|
|
|
# Postfix Admin
|
|
|
|
#
|
|
|
|
# LICENSE
|
|
|
|
# This source file is subject to the GPL license that is bundled with
|
|
|
|
# this package in the file LICENSE.TXT.
|
|
|
|
#
|
|
|
|
# Further details on the project are available at http://postfixadmin.sf.net
|
|
|
|
|
|
|
|
Version X.X - master
|
|
|
|
-------------------------------------------------
|
|
|
|
|
|
|
|
- Add support for password expiration (see https://github.com/postfixadmin/postfixadmin/pull/200 and README.password_expiration )
|
|
|
|
- Improve ADDITIONS/postfxiadmin-mailbox-postcreate.sh
|
|
|
|
- Add Date header into smtp_from() (see https://github.com/postfixadmin/postfixadmin/issues/203 )
|
|
|
|
- PostgreSQL fixes ( 1e158245d613fd1d8d5c1d59e26e940eb71f5b32 )
|
|
|
|
- vacation.pl fixes (perl libraries; see https://github.com/postfixadmin/postfixadmin/pull/194 )
|
|
|
|
- Add bootstrap theme (default not changed yet) ( see https://github.com/postfixadmin/postfixadmin/pull/172 )
|
|
|
|
- Improve CSV export from list.php
|
|
|
|
- Various misc. changes from static analysis (psalm)
|
|
|
|
- Update installation instructions. (see: https://github.com/postfixadmin/postfixadmin/issues/189 https://github.com/postfixadmin/postfixadmin/issues/188 )
|
|
|
|
- Encryption improvements (see: php_crypt / encrypt_difficulty in sample config)
|
|
|
|
- Sqlite improvements (see https://github.com/postfixadmin/postfixadmin/issues/177 and https://github.com/postfixadmin/postfixadmin/issues/176 )
|
|
|
|
- MySQL 8 compatability (see https://github.com/postfixadmin/postfixadmin/pull/175 )
|
|
|
|
|
|
|
|
Version 3.2 - 2018/05/02
|
|
|
|
-------------------------------------------------
|
|
|
|
|
|
|
|
- move public facing stuff into public/, this allows us to stop exposing
|
|
|
|
templates_c/ etc. to the world (but also means you'll need to adjust your
|
|
|
|
webserver config)
|
|
|
|
- enable users to reset their passwords by mail or SMS
|
|
|
|
($CONF['forgotten_user_password_reset'],
|
|
|
|
$CONF['forgotten_admin_password_reset'], $CONF['sms_send_function'])
|
|
|
|
- allow local alias targets (without @domain) - see #134
|
|
|
|
- add $CONF['edit_alias'] to disable "edit_alias" function for users
|
|
|
|
- add php_crypt $CONF["encrypt"] option (see #170 for examples)
|
|
|
|
- add random_compat phar (see: https://github.com/paragonie/random_compat) to
|
|
|
|
support random_int()/random_string() in older PHP versions.
|
|
|
|
- add support for MySQL connections over SSL
|
|
|
|
- language updates: sk, ja, nl, bg, fr, cz
|
|
|
|
- update bundled smarty library (lib/smarty to 3.1.32; includes security fixes)
|
|
|
|
- split up pacrypt() into different functions; add some minimal test coverage
|
|
|
|
- add id autoincrement field to log table (#89)
|
|
|
|
- add token to login.php to prevent CSRF
|
|
|
|
- lots of bugfixes and code cleanup
|
|
|
|
- drop unused code in postfixadmin-cli
|
|
|
|
- introduce PHP-CS-Fixer to enforce code style
|
|
|
|
- vacation.pl:
|
|
|
|
- avoid answering to more known autoresponders
|
|
|
|
- add $no_vacation_pattern to avoid sending autoresponders based on the To:
|
|
|
|
address
|
|
|
|
- replace Deprecated Mail::Sender by Email::Sender
|
|
|
|
- use MIME:EncWords
|
|
|
|
- remove unused MIME::Base64
|
|
|
|
- add docker repo, see https://github.com/postfixadmin/docker
|
|
|
|
|
|
|
|
Version 3.1 - 2017/06/25
|
|
|
|
-------------------------------------------------
|
|
|
|
|
|
|
|
- broadcast improvements:
|
|
|
|
- allow to send to mailboxes only
|
|
|
|
- allow to send to only some domains
|
|
|
|
- allow domain admins to send to their domains - new config option
|
|
|
|
$CONF['sendmail_all_admins']
|
|
|
|
- don't send to inactive mailboxes or aliases
|
|
|
|
- update squirrelmail plugin
|
|
|
|
- better static DB connection cache to avoid hundreds of mysqli connection
|
|
|
|
when doing lots of escape_string() calls
|
|
|
|
- use $CONF[page_size] in viewlog.php
|
|
|
|
- fix problems with utf8mb4 as default charset in setup.php/upgrade.php
|
|
|
|
- fix default for $CONF[create_mailbox_subdirs_hostoptions]
|
|
|
|
- get rid of variables.inc.php (and initialize variables where needed)
|
|
|
|
- add favicon to fix session handling in chrome (#44)
|
|
|
|
- add check to ensure templates_c/ exists and is writeable
|
|
|
|
- recommend usage of config.local.php in setup.php
|
|
|
|
- remove php4 constructor from cNav_bar (page browser)
|
|
|
|
- update fr.lang
|
|
|
|
|
|
|
|
Version 3.0.2 - 2017/02/08 - SVN r1895
|
|
|
|
-------------------------------------------------
|
|
|
|
|
|
|
|
- SECURITY: don't allow to delete protected aliases (CVE-2017-5930, PR#23)
|
|
|
|
- fix VacationHandler for PostgreSQL
|
|
|
|
- AliasHandler: restrict mailbox subquery to allowed and specified domains
|
|
|
|
to improve performance on setups with lots of mailboxes
|
|
|
|
- allow switching between dovecot:* password schemes while still accepting
|
|
|
|
passwords hashed using the previous dovecot:* scheme
|
|
|
|
- FetchmailHandler: use a valid date as default for 'date'
|
|
|
|
- fix date formatting in non-english languages when using PostgreSQL
|
|
|
|
- debian packaging: improve dependencies, remove old templates_c/ files
|
|
|
|
- various small fixes
|
|
|
|
|
|
|
|
Version 3.0.1 - 2016/09/19 - SVN r1870
|
|
|
|
-------------------------------------------------
|
|
|
|
|
|
|
|
- add missing Smarty files to Debian package
|
|
|
|
(no changes to PostfixAdmin, therefore only released as Debian packages)
|
|
|
|
|
|
|
|
Version 3.0 - 2016/09/11 - SVN r1861
|
|
|
|
-------------------------------------------------
|
|
|
|
|
|
|
|
- add sqlite backend option
|
|
|
|
- add configurable smtp helo (CONF["smtp_client"])
|
|
|
|
- new translation: ro (Romanian)
|
|
|
|
- language update: tw, cs, de
|
|
|
|
- fix escaping in gen_show_status() (could be used to DOS list-virtual by
|
|
|
|
creating a mail address with special chars)
|
|
|
|
- add CSRF protection for POST requests
