doveadm user '*'|while read u; do echo "re-indexing $u";docker compose exec -T imap doveadm index -u $u '*'; done |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
or even we could use an until
loop
Releases.rst and CHANGELOG.md must still be updated.
What type of PR?
preparations for new release
What does this PR do?
Preparations for new release. I must still write full changelog, new features overview and upgrade instructions.
Related issue(s)
Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.