Releases: mjl-/mox
v0.0.3
Update instructions: No special steps required other than updating the binary.
Important bug fixes:
- When dkim-signing submitted messages, use the domain from the "message from
header" instead of "smtp mail from". If you had an account with multiple
addresses in different domains, then with some mail clients the DKIM signature
on outgoing messages could be for the wrong domain.
Changes:
- Add "mox localserve", a subcommand for running mox locally for email-related
testing/developing. Localserve creates a config for listening on localhost
for imap/smtp/submission/http, on port numbers 1000 + the common service port
numbers. All incoming email is accepted (if checks pass), and a few pattern in
localparts are recognized and result in delivery errors. - Implement configurable (rate) limits on outgoing messages, per account. By
default an account can send 1000 messages per day, to max 200 first-time
receivers. The goal is to limit damage spammers can do with compromised
accounts. - In domains.conf, for an account, the Destinations mapping will now always use
full email addresses, no longer localparts relative to the Domain configured
for the account. The old form with just a localpart is still accepted. When
writing domains.conf through the cli commands or admin web pages, the
destinations will automatically be written with full email addresses. In the
future, support for the localpart-only form will be removed. - Implement a catchall address for a domain, an address without localpart (i.e.
starting with "@"). If an incoming message does not match a
configured address, it is delivered to the account configured that has the
catchall address configured. - ACME TLS certificate validation can also be done with method http-01
(previously only with tls-alpn-01). - If you run mox behind a NAT, you can now specify "IPsNATed: true" in the SMTP
listener to skip a few DNS checks that previously would always fail due to the
IPs being NATed. - Add subcommand "mox dkim sign", useful for testing signatures.
- For a "WebRedirect" rule, don't match a request if the destination URL would
result in the same URL, causing a redirect. By not matching, the next
configuration rules are evaluated for a match. - Various smaller technical and user-experience improvements.
Thanks to everyone who sent in feedback (e.g. by creating an issue on github).
It's much appreciated and essential for improving mox!
v0.0.2
Update instructions
Follow these instructions if you are updating an existing installation.
Mox now starts as root to bind to network sockets, then starts a less
privileged process to run mox. Update the mox systemd service file and restart,
as root:
# update mox binary to v0.0.2
./mox config printservice >mox.service
systemctl daemon-reload
journalctl -f -u mox &
systemctl restart mox
# If you configured backups, keep in mind files are now owned by
# mox:root, your backup tools need access to the files.
Changes
-
Start up as root, bind network sockets, then drop privileges to a process as
user mox to do the actual work. Makes it easier to run mox on BSDs, and paves
the way for future privilege separation work. -
Add a webserver, with support for reverse proxying, serving static files,
configurable redirects. With ACME of course. Takes away need to configure mox
behind an existing webserver/reverse proxy, greatly simplifying
configuration/operation. -
Add docker images and script to build images.
-
Make it possible to run mox behind an existing webserver/reverse proxy too.
Also add quickstart flag to make it easier to generate a config file for this
case. -
Quickstart improvements: Add flag to generate a config for a specified host
name (instead of guessing). If we found public IPs, check them with popular DNS
blocklists and warn user if they are listed. -
Add encrypted cid to SMTP error response lines, for easier debugging.
-
Fix importing of junk messages that the junk filter cannot parse.
-
Fix bug verifying SPF. For IP lookups (e.g. for mechanism "a"), we would only
look up with the same address family as the incoming connection. If there was no
record, we counted a void lookup. This could lead to incorrect SPF failures, we
reached the void lookup limit when we shouldn't. If the record exists for
another address family (a vs aaaa), we shouldn't count a void lookup. -
Fix reputation learning of messages that were initially delivered to the
Rejects mailbox and then moved out. If you marked them as junk or nonjunk (e.g.
by moving to Archive or Junk), we should use the message for reputation
calculation of new incoming messages, but we weren't. -
Lots of smaller improvements, bug fixes.
Thanks for reporting issues: mteege, hismailbulut, belst, idnovic, Jens,
the-solipsist, pexarkh, sherief, gedw99, agucova, lormayna, and everyone I
forgot. Thanks for all your feedback, discussions, suggestions! It shaped these
changes, and changes to come.