|
|
|
|
- list.tpl: base edit/editactive/delete links in list.tpl on $RAW_item to
|
|
|
|
avoid double escaping, and fix some corner cases
|
|
|
|
- editform.tpl: add {if} block for description column for easier customization
|
|
|
|
- use smarty html_options instead of select_options()
|
|
|
|
- remove advice about using SetEnv for database password
|
|
|
|
- include_once(config.local.php) instead of include()ing it to prevent include
|
|
|
|
loops if someone copies config.inc.php to config.local.php
|
|
|
|
- vacation.pl: encode wide-chars utf8 in mail body, mime-decode original subject
|
|
|
|
- fix db_quota_text() for postgresql (concat() vs. ||)
|
|
|
|
- change default date for 'created' and 'updated' columns from 0000-00-00
|
|
|
|
(which causes problems with MySQL strict mode) to 2000-01-01
|
|
|
|
- allow punicode even in TLDs
|
|
|
|
- update Smarty to 3.1.29
|
|
|
|
- add checks to login.php and cli to ensure database layout is up to date
|
|
|
|
- whitelist '-1' as valid value for postfixadmin-cli
|
|
|
|
- don't stripslashes() the password in pacrypt
|
|
|
|
- various small bugfixes
|
|
|
|
|
|
|
|
Version 3.0 beta3 (2.93) - 2015/09/26 - SVN r1802
|
|
|
|
-------------------------------------------------
|
|
|
|
|
|
|
|
Summary of major changes:
|
|
|
|
- add list.php and list.tpl for displaying lists
|
|
|
|
- based on *Handler $struct, which means list view can now be customized with
|
|
|
|
$CONF[*_struct_hook] functions (columns with display_in_list and non-empty
|
|
|
|
label will be displayed)
|
|
|
|
- add CSV export
|
|
|
|
- replaces list-domain.php, list-admin.php and fetchmail.php (including their
|
|
|
|
*.tpl files) and the alias and alias domain lists in list-virtual
|
|
|
|
- improved / more detailed search support by using URL parameters
|
|
|
|
(list.php?search[field]=value, optionally also ?searchmode[field]=< -
|
|
|
|
no pretty search form yet, limited to fields the user/admin can access)
|
|
|
|
- only display search input box if search fields are specified in *handler
|
|
|
|
(that effectively means no search box for admin, domain and fetchmail listings)
|
|
|
|
- can also be used for users (non-admins)
|
|
|
|
- add FetchmailHandler (replaces fetchmail.php and its template), which also
|
|
|
|
means postfixadmin-cli can configure fetchmail jobs now
|
|
|
|
- add $CONF['fetchmail_struct_hook']
|
|
|
|
- remove unused $CONF['users_domain_controle']
|
|
|
|
|
|
|
|
PFAHandler:
|
|
|
|
- new field types:
|
|
|
|
- enma - associative array (value => displayed value), must be specified in
|
|
|
|
the "options" column
|
|
|
|
- html - raw HTML, used for mailbox status markers which include HTML tags
|
|
|
|
- b64p - passwords stored as base64, used by FetchmailHandler
|
|
|
|
- vtxt, vnum - "virtual", read-only text/integer
|
|
|
|
- quot - formatted quota ("5/10", read-only)
|
|
|
|
- automatically skip quot, vtxt and vnum fields in store()
|
|
|
|
- add handling of users (non-admins), including permission checks
|
|
|
|
- add and use $this->label_field and $this->label for nicer messages
|
|
|
|
- add $this->order_by to allow ordering by any field(s)
|
|
|
|
- add getMsg() function (needed by list.php)
|
|
|
|
- add $msg['can_create'] (true by default, false will hide the 'create' button)
|
|
|
|
- add $is_superadmin to make admin vs. superadmin easier to handle
|
|
|
|
- add $can_edit and $can_delete (only available in edit/delete mode, set by
|
|
|
|
init() based on the '_can_edit' and '_can_delete' from database query)
|
|
|
|
- add $searchfields[] (list of fields to search by default, $search[_])
|
|
|
|
- add $this->msg['show_simple_search'] (true if $searchfields is non-empty)
|
|
|
|
- split off build_select_query() (also used for pagebrowser) from read_from_db()
|
|
|
|
and add support for $search['_'] (searching in $searchfields[])
|
|
|
|
- read_from_db(), getList(): add $searchmode parameter (_before_ $limit and
|
|
|
|
$offset!) to be able to use query different query modes, not only "="
|
|
|
|
- add getPagebrowser() (returns an array of pagebrowser keys)
|
|
|
|
|
|
|
|
AdminHandler:
|
|
|
|
- switch to using list.php (replaces list-admin.php)
|
|
|
|
|
|
|
|
DomainHandler:
|
|
|
|
- reduce required permissions to 'admin', restrict write operations to superadmins
|
|
|
|
- add optical quota indicators for aliases, mailboxes and domain quota
|
|
|
|
- fix counting of aliases for domains without any mailbox
|
|
|
|
- use list.php for displaying domain list (replaces list-domain.php)
|
|
|
|
|
|
|
|
MailboxHandler:
|
|
|
|
- check_quota(): deny creating an unlimited mailbox if domain quota is set
|
|
|
|
- storemore(): store maildir in the correct variable to fix running
|
|
|
|
mailbox_postedit script (bug#342)
|
|
|
|
|
|
|
|
AliasHandler:
|
|
|
|
- read_from_db_postprocess(): disable _can_edit and _can_delete for default
|
|
|
|
aliases if special_alias_control is off and not superadmin
|
|
|
|
- add 'status' column, move gen_show_status handling for aliases from
|
|
|
|
list-virtual into AliasHandler db_read_from_db_potprocess()
|
|
|
|
- change getList() to work with empty $condition
|
|
|
|
- add getPagebrowser() to filter out mailboxes
|
|
|
|
|
|
|
|
edit.php:
|
|
|
|
- Newer PHP versions (noticed with 5.6.6) don't include empty fields in
|
|
|
|
$_POST, which broke changing a field to empty. Make sure all !isset()
|
|
|
|
fields are set to ''.
|
|
|
|
- for not-set bool values, set $values instead of the (wrong) $inp_values
|
|
|
|
- add user (non-admin) mode
|
|
|
|
|
|
|
|
delete.php:
|
|
|
|
- allow users (non-admins) to use delete.php (not used in PostfixAdmin yet)
|
|
|
|
|
|
|
|
list-virtual:
|
|
|
|
- use AliasHandler, AliasdomainHandler and list.tpl for aliases and alias
|
|
|
|
domains (the mailbox list still uses the old code)
|
|
|
|
- replace $alias_pagebrowser_query and the create_page_browser() call
|
|
|
|
with $handler->getPagebrowser()
|
|
|
|
- adjust search to use ?search[_]=...
