10 KiB
Change Log
All notable changes to this project will be documented in this file. This project adheres to Semantic Versioning.
[0.6.0] - 2024-02-14
This version introduces breaking changes in the configuration file. Please read the UPGRADING.md file for more information on how to upgrade from previous versions.
Added
- Distributed and fault-tolerant SMTP message queues.
- Distributed rate-limiting and fail2ban.
- Expressions in configuration files.
Changed
Fixed
- Do not include
STATUS
in IMAPNOOP
responses (#234). - Allow multiple SMTP
HELO
commands. - Redirect OAuth using a
301
instead of a307
code.
[0.5.3] - 2024-01-14
Please read the UPGRADING.md file for more information on how to upgrade from previous versions.
Added
- Built-in fail2ban and IP address/mask blocking (#164).
- CLI: Read URL and credentials from environment variables (#88).
- mySQL driver: Add
max-allowed-packet
setting (#201).
Changed
- Unified storage settings for all services (read the UPGRADING.md for details)
Fixed
- IMAP retrieval of auto-encrypted emails (#203).
- mySQL driver: Parse
timeout.wait
property as duration (#202). X-Forwarded-For
header on JMAP Rate-Limit does not work (#208).- Use timeouts in install script (#138).
[0.5.2] - 2024-01-07
Please read the UPGRADING.md file for more information on how to upgrade from previous versions.
Added
- ACME support for automatic TLS certificate generation and renewal (#160).
- TLS certificate hot-reloading.
- HAProxy protocol support (#36).
Changed
Fixed
- IMAP command
SEARCH <seqnum>
is using UIDs rather than sequence numbers. - IMAP responses to
APPEND
andEXPUNGE
should includeHIGHESTMODSEQ
whenCONDSTORE
is enabled.
[0.5.1] - 2024-01-02
Added
- SMTP smuggling protection: Sanitization of outgoing messages that do not use
CRLF
as line endings. - SMTP sender validation for authenticated users: Added the
session.auth.must-match-sender
configuration option to enforce that the sender address used in theMAIL FROM
command matches the authenticated user or any of their associated e-mail addresses.
Changed
Fixed
- Invalid DKIM signatures for empty message bodies.
- IMAP command
SEARCH BEFORE
is not properly parsed. - IMAP command
FETCH
fails to parse single arguments without parentheses. - IMAP command
ENABLE QRESYNC
should also enableCONDSTORE
extension. - IMAP response to
ENABLE
command does not include enabled capabilities list. - IMAP response to
FETCH ENVELOPE
should not returnNIL
when theFrom
header is missing.
[0.5.0] - 2023-12-27
This version requires a database migration and introduces breaking changes in the configuration file. Please read the UPGRADING.md file for more information.
Added
- Performance enhancements:
- Messages are parsed only once and their offsets stored in the database, which avoids having to parse them on every
FETCH
request. - Background full-text indexing.
- Optimization of database access functions.
- Messages are parsed only once and their offsets stored in the database, which avoids having to parse them on every
- Storage layer improvements:
- In addition to
FoundationDB
andSQLite
, now it is also possible to useRocksDB
,PostgreSQL
andmySQL
as a storage backend. - Blobs can now be stored in any of the supported data stores, it is no longer limited to the file system or S3/MinIO.
- Full-text searching con now be done internally or delegated to
ElasticSearch
. - Spam databases can now be stored in any of the supported data stores or
Redis
. It is no longer necessary to have an SQL server to use the spam filter.
- In addition to
- Internal directory:
- User account, groups and mailing lists can now be managed directly from Stalwart without the need of an external LDAP or SQL directory.
- HTTP API to manage users, groups, domains and mailing lists.
- IMAP4rev1
Recent
flag support, which improves compatibility with old IMAP clients. - LDAP bind authentication, to support some LDAP servers such as
lldap
which do not expose the userPassword attribute. - Messages marked a spam by the spam filter can now be automatically moved to the account's
Junk Mail
folder. - Automatic creation of JMAP identities.
Changed
Fixed
- Spamhaus DNSBL return codes.
- CLI tool reports authentication errors rather than a parsing error.
[0.4.2] - 2023-11-01
Added
- JMAP for Quotas support (RFC9425)
- JMAP Blob Management Extension support (RFC9404)
- Spam Filter - Empty header rules.
Changed
Fixed
- Daylight savings time support for crontabs.
- JMAP
oldState
doesn’t reflect in*/changes
(#56)
[0.4.1] - 2023-10-26
Added
Changed
Fixed
- Dockerfile entrypoint script.
bayes_is_balanced
function.
[0.4.0] - 2023-10-25
This version introduces some breaking changes in the configuration file. Please read the UPGRADING.md file for more information.
Added
- Built-in Spam and Phishing filter.
- Scheduled queries on some directory types.
- In-memory maps and lists containing glob or regex patterns.
- Remote retrieval of in-memory list/maps with fallback mechanisms.
- Macros and support for including files from TOML config files.
