cqrenet/relay
3
0
Fork 0
mirror of https://github.com/chatmail/relay.git synced 2026-05-10 16:04:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
ssh-host-604
relay/CHANGELOG.md
cliffmccarthy 3ce350de9e feat: Check whether GCC is installed in initenv.sh 
- Before proceeding with installation of Python dependencies, check
  whether the 'gcc' command is available by running it with the
  --version argument.  If it is not available, print a helpful message
  and exit.
- For the current set of Python dependencies, without GCC, the build
  process fails when building the crypt-r package.  According to the
  error message, on my system the exact command it tries to run is
  'x86_64-linux-gnu-gcc', but rather than depend on this variant
  specifically, the script checks for the generic 'gcc' command, so as
  to avoid coupling the check to an architecture or operating system.
  Similar problems arise if we attempt to check for packages by name;
  the compiler binary is provided by 'gcc-11', but the symlinks that
  provide the unversioned commands (as used by the Python build) come
  from a package named 'gcc'.  Trying to be too precise in what we
  check for could lead to unnecessary failures in some environments,
  or become a maintenance challenge in the future.  For that reason,
  this change simply attempts to run 'gcc' and uses that as a
  probably-sufficient proxy for having what the Python package install
  will need.
2025-08-16 10:04:44 +02:00

14 KiB
Raw Permalink Blame History

Changelog for chatmail deployment

untagged

  • Check whether GCC is installed in initenv.sh (#608)

  • Expire push notification tokens after 90 days (#583)

  • Use official mtail binary instead of mtail package (#581)

  • dovecot: install from download.delta.chat instead of openSUSE Build Service (#590)

  • Reconfigure Dovecot imap-login service to high-performance mode (#578)

  • Set timezone to improve dovecot performance (#584)

  • Increase nginx connection limits (#576)

  • If dns-utils needs to be installed before cmdeploy run, apt update to make sure it works (#560)

  • filtermail: respect config message size limit (#572)

  • Add config value after how many days large files are deleted (#555)

  • cmdeploy: push relay version to /etc/chatmail-version (#573)

  • filtermail: allow partial body length in OpenPGP payloads (#570)

  • chatmaild: allow echobot to receive unencrypted messages by default (#556)

1.6.0 2025-04-11

  • Handle Port-25 connect errors more gracefully (common with VPNs) (#552)

  • Avoid "acmetool not found" during initial run (#550)

  • Fix timezone handling such that client/servers do not need to use same timezone. (#553)

  • Enforce end-to-end encryption for incoming messages. New user address mailboxes now get a enforceE2EEincoming file which prohibits incoming cleartext messages from other domains. An outside MTA trying to submit a cleartext message will get a "523 Encryption Needed" response, see RFC5248. If the file does not exist (as it the case for all existing accounts) incoming cleartext messages are accepted. (#538)

  • Enforce end-to-end encryption between local addresses (#535)

  • unbound: check that port 53 is not occupied by a different process (#537)

  • unbound: before unbound is there, use 9.9.9.9 for resolving (#518)

  • Limit the bind for the HTTPS server on 8443 to 127.0.0.1 (#522) (#532)

  • Send SNI when connecting to outside servers (#524)

  • postfix master.cf: use 127.0.0.1 for consistency (#544)

  • Pass through original_content instead of content in filtermail (#509)

  • Document TLS requirements in the readme (#514)

  • Remove cleanup service from submission ports (#512)

  • cmdeploy dovecot: delete big messages after 7 days (#504)

  • mtail: fix getting logs from STDIN (#502)

  • filtermail: don't require exactly 2 lines after openPGP payload (#497)

  • cmdeploy dns: offer alternative DKIM record format for some web interfaces (#470)

  • journald: remove old logs from disk (#490)

  • opendkim: restart once every day to mend RAM leaks (#498

  • migration guide: let opendkim own the DKIM keys directory (#468)

  • improve secure-join message detection (#473)

  • use old crypt lib in python < 3.11 (#483)

  • chatmaild: set umask to 0700 for doveauth + metadata (#490)

  • remove MTA-STS daemon (#488)

  • replace Subject with [...] for all outgoing mails. (#481)

  • opendkim: use su instead of sudo (#491)

1.5.0 2024-12-20

  • cmdeploy dns: always show recommended DNS records (#463)

  • add --all to cmdeploy dns (#462)

  • fix _mta-sts TXT DNS record (#461

  • deploy iroh-relay and also update "realtime relay services" in privacy policy. (#434) (#451)

  • add guide to migrate chatmail to a new server (#429)

  • disable anvil authentication penalty (#414

  • increase request_queue_size for UNIX sockets to 1000. (#437)

  • add argument to cmdeploy run for specifying a different SSH host than mail_domain (#439)

  • query autoritative nameserver to bypass DNS cache (#424)

  • add mtail support (new optional mtail_address ini value) This defines the address on which mtail exposes its metrics collected from the logs. If you want to collect the metrics with Prometheus, setup a private network (e.g. WireGuard interface) and assign an IP address from this network to the host. If you do not plan to collect metrics, keep this setting unset. (#388)

  • fix checking for required DNS records (#412)