|
|
|
|
- drop $check_alias_owner variable and check_alias_owner() call
|
|
|
|
(replaced by the code added in AliasHandler)
|
|
|
|
|
|
|
|
misc:
|
|
|
|
- translation updates: cs (patch#126), pl (by marcin-github), sv (patch#128)
|
|
|
|
- add CliScheme.php to display the database scheme (for usage in upgrade.php)
|
|
|
|
- error_log() a warning if nameserver queries in check_domain() take more than 2
|
|
|
|
seconds in total
|
|
|
|
- add functions db_quota_text() and db_quota_percent() to generate SQL queries
|
|
|
|
for used quota ("x/y" and percentage)
|
|
|
|
- pacol(): replace $not_in_db with $multiopt - the remaining parameters can be
|
|
|
|
specified as associative array (backwards-compatible). Also add $linkto parameter
|
|
|
|
- db_where_clause(): add $additional_raw_where and $searchmode parameters,
|
|
|
|
split query into WHERE and HAVING
|
|
|
|
- delete no longer used check_alias_owner() function
|
|
|
|
- display "view log" menu entry only if logging is enabled (patch#127)
|
|
|
|
- smarty.inc.php assign(): additionally provide the unsanitized values as RAW_$key
|
|
|
|
- setup.php: after creating a superadmin, display a note that the setup is done
|
|
|
|
and it's possible to login now
|
|
|
|
- setup.php: stop relying on subversion keyword for database upgrades
|
|
|
|
- explictly set session_cache_limiter to nocache (bug#347)
|
|
|
|
- fetchmail.pl: honor the (newly added) active column
|
|
|
|
- change fetchmail.date field to date (no auto-update) (bug#351)
|
|
|
|
- several small changes and fixes at various places - too many to list them here
|
|
|
|
|
|
|
|
Version 3.0 beta2 (2.92) - 2014/10/28 - SVN r1706
|
|
|
|
-------------------------------------------------
|
|
|
|
|
|
|
|
- AliasHandler: don't clean goto field when making alias inactive (bug#316)
|
|
|
|
- list-virtual: display quota even if $CONF[used_quotas] == NO (bug#307)
|
|
|
|
- vacation.pl: fix postgresql queries in vacation.pl (bug#315)
|
|
|
|
- fix query in AliasHandler getList() which caused an empty list and breaks
|
|
|
|
deletion of aliases in MariaDB (bug#313, bug#325)
|
|
|
|
- fetchmail.pl: fix ssl extra options (cert check, cert path, fingerprint)
|
|
|
|
- fix logging (run setup.php to fix old log entries) (bug#317)
|
|
|
|
- fetchmail.php: change error_reporting() to exclude E_NOTICE (bug#322)
|
|
|
|
- translation updates: fr (patch#123), nl (patch#122)
|
|
|
|
- $CONF[default_aliases] can now use the new domain as alias target (patch#124)
|
|
|
|
- check that vacation start/end date are not in the past (patch#122)
|
|
|
|
- update vacation INSTALL.TXT with more secure locations
|
|
|
|
- update Smarty to 3.1.21
|
|
|
|
|
|
|
|
Version 3.0 beta1 (2.91) - 2014/05/06 - SVN r1670
|
|
|
|
-------------------------------------------------
|
|
|
|
|
|
|
|
Summary of major changes:
|
|
|
|
- new command-line interface "postfixadmin-cli"
|
|
|
|
- major rewrite:
|
|
|
|
- move lots of code into *Handler classes, which are used by web and
|
|
|
|
command-line interface
|
|
|
|
- replace various edit-*.php and create-*.php with a generic editform
|
|
|
|
(edit.php/editform.tpl)
|
|
|
|
- this also means it's easy to customize forms, add fields etc.
|
|
|
|
(see $CONF['*_struct_hook'])
|
|
|
|
- lots of code cleanup, remove/merge lots of duplicated code and templates
|
|
|
|
- use smarty for templates
|
|
|
|
- add ability to choose activation date, end date and reply interval for
|
|
|
|
vacation message
|
|
|
|
- various enhancements everywhere
|
|
|
|
- redesign login page, list and edit pages (goodbye, green!) and make them wider
|
|
|
|
- several new config options and changed defaults
|
|
|
|
- NOTE: changes from the 2.3.x releases also apply to this version
|
|
|
|
|
|
|
|
new config options:
|
|
|
|
- $CONF['language_hook']
|
|
|
|
Hook function to override or add translations to $PALANG.
|
|
|
|
Example hook function included (commented out).
|
|
|
|
- $CONF['password_validation'] - array with regular expressions to check
|
|
|
|
if a password is valid/good enough.
|
|
|
|
The default configuration enforces:
|
|
|
|
- minimum length 5 characters/digits/whatever
|
|
|
|
- at least 2 characters
|
|
|
|
- at least 2 digits
|
|
|
|
- $CONF['*_struct_hook'] - make $struct in the *Handler classes customizeable
|
|
|
|
- $CONF['vacation_choice_of_reply'] - list of reply interval options
|
|
|
|
- $CONF['domain_quota'] - total quota per domain
|
|
|
|
- $CONF['theme_custom_css'] - to add some custom CSS without editing the
|
|
|
|
default CSS file
|
|
|
|
- $CONF['motd_*'] - replaces motd*.txt
|
|
|
|
|
|
|
|
changed config defaults (with their new default value):
|
|
|
|
- $CONF['database_type'] = 'mysqli';
|
|
|
|
- $CONF['dovecotpw'] = "/usr/sbin/doveadm pw";
|
|
|
|
$CONF['new_quota_table'] = 'YES'; (for dovecot 2)
|
|
|
|
- $CONF['domain_path'] = 'YES'; $CONF['domain_in_mailbox'] = 'NO';
|
|
|
|
(results in domain.tld/username/ maildirs)
|
|
|
|
- $CONF['alias_control'] = 'YES'; $CONF['alias_control_admin'] = 'YES';
|
|
|
|
- $CONF['backup'] = 'NO';
|
|
|
|
- $CONF['show_status']='YES'; $CONF['show_status_key']='YES';
|
|
|
|
$CONF['show_undeliverable']='YES'; $CONF['show_popimap']='YES';
|
|
|
|
$CONF['show_undeliverable_exceptions'] - "gmail.com" removed
|
|
|
|
- $CONF[*_post*_script] - add empty defaults
|
|
|
|
- $CONF['admin_email'] = ''
|
|
|
|
IMPORTANT: If set, this will be used as mail sender for all mails
|
|
|
|
(2.3.x used the currently logged in admin's username in most cases).
|
|
|
|
$CONF['admin_email'] = '' will match the 2.3.x behaviour.