Changed
config.toml
is now split in multiple TOML files for better organization.- BREAKING: Configuration key prefix
jmap.sieve
(JMAP Sieve Interpreter) has been renamed tosieve.untrusted
. - BREAKING: Configuration key prefix
sieve
(SMTP Sieve Interpreter) has been renamed tosieve.trusted
.
Fixed
[0.3.10] - 2023-10-17
Added
- Option to allow invalid certificates on outbound SMTP connections.
- Option to disable ansi colors on
stdout
.
Changed
- SMTP reject messages are now logged as
info
rather thandebug
.
Fixed
[0.3.9] - 2023-10-07
Added
- Support for reading environment variables from the configuration file using the
!ENV_VAR_NAME
special keyword. - Option to disable ANSI color codes in logs.
Changed
- Querying directories from a Sieve script is now done using the
query()
method fromeval
. Your scripts will need to be updated, please refer to the new syntax.
Fixed
- IPrev lookups of IPv4 mapped to IPv6 addresses.
[0.3.8] - 2023-09-19
Added
- Journal logging support
- IMAP support for UTF8 APPEND
Changed
- Replaced
rpgp
withsequoia-pgp
due to rpgp bug.
Fixed
- Fix: IMAP folders that contain a & can't be used (#90)
- Fix: Ignore empty lines in IMAP requests
[0.3.7] - 2023-09-05
Added
- Option to disable IMAP All Messages folder (#68).
- Option to allow unencrypted SMTP AUTH (#72)
- Support for
rcpt-domain
key inrcpt.relay
SMTP rule evaluation.
Changed
Fixed
- SMTP strategy
Ipv6thenIpv4
returns only IPv6 addresses (#70) - Invalid IMAP
FETCH
responses for non-UTF-8 messages (#70) - Allow
STATUS
andACL
IMAP operations on virtual mailboxes. - IMAP
SELECT QRESYNC
without specifying a UID causes panic (#67) - Milter
DATA
command is sent after headers which causes ClamAV to hang. - Sieve
redirect
of unmodified messages does not work.
[0.3.6] - 2023-08-29
Added
- Arithmetic and logical expression evaluation in Sieve scripts.
- Support for storing query results in Sieve variables.
- Results of SPF, DKIM, ARC, DMARC and IPREV checks available as environment variables in Sieve scripts.
- Configurable protocol flags for Milter filters.
- Fall-back to plain text when
STARTTLS
fails andstarttls
is set tooptional
.
Changed
Fixed
- Do not panic when
hash = 0
in reports. (#60) - JMAP Session resource returns
EmailSubmission
capabilities using arrays rather than objects. - ManageSieve
PUTSCRIPT
should replace existing scripts.
[0.3.5] - 2023-08-18
Added
- TCP listener option
nodelay
.
Changed
Fixed
- SMTP: Allow disabling
STARTTLS
. - JMAP: Support for
OPTIONS
HTTP method.
[0.3.4] - 2023-08-09
Added
- JMAP: Support for setting custom HTTP response headers (#52)
Changed
Fixed
- SMTP: Missing envelope keys in rewrite rules (#25)
- SMTP: Remove CRLF from Milter headers
- JMAP/IMAP: Successful authentication requests should not count when rate limiting
- IMAP: Case insensitive Inbox selection
- IMAP: Automatically create Inbox for group accounts
[0.3.3] - 2023-08-02
Added
- Encryption at rest with S/MIME or OpenPGP.
- Support for referencing context variables from dynamic values.
Changed
Fixed
- Support for PKCS8v1 ED25519 keys (#20).
- Automatic retry for import/export blob downloads (#14)
[0.3.2] - 2023-07-28
Added
- Sender and recipient address rewriting using regular expressions and sieve scripts.
- Subaddressing and catch-all addresses using regular expressions (#10).
- Dynamic variables in SMTP rules.
Changed
- Added CLI to Docker container (#19).
Fixed
- Workaround for a bug in
sqlx
that caused SQL time-outs (#15). - Support for ED25519 certificates in PEM files (#20).
- Better handling of concurrent IMAP UID map modifications (#17).
- LDAP domain lookups from SMTP rules.
[0.3.1] - 2023-07-22
Added
- Milter filter support.
- Match IP address type using /0 mask (#16).
Changed
Fixed
- Support for OpenLDAP password hashing schemes between curly brackets (#8).
- Add CA certificates to Docker runtime (#5).
[0.3.0] - 2023-07-16
Added
- LDAP and SQL authentication.
- subaddressing and catch-all addresses.
- S3-compatible storage.
Changed
- Merged the
stalwart-jmap
,stalwart-imap
andstalwart-smtp
repositories intostalwart-mail
. - Removed clustering module and replaced it with a FoundationDB backend option.
- Integrated Stalwart SMTP into Stalwart JMAP.
- Rewritten JMAP protocol parser.
- Rewritten store backend.
- Rewritten IMAP server to have direct access to the message store (no more IMAP proxy).
- Replaced
actix
withhyper
.