  • add support for specifying whole domains for recipient passthrough list (#408)

  • add a paragraph about "account deletion" to info page (#405)

  • avoid nginx listening on ipv6 if v6 is dsiabled (#402)

  • refactor ssh-based execution to allow organizing remote functions in modules. (#396)

  • trigger "apt upgrade" during "cmdeploy run" (#398)

  • drop hispanilandia passthrough address (#401)

  • set CAA record flags to 0

  • add IMAP capabilities instead of overwriting them (#413)

  • fix OpenPGP payload check (#435)

  • fix Dovecot quota_max_mail_size to use max_message_size config value (#438)

1.4.1 2024-07-31

  • fix metadata dictproxy which would confuse transactions resulting in missed notifications and other issues. (#393) (#394)

  • add optional "imap_rawlog" config option. If true, .in/.out files are created in user home dirs containing the imap protocol messages. (#389)

1.4.0 2024-07-28

  • Add disable_ipv6 config option to chatmail.ini. Required if the server doesn't have IPv6 connectivity. (#312)

  • allow current K9/Thunderbird-mail releases to send encrypted messages outside by accepting their localized "encrypted subject" strings. (#370)

  • Migrate and remove sqlite database in favor of password/lastlogin tracking in a user's maildir.
    (#379)

  • Require pyinfra V3 installed on the client side, run ./scripts/initenv.sh to upgrade locally. (#378)

  • don't hardcode "/home/vmail" paths but rather set them once in the config object and use it everywhere else, thereby also improving testability.
    (#351) temporarily introduced obligatory "passdb_path" and "mailboxes_dir" settings but they were removed/obsoleted in (#380)

  • BREAKING: new required chatmail.ini value 'delete_inactive_users_after = 100' which removes users from database and mails after 100 days without any login. (#350)

  • Refine DNS checking to distinguish between "required" and "recommended" settings (#372)

  • reload nginx in the acmetool cronjob (#360)

  • remove checking of reverse-DNS PTR records. Chatmail-servers don't depend on it and even in the wider e-mail system it's not common anymore. If it's an issue, a chatmail operator can still care to properly set reverse DNS. (#348)

  • Make DNS-checking faster and more interactive, run it fully during "cmdeploy run", also introducing a generic mechanism for rapid remote ssh-based python function execution. (#346)

  • Don't fix file owner ship of /home/vmail (#345)

  • Support iterating over all users with doveadm commands (#344)

  • Test and fix for attempts to create inadmissible accounts (#333)

  • check that OpenPGP has only PKESK, SKESK and SEIPD packets (#323, #324)

  • improve filtermail checks for encrypted messages and drop support for unencrypted MDNs (#320)

  • replace bash with /bin/sh (#334)

  • Increase number of logged in IMAP sessions to 50000 (#335)

  • filtermail: do not allow ASCII armor without actual payload (#325)

  • Remove sieve to enable hardlink deduplication in LMTP (#343)

  • dovecot: enable gzip compression on disk (#341)

  • DKIM-sign Content-Type and oversign all signed headers (#296)

  • Add nonci_accounts metric (#347)

  • doveauth: log when a new account is created (#349)

  • Multiplex HTTPS, IMAP and SMTP on port 443 (#357)

1.3.0 - 2024-06-06

  • don't check necessary DNS records on cmdeploy init anymore (#316)

  • ensure cron and acl are installed (#293, #310)

  • change default for delete_mails_after from 40 to 20 days (#300)

  • save journald logs only to memory and save nginx logs to journald instead of file (#299)

  • fix writing of multiple obs repositories in /etc/apt/sources.list (#290)

  • metadata: add support for /shared/vendor/deltachat/irohrelay (#284)

  • Emit "XCHATMAIL" capability from IMAP server (#278)

  • Move echobot into /var/lib/echobot (#281)

  • Accept Let's Encrypt's new Terms of Services (#275)

  • Reload Dovecot and Postfix when TLS certificate updates (#271)

  • Use forked version of dovecot without hardcoded delays (#270)

1.2.0 - 2024-04-04

  • Install dig on the server to resolve DNS records (#267)

  • preserve notification order and exponentially backoff with retries for tokens where we didn't get a successful return (#265)

  • Run chatmail-metadata and doveauth as vmail (#261)

  • Apply systemd restrictions to echobot (#259)

  • re-enable running the CI in pull requests, but not concurrently (#258)

1.1.0 - 2024-03-28

The changelog starts to record changes from March 15th, 2024

  • Move systemd unit templates to cmdeploy package (#255)

  • Persist push tokens and support multiple device per address (#254)

  • Avoid warning for regular doveauth protocol's hello message. (#250)

  • Fix various tests to pass again with "cmdeploy test". (#245, #242

  • Ensure lets-encrypt certificates are reloaded after renewal ([#244]) https://github.com/chatmail/server/pull/244

  • Persist tokens to avoid iOS users loosing push-notifications when the chatmail metadata service is restarted (happens regularly during deploys) (#238

  • Fix failing sieve-script compile errors on incoming messages (#237

  • Fix quota reporting after expunging of old mails (#233

Reference in New Issue View Git Blame Copy Permalink