|
|
|
|
|
|
|
|
removed config options:
|
|
|
|
- $CONF['min_password_length'] - now handled in /.{5}/ in
|
|
|
|
$CONF['password_validation']
|
|
|
|
- $CONF['postfix_admin_url'] - relative paths are now used everywhere
|
|
|
|
|
|
|
|
list-virtual.php:
|
|
|
|
- display percentage of quota usage
|
|
|
|
- display alias domains less confusing (using From/To)
|
|
|
|
- list-virtual can now display only mailboxes, only aliases or only alias
|
|
|
|
domains - or all in one page as in 2.3
|
|
|
|
- extreme speedup of page browser in list-virtual if a large number of
|
|
|
|
mailboxes or aliases exist
|
|
|
|
- include search support (replaces search.php and brings various bug fixes
|
|
|
|
for free)
|
|
|
|
- fix: delivery to mailbox with a recipient delimiter (mailbox+foo@domain)
|
|
|
|
was marked as "forward only"
|
|
|
|
- fix: don't mark mailboxes with vacation active as undeliverable
|
|
|
|
- fix: undeliverable targets were not flagged if another target pointed to a
|
|
|
|
domain in $CONF[show_undeliverable_exceptions]
|
|
|
|
|
|
|
|
fetchmail.php, fetchmail.pl:
|
|
|
|
- add sslcertck, sslcertpath, sslfingerprint fields/check
|
|
|
|
(sslcertpath and sslfingerprint require $CONF[fetchmail_extra_options]
|
|
|
|
because they don't have input validation)
|
|
|
|
|
|
|
|
functions.inc.php
|
|
|
|
- allowed_quota: if $CONF[quota] == NO, just return 0 (unlimited)
|
|
|
|
- authentification_get_username() - honor POSTFIXADMIN_SETUP to avoid
|
|
|
|
a redirect to login.php after creating an admin with setup.php and to
|
|
|
|
get "SETUP.PHP" for db_log()
|
|
|
|
- check_domain(), check_email(): instead of calling flash_error(),
|
|
|
|
return string with error message - or empty string if everything is ok
|
|
|
|
- check_email():
|
|
|
|
- replace $CONF[vacation_domain] only at the end of the mail address
|
|
|
|
- don't trim() mail address to avoid that aliases starting with a space are
|
|
|
|
allowed. This fixes http://sourceforge.net/p/postfixadmin/bugs/210/
|
|
|
|
- check_language(): remove things like ";q=0.8" before checking if
|
|
|
|
a language exists
|
|
|
|
- check_owner():
|
|
|
|
- escape_string() $username and $domain to prevent SQL injections
|
|
|
|
- db_pgsql() - new function to replace lots of
|
|
|
|
"if ($CONF[database_type] == 'pgsql')) checks
|
|
|
|
- db_delete(): allow to specify additional conditions for the WHERE clause
|
|
|
|
- db_get_boolean(): allow 0 and 1 as parameters, not only boolean true/false
|
|
|
|
- db_log():
|
|
|
|
- allow log actions create_admin and edit_admin
|
|
|
|
- add edit_admin_state and delete_admin as comment/reminder that they
|
|
|
|
should also be logged
|
|
|
|
- db_query(): error_log() failed query
|
|
|
|
- db_where_clause($condition, $struct) - new function to create a WHERE clause
|
|
|
|
(bool values are converted with db_get_boolean() based on $struct)
|
|
|
|
- _flash_string():
|
|
|
|
- also accept an array of messages, not only a string
|
|
|
|
- html-escape messages to fix XSS if the message contains user-supplied input
|
|
|
|
- generate_password(): make generated password always 8 chars long
|
|
|
|
(instead of $CONF['min_password_length'])
|
|
|
|
- get_domain_properties(): use DomainHandler (function result mostly
|
|
|
|
unchanged, only difference: instead of quota_sum in bytes it now
|
|
|
|
returns total_quota in MB)
|
|
|
|
- list_domains_for_admin():
|
|
|
|
- rewrite to work for superadmins also (will list all domains now
|
|
|
|
instead of "ALL"), which means we can drop the admin vs. superadmin
|
|
|
|
check at various places
|
|
|
|
- pacrypt():
|
|
|
|
- no longer escape_string() the result. This fixes
|
|
|
|
http://sourceforge.net/p/postfixadmin/bugs/218/
|
|
|
|
- for 'system' encryption, use full hashed password as salt
|
|
|
|
https://sourceforge.net/p/postfixadmin/bugs/2/
|
|
|
|
- dovecot:*:
|
|
|
|
- add support for dovecot *-CRYPT passwords (needs dovecot >= 2.1)
|
|
|
|
- allow "." in dovecot method (to allow a suffix like ".b64")
|
|
|
|
- Also, the {METHOD} part is no longer removed (passwords without
|
|
|
|
{METHOD} still work)
|
|
|
|
- remove_from_array() - new function
|
|
|
|
- safesession() - new function (like safeget(), but for $_SESSION)
|
|
|
|
- smtp_mail(): error_log() the error message if fsockopen() fails
|
|
|
|
- table_by_key() now always prepends $CONF['database_prefix']
|
|
|
|
NOTE: If you have/had an incomplete database_tables array and use
|
|
|
|
$CONF['database_prefix'], you might need to rename the affected tables
|
|
|
|
manually (add the database_prefix in their name).
|
|
|
|
- moved several functions to the *Handler classes
|
|
|
|
- deleted no longer used functions:
|
|
|
|
- admin_exist()
|
|
|
|
- authentication_is_admin()
|
|
|
|
- authentication_is_user()
|
|
|
|
- boolconf() (moved to Config::bool())
|
|
|
|
- check_string()
|
|
|
|
- create_admin()
|
|
|
|
- check_alias() (moved to AliasHandler->create_allowed())
|
|
|
|
- db_boolean_to_int()
|
|
|
|
- domain_exist()
|
|
|
|
- get_admin_properties()
|
|
|
|
- get_mailbox_properties()
|
|
|
|
- get rid of global $table_* variables, use table_by_key() instead
|
|
|
|
|
|
|
|
PFAHandler.php:
|
|
|
|
- parent class for all *Handler classes
|
|
|
|
- contains code shared between all classes
|
|
|
|
|
|
|
|
AdminHandler.php:
|
|
|
|
- Handler class for admins
|
|
|
|
- for now, set the superadmin column and add "ALL" in domain_admins to
|
|
|
|
keep the database backwards-compatible with 2.3.x
|
|
|
|
|
|
|
|
AdminpasswordHandler.php:
|
|
|
|
- used for the "change password" form for admins
|
|
|
|
|
|
|
|
DomainHandler.php
|
|
|
|
- handler class for domains
|
|
|
|
- delete(): do not allow to delete a domain if it is an alias domain target
|
|
|
|
|
|
|
|
AliasdomainHandler.php:
|
|
|
|
- handler class for alias domains
|
|
|
|
- alias domains can now be edited
|
|
|
|
|
|
|
|
AliasHandler.php:
|
|
|
|
- rewrite based on PFAHandler
|
|
|
|
- we even get a "deliver to local mailbox" checkbox :-)
|
|
|
|
- only allow @domain as target if $this->id is a catchall
|
|
|
|
- remove deprecated functions:
|
|
|
|
- get()
|
|
|
|
- hasStoreAndForward()
|
|
|
|
- update()
|
|
|
|
- is_mailbox_alias()
|
|
|
|
- is_vacation_address()
|
|
|
|
- hasAliasRecord()
|
|
|
|
|
|
|
|
MailboxHandler (previously named UserHandler in 2.3):
|
|
|
|
- rewrite based on PFAHandler
|
|
|
|
- drop old __construct(), view() and change_pass()
|
|
|
|
- replace check of old password in change_pw() with $this->login
|
|
|
|
- delete(): also cleanup fetchmail, quota and quota2 tables
|
|
|
|
- always check password with validate_password()
|
|
|
|
- always display correct available quota (using allowed_quota())
|
|
|
|
- do not escape the password coming from $_POST. Fixes
|
|
|
|
http://sourceforge.net/p/postfixadmin/bugs/218/
|
|
|
|
|
|
|
|
VacationHandler:
|
|
|
|
- rewrite based on PFAHandler (not useable yet)
|
|
|
|
- add ability to choose activation date, end date and reply interval for
|
|
|
|
vacation message - http://sourceforge.net/p/postfixadmin/patches/111/
|
|
|
|
|
|
|
|
vacation.pl:
|
|
|
|
- allow to use original subject in vacation reply subject ("Re: $SUBJECT")
|
|
|
|
http://sourceforge.net/p/postfixadmin/patches/117/
|
|
|
|
- encode subject - https://sourceforge.net/p/postfixadmin/bugs/272/ ,
|
|
|
|
https://sourceforge.net/p/postfixadmin/patches/119/
|
|
|
|
- add a friendly from address to vacation messages ($friendly_from)
|
|
|
|
- make error handling if we cannot send the reply more robust
|
|
|
|
- add $smtp_client config option to specify the helo name
|
|
|
|
- added custom noreply detection ($noreply_pattern, $custom_noreply_pattern)
|
|
|
|
|
|
|
|
Config.php
|
|
|
|
- new class to store $CONF
|
|
|
|
- also used to store $PALANG texts (Config::Lang())
|
|
|
|
- contains functions to read config entries in various ways (bool etc.)
