May updates. Mooy? Itโs almost summer.
https://mailcow.email/2020/05/16/may-updates-mooy-its-almost-summer/
https://mailcow.email/2020/05/16/may-updates-mooy-its-almost-summer/
Should mailcow installations send aggregated DMARC reports by default? (Aggregated reports to other mailserver owners which have _dmarc.domain.tld DNS configured accordingly. So everyone basically benefit from.)
Anonymous Poll
52%
Enabled by default without manual work. (Can still be disabled manually)
21%
Disabled, manual configuration adjustments required to enable it (using documentation)
23%
Both is fine for me.
5%
I don't care or I don't know what DMARC is. I only want to see the results of the poll.
Polling time! ๐จ
We want YOUR opinion!
DMARC? DMARC!
As you might know DMARC is a DNS TXT record what allows you to decide what the receiving mailserver handles emails which fail authentication, so when for example SPF or DKIM fails.
A very crucial design decision of DMARC is also sending aggregated reports via emails where - when configured - the domain/mailserver owner is notified when emails of owned domains failed authentication on the receiving mailserver.
This helps the domain/mailserver owner - like you - to see who's basically abusing their email domain (DMARC report emails have .xml files with additional details attached. You're seeing such emails in case you have configured "rua=mailto:" in your DNS settings accordingly.)
Unfortunately the reporting emails are not as popular as they probably should be, so that everyone benefit from that. The main question is now if this should be implemented by default in mailcow ๐ installations. To contribute please take a look on the poll above!
Also feel free to join our mailcow Telegram group for further discussion, or forward the poll and this message (for further clarification) to others in case they would like to vote (as mailcow users) too and haven't joined this channel yet.
Thank you all & stay safe! โค๏ธ
Further resources to read:
[1] https://dmarc.org/overview/
[2] https://en.wikipedia.org/wiki/DMARC
[3] https://mxtoolbox.com/dmarc/details/what-is-a-dmarc-record
[4] https://mailcow.github.io/mailcow-dockerized-docs/prerequisite-dns/#dkim-spf-and-dmarc
We want YOUR opinion!
DMARC? DMARC!
As you might know DMARC is a DNS TXT record what allows you to decide what the receiving mailserver handles emails which fail authentication, so when for example SPF or DKIM fails.
A very crucial design decision of DMARC is also sending aggregated reports via emails where - when configured - the domain/mailserver owner is notified when emails of owned domains failed authentication on the receiving mailserver.
This helps the domain/mailserver owner - like you - to see who's basically abusing their email domain (DMARC report emails have .xml files with additional details attached. You're seeing such emails in case you have configured "rua=mailto:" in your DNS settings accordingly.)
Unfortunately the reporting emails are not as popular as they probably should be, so that everyone benefit from that. The main question is now if this should be implemented by default in mailcow ๐ installations. To contribute please take a look on the poll above!
Also feel free to join our mailcow Telegram group for further discussion, or forward the poll and this message (for further clarification) to others in case they would like to vote (as mailcow users) too and haven't joined this channel yet.
Thank you all & stay safe! โค๏ธ
Further resources to read:
[1] https://dmarc.org/overview/
[2] https://en.wikipedia.org/wiki/DMARC
[3] https://mxtoolbox.com/dmarc/details/what-is-a-dmarc-record
[4] https://mailcow.github.io/mailcow-dockerized-docs/prerequisite-dns/#dkim-spf-and-dmarc
Mooctober 2020 update @ commit 79802a9
https://mailcow.email/2020/10/10/mooctober-2020-update-commit-79802a9/
https://mailcow.email/2020/10/10/mooctober-2020-update-commit-79802a9/
Fuzzy contributer InterServer; Whatโs next?
https://mailcow.email/2020/10/14/fuzzy-contributer-interserver-whats-next/
https://mailcow.email/2020/10/14/fuzzy-contributer-interserver-whats-next/
Postmaster is whitelisted inbound and outbound by default
https://mailcow.email/2020/10/25/postmaster-is-whitelisted-inbound-and-outbound-by-default/
https://mailcow.email/2020/10/25/postmaster-is-whitelisted-inbound-and-outbound-by-default/
Piler, an email archiving solution, meets mailcow
https://mailcow.email/2020/11/01/piler-an-email-archiving-solution-meets-mailcow/
https://mailcow.email/2020/11/01/piler-an-email-archiving-solution-meets-mailcow/
๐จ Important security notice ๐จ
Please update your mailcow instance as soon as possible due to a found vulnerabiliy.
What is affected?
The reason is a vulnerability where commands can be injected in an imapsync job by authenticated users.
Who is affected?
All instances updated before 6th of November 2020. This is most critical for shared or hosted mailcow instances with multiple users.
What is the fix?
This was addressed on 6th of November 2020 as part of this commit.
If you have further questions, please let us know in our Telegram group.
Please update your mailcow instance as soon as possible due to a found vulnerabiliy.
What is affected?
The reason is a vulnerability where commands can be injected in an imapsync job by authenticated users.
Who is affected?
All instances updated before 6th of November 2020. This is most critical for shared or hosted mailcow instances with multiple users.
What is the fix?
This was addressed on 6th of November 2020 as part of this commit.
If you have further questions, please let us know in our Telegram group.
Welcome FIDO2: Web Authentication (WebAuthn)
https://mailcow.email/2020/11/16/welcome-fido2-web-authentication-webauthn/
https://mailcow.email/2020/11/16/welcome-fido2-web-authentication-webauthn/
๐จโ๏ธ A quick note: When you're updating to Docker 20.10 and using mailcow on code-base before 9th of December 2020, the ACME container might fail renewing the certificate, leading to an expired certificate.
