3908: Snuffleupagus v0.12 r=mergify[bot] a=nextgens
## What type of PR?
bug-fix
## What does this PR do?
Upgrade to Snuffleupagus 0.12 to fix a NULL ptr deref; re-enable the related rules.
See https://github.com/jvoisin/snuffleupagus/issues/515
`@ghostwheel42` Do we want to backport this or are we content for it to be master only?
### Related issue(s)
- #3899
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
3904: Upgrade Tika to fix CVE-2025-54988 r=mergify[bot] a=nextgens
## What type of PR?
bug-fix
## What does this PR do?
Upgrade Tika to fix CVE-2025-54988 ; Current stable is v3.2.2 ... we pin latest as we have a poor record of keeping up with upstream and the interface we use ought to be stable.
You will need to run setup again for the fix to be applied.
This is defence in depth (very low risk on docker deployments).
### Related issue(s)
- closes#3903
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
3899: fix snappymail r=mergify[bot] a=nextgens
## What type of PR?
bug-fix
## What does this PR do?
fix snappymail, add caching for static content, turn off fastcgi request buffering
Workaround what looks like a snuffleupagus bug by disabling the recently added config tweaks; see https://github.com/jvoisin/snuffleupagus/issues/515 for details.
### Related issue(s)
- closes#3896
- closes#3868
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
3760: Improve details page of domains by completing the zonefile, hiding unneeded entries, and puny encoding domains r=mergify[bot] a=Jumper78
## What type of PR?
feature, bug-fix
## What does this PR do?
The PR improves the quality of the details page for the domains. In detail, it:
- adds the lines for the alternative domains shown in the details page also to the zonefile
- hides the entries for the DMARC report (_domain1_._report._dmarc._domain2_) if _domain1_ and _domain2_ are equal; in that case the entries are not needed to allow the sending of the DMARC report
- makes sure that the entries shown in the details page and in the zone file are puny encoded
- the PR also includes a small bugfix; the zonefile included only one of the two DMARC lines for the main domain; the dmarc report dns entry is now also included for the main domain
### Related issue(s)
- in PR #3350, a list of dns entries for alternative domains was added to the details page; the lines for the alternative domains were missing in the download of the zonefile
- in issue #3661 it was discussed how the entries for the DMARC report exactly has to look like
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Jumper78 <52802286+Jumper78@users.noreply.github.com>
3887: Remove OCSP stapling by Nginx r=nextgens a=svoop
Let's Encrypt has dropped OCSP support and the resulting warning may cause problems when restarting or reloading the frontend Nginx e.g. as part of a post cert update hook.
## What type of PR?
Feature removal
## What does this PR do?
### Related issue(s)
closes#3886
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Sven Schwyn <sven.schwyn@bitcetera.com>
3769: Add saveState to dataTables, add "∞" to page length r=mergify[bot] a=saschaludwig
## What type of PR?
enhancement
## What does this PR do?
Add saveState to dataTables, so that the selected page length and sort direction(s) will be saved for the individual tables. Add "∞" option to the page length menu to display all table entries.
### Related issue(s)
none
## Prerequisites
considered as minor change, please notify, if not. Thanks
Co-authored-by: Sascha Ludwig <sascha@astrastudio.de>
Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
3842: Clarify RELAYNETS requirements r=mergify[bot] a=strugee
## What type of PR?
Documentation
## What does this PR do?
Essentially, it puts https://github.com/Mailu/Mailu/issues/369#issuecomment-358071523 into the documentation. For context, I was using the client submission port with a username/password combo _along_ with `RELAYNETS` because I gave up trying to get client auth to work the way that I wanted it, and only fell back to using `RELAYNETS` (with a single IP) as a last-ditch effort to get client mail working.
### Related issue(s)
None
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: AJ Jordan <alex@strugee.net>
3889: Fix CI, upgrade base image r=mergify[bot] a=nextgens
## What type of PR?
bug-fix
## What does this PR do?
Fix CI by upgrading the base image:
- Alpine: 3.21.4
- Carddav: 5.1.1
- docs infra, snufflepagus rules
### Related issue(s)
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
2932: Add FAQ entry for deleting IPs from rate limiter r=mergify[bot] a=sholl
## What type of PR?
enhancement of documentation
## What does this PR do?
adds an FAQ-entry how to manually delete an IP from rate limiter
### Related issue(s)
- closes#2856
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Stephan Holl <stephan@holl-land.de>
Co-authored-by: Stephan Holl <1610827+sholl@users.noreply.github.com>
3851: Update Dockerfile to contain latest roundcube version r=nextgens a=ctrl-i
Due to security update, see [this link](https://github.com/roundcube/roundcubemail/releases/tag/1.6.11) for further details
## What type of PR?
Security update
## What does this PR do?
Updates roundcube to the latest version
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [X] In case of feature or enhancement: documentation updated accordingly
- [X] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: ctrl-i <1422608+ctrl-i@users.noreply.github.com>
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
3839: fix#3836: healthcheck of clamav r=mergify[bot] a=nextgens
## What type of PR?
bug-fix
## What does this PR do?
Fix the healthcheck of clamav
### Related issue(s)
- closes#3836
- closes#3823
- closes#3741
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
3790: Replace marshmallow missing with load_default r=mergify[bot] a=DjVinnii
## What type of PR?
Enhancement
## What does this PR do?
Replace the `missing` parameter with `load_default`. This changed in version 3.13.0 of marshmallow (Mailu currently uses 3.21.2) and `missing` will be removed in marshmallow 4.
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Vincent Kling <vkling@vinniict.nl>
3729: Allow setting collation via env variable and add uvloop r=mergify[bot] a=Grennith
## What type of PR?
Enhancement / Bugfix
## What does this PR do?
As of https://github.com/Mailu/Mailu/pull/3701, the collation shall be set by overwriting `SQLALCHEMY_DATABASE_URI` to contain the collation of the related DB. However, this is currently not possible in the Helm chart of Mailu at all. It's statically set there and would also require not setting DB_NAME etc. to not have it overwritten, see https://github.com/Mailu/Mailu/blob/master/core/admin/mailu/configuration.py#L144
Additionally, uvloop is added to the prod requirements of which postfix-mta-sts-resolver makes use of.
### Related issue(s)
- Mention an issue like: #3449
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [ x ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Till Skrodzki <till@mueskro.de>
Add saveState to dataTables, so that the selected page length and sort direction(s) will be saved for the individual tables.
Add "∞" option to the page length menu to display all table entries.
3758: added idna function to perform puny encoding on IDN domains r=mergify[bot] a=Jumper78
## What type of PR?
bug-fix
## What does this PR do?
### Related issue(s)
- fixes issue where DKIM signatures from domains with IDN are not accepted by some mail servers: closes#3743
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Jumper78 <52802286+Jumper78@users.noreply.github.com>