|
|
|
|
|
|
|
|
edit.php
|
|
|
|
- generic edit page for everything (admins, domains, mailboxes, aliases, ...)
|
|
|
|
- use ?table= parameter to decide what will be edited (basically $tableHandler)
|
|
|
|
- read handler-specific configuration from $handler->webformConfig()
|
|
|
|
and use it at various places
|
|
|
|
- always redirect to edit.php?table=$table after adding an item to
|
|
|
|
ensure correct initialization for next item
|
|
|
|
- call $handler->mergeId if $id_field is editable, but not displayed
|
|
|
|
in form (usecase: merge localpart + domain to address)
|
|
|
|
- set $form_fields and $id_field later (after $hander->init()) - needed
|
|
|
|
for AliasHandler to decide if goto_mailbox should be displayed
|
|
|
|
- only set $values if a field is editable and displayed in the form
|
|
|
|
|
|
|
|
editform.tpl:
|
|
|
|
- generic edit form template, uses $struct to render the form
|
|
|
|
- implement handling of 'list' fields (<select> with multiple choices
|
|
|
|
allowed)
|
|
|
|
- also include alternative implementation with checkboxes (commented out)
|
|
|
|
|
|
|
|
upgrade.php
|
|
|
|
- _pgsql_field_exists(), _mysql_field_exists():
|
|
|
|
Those functions are always called with the expanded table name - don't
|
|
|
|
expand it twice. (The better solution would be to change all calling
|
|
|
|
code to provide non-expanded tablenames, but that's more work.)
|
|
|
|
- change {BIGINT} to include "NOT NULL DEFAULT 0"
|
|
|
|
- upgrade_1283(): add a "superadmin" column to the admin table
|
|
|
|
This is the first step to get rid of the "ALL" dummy domain.
|
|
|
|
- upgrade_1284(): migrate the ALL domain to the superadmin column
|
|
|
|
Note: The ALL domain is not (yet) deleted to stay backwards-compatible
|
|
|
|
for now (will be done in a later upgrade function)
|
|
|
|
- change {BOOLEAN} to include "default false"
|
|
|
|
|
|
|
|
login.php
|
|
|
|
- when login.php is requested, logout the current admin/user
|
|
|
|
https://sourceforge.net/p/postfixadmin/bugs/284/
|
|
|
|
- this also means login.php is now used for logout
|
|
|
|
- error_log() failed login attemps
|
|
|
|
https://sourceforge.net/p/postfixadmin/feature-requests/111/
|
|
|
|
|
|
|
|
delete.php, editactive.php:
|
|
|
|
- require token for CSRF protection, see
|
|
|
|
https://sourceforge.net/p/postfixadmin/bugs/269/
|
|
|
|
|
|
|
|
xmlrpc.php:
|
|
|
|
- adopt to *Handler syntax
|
|
|
|
- setAway(): add (optional) new parameters for interval_time, activeFrom and
|
|
|
|
activeUntil - https://sourceforge.net/p/postfixadmin/patches/113/
|
|
|
|
- change $_SESSION['username'] to $_SESSION['sessid']['username']
|
|
|
|
|
|
|
|
*.lang:
|
|
|
|
- get rid of several duplicate texts
|
|
|
|
- removed HTML tags from $PALANG texts
|
|
|
|
- several translation updates
|
|
|
|
|
|
|
|
documentation updates:
|
|
|
|
- SECURITY.TXT: add note about templates_c directory
|
|
|
|
- DOCUMENTS/POSTFIX_CONF.TXT is now executable and can generate the
|
|
|
|
mysql_*.cf maps for postfix
|
|
|
|
- update DOCUMENTS/DOVECOT.TXT for dovecot 2.x
|
|
|
|
|
|
|
|
squirrelmail plugin:
|
|
|
|
- various bugfixes
|
|
|
|
- documentation update
|
|
|
|
|
|
|
|
Debian packaging:
|
|
|
|
- Changed source format to 3.0 (quilt)
|
|
|
|
- simplified the DB credential patch and removing ucf registrations on package
|
|
|
|
purge...