If you use Docker 20.10, update mailcow before the certificate expires.
See more here: https://github.com/mailcow/mailcow-dockerized/issues/3915
If you use Docker 20.10, update mailcow before the certificate expires.
See more here: https://github.com/mailcow/mailcow-dockerized/issues/3915
GitHub
ACME failing after updating to Docker 20.10 ยท Issue #3915 ยท mailcow/mailcow-dockerized
Symptoms Your mailcow instance is based on code before 9th of December 2020. You have recently updated to Docker 20.10 on your system. ACME might fail requesting certificates, therefore resulting i...
๐ The year 2020 is coming to an end and 2021 is just around the corner...
It's an understatement to say that 2020 was a strange year and, for sure, challenging for many of us in so many different aspects. I hope you're fine and enjoyed your recent days with your loved ones.
If you don't want to read further:
We wish you a very happy New Year! ๐
๐ป To focus on the positive things from a mailcow point-of-view, there were indeed quite some highlights in 2020:
- Early this year external open relay checks were implemented for SAL users (supporting the development) was introduced. (see news)
- In February 2020 our own fuzzy storage was launched, improving spam detection for all mailcow users and allowing to contribute spam emails. (see news)
- In March 2020 we've started a official community forum with great success.
- In July 2020 our sponsored improvements for the new identity management to SOGo made it into the public release: check it out!
- Access to IMAP, POP3 and SMTP can now be controlled on a per-user level, also last logins for each service can be seen in the webinterface. (see news)
- FIDO2/WebAuthn support was added to mailcow in November 2020. (see news)
- You can easily integrate your mailpiler instance - open-source-based email archiving solution - with mailcow: see docs.
- Also good to know: Deprecated TLS versions TLSv1.0 and TLSv1.1 were disabled, mailcow can now speak Romanian and Chinese.
๐ Two more things I want to note...
โ๏ธ First... Telegram.
In July 2019 we've started with a Telegram group for mailcow, where - to date - joined over 920 individual, awesome people! The positive feedback, how people help each other and the new friendships found this way... It's unbelievable!
Thanks for being part of this community. This is what makes our community that great: It's made up by awesome people - like YOU.
โค๏ธ Second... Contributors.
THANKS for every contribution - and it doesn't matter if it's helping other people, sharing the mooo, contributing code or simply silently using mailcow somewhere.
Also there's something what we might often take for granted: mailcow consists out of so many different components, where people invest their valuable time in and provide it for free to everyone.
Thanks for all the good work from people behind Postfix, Dovecot, rspamd, Docker, SOGo, unbound, clamav, LetsEncrypt and so many more. Mailcow wouldn't exist without you.
That being said...
Thanks for all, stay healthy and Happy New Year. ๐
Thankfully,
Patrik and Andre
It's an understatement to say that 2020 was a strange year and, for sure, challenging for many of us in so many different aspects. I hope you're fine and enjoyed your recent days with your loved ones.
If you don't want to read further:
We wish you a very happy New Year! ๐
๐ป To focus on the positive things from a mailcow point-of-view, there were indeed quite some highlights in 2020:
- Early this year external open relay checks were implemented for SAL users (supporting the development) was introduced. (see news)
- In February 2020 our own fuzzy storage was launched, improving spam detection for all mailcow users and allowing to contribute spam emails. (see news)
- In March 2020 we've started a official community forum with great success.
- In July 2020 our sponsored improvements for the new identity management to SOGo made it into the public release: check it out!
- Access to IMAP, POP3 and SMTP can now be controlled on a per-user level, also last logins for each service can be seen in the webinterface. (see news)
- FIDO2/WebAuthn support was added to mailcow in November 2020. (see news)
- You can easily integrate your mailpiler instance - open-source-based email archiving solution - with mailcow: see docs.
- Also good to know: Deprecated TLS versions TLSv1.0 and TLSv1.1 were disabled, mailcow can now speak Romanian and Chinese.
๐ Two more things I want to note...
โ๏ธ First... Telegram.
In July 2019 we've started with a Telegram group for mailcow, where - to date - joined over 920 individual, awesome people! The positive feedback, how people help each other and the new friendships found this way... It's unbelievable!
Thanks for being part of this community. This is what makes our community that great: It's made up by awesome people - like YOU.
โค๏ธ Second... Contributors.
THANKS for every contribution - and it doesn't matter if it's helping other people, sharing the mooo, contributing code or simply silently using mailcow somewhere.
Also there's something what we might often take for granted: mailcow consists out of so many different components, where people invest their valuable time in and provide it for free to everyone.
Thanks for all the good work from people behind Postfix, Dovecot, rspamd, Docker, SOGo, unbound, clamav, LetsEncrypt and so many more. Mailcow wouldn't exist without you.
That being said...
Thanks for all, stay healthy and Happy New Year. ๐
Thankfully,
Patrik and Andre
The year 2020 is coming to an endโฆ
https://mailcow.email/2020/12/30/the-year-2020-is-coming-to-an-end/
https://mailcow.email/2020/12/30/the-year-2020-is-coming-to-an-end/
Back to the future with Delta Chat
https://mailcow.email/2021/01/14/back-to-the-future-with-delta-chat/
https://mailcow.email/2021/01/14/back-to-the-future-with-delta-chat/
Important: RFC1918 networks are now untrusted by default
https://mailcow.email/2021/04/10/important-rfc1918-networks-are-now-untrusted-by-default/
https://mailcow.email/2021/04/10/important-rfc1918-networks-are-now-untrusted-by-default/