|
|
|
|
- control: added php5-cli dependency
|
|
|
|
- rules:
|
|
|
|
- some permission fixes to postfixadmin-cli scripts
|
|
|
|
- New target prep: Create a needed tar.gz file to build a non-nativ .dpkg
|
|
|
|
- New target build-package: Call this target to build a shiny new .dpkg file
|
|
|
|
- postfixadmin.docs: removed redundant changelog file
|
|
|
|
- debian/postfixadmin.postrm: Call wwwconfig scripts only if they are existing
|
|
|
|
|
|
|
|
Version 2.3.8 - 2015/10/07 - SVN r1814 (postfixadmin-2.3 branch)
|
|
|
|
----------------------------------------------------------------
|
|
|
|
|
|
|
|
- fix query to enable/disable alias in edit-mailbox for PostgreSQL (#311)
|
|
|
|
- don't prefill username in users/ login on failed logins - fixes (probably
|
|
|
|
harmless) XSS
|
|
|
|
- fix show_gen_status() to properly escape mail addresses in query (#356)
|
|
|
|
- fix escaping in create-admin, create-mailbox and fetchmail templates -
|
|
|
|
fixes (harmless) XSS on form validation errors
|
|
|
|
- don't echo the password back to the browser in the fetchmail form
|
|
|
|
- allow MariaDB in Debian package dependencies
|
|
|
|
|
|
|
|
Version 2.3.7 - 2014/02/20 - SVN r1651 (postfixadmin-2.3 branch)
|
|
|
|
----------------------------------------------------------------
|
|
|
|
|
|
|
|
- SECURITY: fix SQL injection in show_gen_status()
|
|
|
|
- lt.lang, da.lang translation update
|
|
|
|
- when enabling/disabling a mailbox, also update the corresponding alias
|
|
|
|
- fix creating superadmin in setup.php with MariaDB (more strict SQL)
|
|
|
|
- don't trim() mail address to avoid that aliases starting with a space are
|
|
|
|
allowed. This fixes http://sourceforge.net/p/postfixadmin/bugs/210/ and
|
|
|
|
https://sourceforge.net/p/postfixadmin/feature-requests/113/
|
|
|
|
- update regex in check_domain() to support new, longer TLDs like .international
|
|
|
|
- mark vacation_notification.notified field as latin1 to avoid overlong index
|
|
|
|
- vacation.pl: encode subject
|
|
|
|
- vacation.pl: disable use of TLS by default due to a bug in Mail::Sender 0.8.22
|
|
|
|
(you can re-enable it with $smtp_tls_allowed)
|
|
|
|
|
|
|
|
Version 2.3.6 - 2013/01/02 - SVN r1417 (postfixadmin-2.3 branch)
|
|
|
|
----------------------------------------------------------------
|
|
|
|
|
|
|
|
- display domain and mailbox description with correct encoding
|
|
|
|
- fix footer link
|
|
|
|
- focus username input field in login form
|
|
|
|
- fix double inclusion of config.inc.php in setup.php
|
|
|
|
- fix bool and date handling in fetchmail
|
|
|
|
|
|
|
|
Version 2.3.5 - 2012/01/16 - SVN r1335 (postfixadmin-2.3 branch)
|
|
|
|
----------------------------------------------------------------
|
|
|
|
|
|
|
|
- fix SQL injection in pacrypt() (if $CONF[encrypt] == 'mysql_encrypt')
|
|
|
|
- fix SQL injection in backup.php - the dump was not mysql_escape()d,
|
|
|
|
therefore users could inject SQL (for example in the vacation message)
|
|
|
|
which will be executed when restoring the database dump.
|
|
|
|
WARNING: database dumps created with backup.php from 2.3.4 or older might
|
|
|
|
contain malicious SQL. Double-check before using them!
|
|
|
|
- fix XSS with $_GET[domain] in templates/menu.php and edit-vacation
|
|
|
|
- fix XSS in some create-domain input fields
|
|
|
|
- fix XSS in create-alias and edit-alias error message
|
|
|
|
- fix XSS (by values stored in the database) in fetchmail list view,
|
|
|
|
list-domain and list-virtual
|
|
|
|
- create-domain: fix SQL injection (only exploitable by superadmins)
|
|
|
|
- add missing $LANG['pAdminDelete_admin_error']
|
|
|
|
- don't mark mailbox targets with recipient delimiter as "forward only"
|
|
|
|
- wrap hex2bin with function_exists() - PHP 5.3.8 has it as native function
|
|
|
|
|
|
|
|
Version 2.3.4 - 2011/09/16 - SVN r1180 (postfixadmin-2.3 branch)
|
|
|
|
----------------------------------------------------------------
|
|
|
|
|
|
|
|
- generate more secure random passwords
|
|
|
|
- squirrelmail plugin: fix typo in variable name
|
|
|
|
- list-domain: fix SELECT query to work with PgSQL even when using custom fields
|
|
|
|
- create-domain: force domain name to lowercase to avoid problems with PgSQL
|
|
|
|
foreign keys
|
|
|
|
- fix vacation.pl to log to "mail" syslog facility
|
|
|
|
- error_log() dovecotpw error messages
|
|
|
|
|
|
|
|
Version 2.3.3 - 2011/03/14 - SVN r1010 (postfixadmin-2.3 branch)
|
|
|
|
----------------------------------------------------------------
|
|
|
|
|
|
|
|
- create-alias: allow multiple alias targets
|
|
|
|
- create-alias, edit-alias: prevent input data loss on validation errors
|
|
|
|
- list-virtual: fix displaying of 'modified' column for aliases when using
|
|
|
|
postgres
|
|
|
|
- replaced deprecated split() with preg_split() or explode()
|
|
|
|
- functions.inc.php: better error messages when database functions are missing
|
|
|
|
- create domain: fixed typo in variable name that broke the default value for
|
|
|
|
default aliases
|
|
|
|
- postgres: changed mailbox.quota, domain.quota and domain.maxquota fields
|
|
|
|
to bigint to allow mailboxes >4 GB (run setup.php to upgrade your database)
|
|
|
|
- vacation.pl logged literal $variable instead of the variable content at two
|
|
|
|
places
|
|
|
|
- edit-vacation: log enabling/disabling vacation if done by admins
|
|
|
|
- POSTFIX_CONF.txt: fixed filename for quota map
|
|
|
|
- config.inc.php: removed double $CONF['database_prefix']
|
|
|
|
- config.inc.php: fixed comments about domain_post* script parameters
|
|
|
|
- updated INSTALL.TXT and UPGRADE.TXT
|
|
|
|
- sk translation update
|
|
|
|
- some more minor fixes
|
|
|
|
|
|
|
|
Version 2.3.2 - 2010/08/24 - SVN r860 (postfixadmin-2.3 branch)
|
|
|
|
---------------------------------------------------------------
|
|
|
|
|
|
|
|
- SUMMARY: PostfixAdmin 2.3.2 is a bugfix-only release for Postfix Admin 2.3.1
|
|
|
|
- SECURITY: attackers could find out if a admin exists (login pre-filled the
|
|
|
|
username after "only" a wrong password was entered)
|
|
|
|
- SECURITY: fix sql injection in list-domain (only exploitable by superadmins)
|
|
|
|
- alias targets in users/edit-alias are now validated
|
|
|
|
- invalid alias targets in users/edit-alias are shown to the user again
|
|
|
|
instead of dropping them
|
|
|
|
- fix dovecot:* password encryption (was broken in 2.3.1)
|
|
|
|
- fix displaying used quota for dovecot <= 1.1 (was broken in 2.3.1)
|
|
|
|
- when deleting a domain that is an alias domain (on the "from" side), the
|
|
|
|
alias domain is deleted
|
|
|
|
|
|
|
|
Version 2.3.1 - 2010/07/09 - SVN r847 (postfixadmin-2.3 branch)
|
|
|
|
---------------------------------------------------------------
|
|
|
|
|
|
|
|
- SUMMARY: PostfixAdmin 2.3.1 is a bugfix-only release for Postfix Admin 2.3.
|
|
|
|
The only visible change is displaying the alias target for mailboxes which
|
|
|
|
was a longstanding issue/"missing feature".
|
|
|
|
The ADDITIONS directory contains some new scripts.
|
|
|
|
- SECURITY: users could bypass checking the old password when changing the
|
|
|
|
password by entering a too short new password. Fortunately only
|
|
|
|
"exploitable" by authentificated users.
|
|
|
|
- merge in changes to /debain (thanks normes) from trunk
|
|
|
|
- display alias targets for mailboxes (if $CONF['special_alias_control'] = YES)
|
|
|
|
- add hook for custom maildir path generation
|
|
|
|
- add import_users_from_csv.py script (by Simone Piccardi)
|
|
|
|
- add mailbox_post* scripts for cyrus
|
|
|
|
- handle dovecot passwords without any tempfile (prevents safe_mode issues)
|
|
|
|
- fix MySQL 6.0 compatibility
|
|
|
|
- fix quota display (for dovecot >= 1.2)
|
|
|
|
- fix short open tags ("<?")
|
|
|
|
- translation updates and fixes
|
|
|
|
- documentation updates and fixes
|
|
|
|
- document commandline parameters for $CONF[*_script] options in config.inc.php
|
|
|
|
- list-virtual: added error message if the check_owner query returns more
|
|
|
|
than one result (can happen with pre-2.3 databases and prevents access for
|
|
|
|
superadmins)
|
|
|
|
- add in_array() check to avoid that superadmins can enter invalid domains
|
|
|
|
- fix delete link for alias domains (when on target domain)
|
|
|
|
- delete values from quota and quota2 table when deleting a mailbox
|
|
|
|
- fix hardcoded table names in list-domain.php
|
|
|
|
- fixed edit-alias.php not to drop alias to the mailbox if
|
|
|
|
special_alias_control = NO
|
|
|
|
- fix alias handling for mailboxes (special_alias_control vs.
|
|
|
|
alias_control_admin confusion)
|
|
|
|
- fix typo in upgrade.php that broke index creation and deletion when using
|
|
|
|
non-default table names
|
|
|
|
- fix creating 'ALL' domain (dummy for superadmins) when using non-default
|
|
|
|
table names
|
|
|
|
- fix: db_query did not return number of SELECTed rows if query starts with
|
|
|
|
with whitespace
|
|
|
|
- check for $CONF['encrypt'] = 'dovecot:md5-crypt' (postfixadmin login not
|
|
|
|
working because dovecotpw uses a new salt each time), recommend
|
|
|
|
internal md5crypt instead
|
|
|
|
- replaced terribly outdated, broken squirrelmail plugin with a fresh version.
|
|
|
|
Note: The new plugin version requires the Zend framework.
|
|
|
|
|
|
|
|
Version 2.3 - 2009/10/24 - SVN r739
|
|
|
|
-----------------------------------
|
|
|
|
|
|
|
|
- automatically create quota tables for dovecot (both 1.0/1.1 and >= 1.2)
|
|
|
|
- list-virtual can now handle both table formats
|
|
|
|
- fixed upgrade.php for MySQL 6.0 compability
|
|
|
|
- changed vacation.pl syslog facility from "user" to "mail"
|
|
|
|
- added config option for postregsql database port
|
|
|
|
- added config option to enable/disable XMLRPC interface (default: off)
|
|
|
|
- Fix check/query for alias with enabled vacation in vacation.pl
|
|
|
|
- Fix db_get_boolean() to return t/f for postgresql, not true/false
|
|
|
|
- Fix missing quoting for boolean values in SQL queries at various places
|
|
|
|
- Allow SHA courier-authlib passwords
|
|
|
|
- various small bug fixes
|
|
|
|
- fixed SVN revision for 2.3rc7 in changelog (was r691, should be r694)
|
|
|
|
|
|
|
|
Version 2.3rc7 - 2009/07/27 - SVN r694
|
|
|
|
--------------------------------------
|
|
|
|
|
|
|
|
- Fix bug with confd-link.sh debian thing (breakage on Lenny with wwwconfig-common 0.1.2)
|
|
|
|
- Fix crypt() issue (see https://sourceforge.net/tracker/?func=detail&aid=2814820&group_id=191583&atid=937964 )
|
|
|
|
|
|
|
|
Version 2.3rc6 - 2009/07/20 - SVN r689
|
|
|
|
--------------------------------------
|
|
|
|
|
|
|
|
- Updates to vacation.pl
|
|
|
|
- PHP 5.3 compatibility
|
|
|
|
- Easier dependencies for .debs - should work on Lenny/Ubuntu etc without issue now.
|
|
|
|
|
|
|
|
Version 2.3rc5 - 2009/05/20 - SVN r658
|
|
|
|
--------------------------------------
|
|
|
|
|
|
|
|
- Improvements to the setup process
|
|
|
|
- Far better Debian packaging (we hope!) which should make installation much, much easier.
|
|
|
|
- Various bug fixes
|
|
|
|
- Performance enhancements (or we fixed the regressions ...) in domain listing etc.
|
|
|
|
|
|
|
|
Version 2.3rc4 - 2009/04/18 - SVN r632
|
|
|
|
--------------------------------------
|
|
|
|
|
|
|
|
- *Security fix* - on upgrade setup.php is restored; allowing a malicious
|
|
|
|
user to create their own superadmin account. We've removed the requirement to delete
|
|
|
|
setup.php, and instead a new config parameter (setup_password) is used to protect access
|
|
|
|
to this page. Password is encrypted, and setup.php can be used to generate the initial value.
|
|
|
|
- Fix undefined variables problem(s)
|
|
|
|
- Fix PostgreSQL date timestamp issues...
|
|
|
|
|
|
|
|
Version 2.3rc3 - 2009/04/06 - SVN r611
|
|
|
|
--------------------------------------
|
|
|
|
|
|
|
|
- Minor improvements to the Debian packaging, expect more soon
|
|
|
|
- Assorted bug fixes
|
|
|
|
- Partial support for per-user fetchmail.pl support
|
|
|
|
|
|
|
|
Version 2.3rc2 - 2009/02/03 - SVN r593
|
|
|
|
--------------------------------------
|
|
|
|
|
|
|
|
- Refactor /users (see /model) and provide XmlRpc interface for remote mail clients
|
|
|
|
(e.g. squirrelmail-postfixadmin)
|
|
|
|
- Add dovecotpw support - see:
|
|
|
|
https://sourceforge.net/tracker/index.php?func=detail&aid=2607332&group_id=191583&atid=937966
|
|
|
|
- Add unit tests for model/ directory (see /tests)
|
|
|
|
- Add additional scripts to ADDITIONS
|
|
|
|
- Documentation updates
|
|
|
|
- Various language updates
|
|
|
|
- added ADDITIONS/delete-mailq-by-domain.pl (by Jose Nilton)
|
|
|
|
- added ADDITIONS/quota_usage.pl (by Jose Nilton) - produces report of quota usage
|
|
|
|
- added support for courier authlib authentication flavors ($CONF['authlib_default_flavor'])
|
|
|
|
|
|
|
|
|
|
|
|
Version 2.3 Beta - 2009/01/15 - SVN r527
|
|
|
|
-----------------------------------------
|
|
|
|
|
|
|
|
- added support for domain aliases (from lenix) (can be disabled with $CONF['alias_domain'])
|
|
|
|
Important: If you update from a previous version, you'll have to adapt your postfix
|
|
|
|
configuration (see DOCUMENTS/POSTFIX_CONF.txt) - or just disable alias domain support,
|
|
|
|
your postfix configuration will continue to work
|
|
|
|
- updated postfix example configuration for domain aliases and to use the new mysql map format
|
|
|
|
- vacation.pl:
|
|
|
|
- add option for re-notification after definable timeout (patch from Luxten)
|
|
|
|
(default stays on "notify once")
|
|
|
|
- force usage of envelope from/to, better checks for mailinglists, spam etc.
|
|
|
|
If in doubt, do not send a vacation reply (patch from Lutxen)
|
|
|
|
- added a small test suite
|
|
|
|
- use Log4Perl
|
|
|
|
- allow to enter the configuration in /etc/mail/postfixadmin/vacation.conf
|
|
|
|
instead of editing vacation.pl directly
|
|
|
|
- bump version number of vacation.pl
|
|
|
|
- added domain-postcreation script support
|
|
|
|
- added dovecot quota support (documentation + viewing in postfixadmin)
|
|
|
|
- enhanced mailbox table to make it easier for people to customise where mailboxes live
|
|
|
|
(new column "local_part")
|
|
|
|
- enhanced fetchmail.pl script (file locking, syslog logging, configuration file etc)
|
|
|
|
- added clear error message for non-resolvable domains when creating mailboxes or aliases
|
|
|
|
- check for non-resolvable domains on domain creation
|
|
|
|
- new option $CONF['create_mailbox_subdirs_prefix'] for compatibility with more IMAP servers
|
|
|
|
- added support for mysql encrypt() password encrpytion
|
|
|
|
- fix "illegal mix of collations" problem in MySQL by explicitely setting the charset everywhere
|
|
|
|
- fix: cleanup vacation_notification table when disabling vacation
|
|
|
|
- fix: config and fetchmail tables now honor $CONF['database_tables']
|
|
|
|
- fix: several table names were hardcoded in database creation/update
|
|
|
|
- fix: "unlimited" and "disabled" for quota and limits were crossed at several places
|
|
|
|
- fix: honor $CONF['default_transport'] even if $CONF['transport'] = "no" (patch by fabiobon)
|
|
|
|
- fix: transport field is no longer emptied on domain edit if editing transport is disabled
|
|
|
|
- show links to create mailboxes or alias even on disabled domains
|
|
|
|
- added support for fetchmail's "ssl" option
|
|
|
|
- superadmin can now setup fetchmail for all users, not only for himself
|
|
|
|
- force username to be lowercase - this helps some IMAP clients apparently
|
|
|
|
- the "probably undeliverable" marker now honors catchall targets
|
|
|
|
- on mailbox creation, show password if $CONF['generate_password'] == 'YES', but
|
|
|
|
do not show it if it was _not_ autogenerated and $CONF['show_password'] == 'NO'
|
|
|
|
- dropped $CONF['show_custom_count']. PHP can count ;-)
|
|
|
|
- dropped obsolete VIRTUAL_VACATION/mail-filter script
|
|
|
|
- translation updates
|
|
|
|
- several small bugfixes
|
|
|
|
|
|
|
|
|
|
|
|
Version 2.2.1.1 - 2008/07/23 - SVN r412
|
|
|
|
---------------------------------------
|
|
|
|
|
|
|
|
- fixed version number in functions.inc.php ;-)
|
|
|
|
|
|
|
|
|
|
|
|
Version 2.2.1 - 2008/07/21 - SVN r408
|
|
|
|
-------------------------------------
|
|
|
|
|
|
|
|
- added quota parameter to mailbox_postcreation hook
|
|
|
|
- new hook to update the quota after editing a mailbox ($CONF['mailbox_postedit_script'])
|
|
|
|
- fixed subfolder creation order and timing
|
|
|
|
- allow smtp server to be specified in vacation.pl
|
|
|
|
- fixed MySQL charset issues
|
|
|
|
- several small bugfixes
|
|
|
|
- Norwegian (bokmal) translation added
|
|
|
|
- several translation updates
|
|
|
|
|
|
|
|
|
|
|
|
Version 2.2.0 - 2008/04/29
|
|
|
|
--------------------------
|
|
|
|
|
|
|
|
<Far more changes than those listed here; thanks to all the community who have provided
|
|
|
|
patches and time to help us get here!>
|
|
|
|
- Unicode support for vacation messages
|
|
|
|
- More language translations
|
|
|
|
- Merged the two vacation scripts (PostgreSQL version won :) )
|
|
|
|
- Added setup.php/upgrade.php scripts to handle upgrades
|
|
|
|
- See also new 'config' database table
|
|
|
|
- Added support for 'fetchmail' so mail from a remote server can be retrieved.
|
|
|
|
- Many, many bug fixes
|
|
|
|
|
|
|
|
- Added: Feature to show status of aliases/mailboxes (GregC)
|
|
|
|
- Fixed: Many admin/*.php files merged with /*.php
|
|
|
|
- Fixed: 'alias' instead of '$table_alias' being used by some .php files (GregC)
|
|
|
|
- Fixed: Overview no longer lists alias entries for mailboxes (GregC)
|
|
|
|
- Changed: Added exit buttons to several edit options. (GregC)
|
|
|
|
- Fixed: user options are a little more idiot-proof, templates are consistent (GregC)
|
|
|
|
- Changed: Users can view and edit their vacation config (GregC)
|
|
|
|
- Added: Slovakian language posted on SourceForge by eszabo
|
|
|
|
- Changed: searches include mailbox.name matches (GregC)
|
|
|
|
- Fixed: function check_email will ignore vacation_domain if vacation==YES (GregC)
|
|
|
|
- Changed: applied patches from Christian Boltz posted at
|
|
|
|
http://www.cboltz.de/tmp/postfixadmin-3.patch, referenced at
|
|
|
|
https://sourceforge.net/tracker/index.php?func=detail&aid=1696647&group_id=191583&atid=937966 (GregC)
|
|
|
|
- Added: main.php to admin dirctory (GregC)
|
|
|
|
- Added: Item "Main" on admin menu (GregC)
|
|
|
|
- Changed: Edit-vacation now edits for admins/superadmins (GregC)
|
|
|
|
- Added: Do not store local copy when forward mail. (Mihau) [24]
|
|
|
|
- Added: Virtual Vacation for PostgreSQL. (Tarvin)
|
|
|
|
- Added: Virtual Vacation 3.2 (Thanx David)
|
|
|
|
- Added: SUBJECT tag for Virtual Vacation.
|
|
|
|
- Added: Dovecot setup document for Postfix Admin. (Thanx Massimo)
|
|
|
|
- Added: SquirrelMail plugin to change_password.
|
|
|
|
- Changed: Starting to merge /admin in root. (Mihau)
|
|
|
|
- Changed: Moved some TXT files to DOCUMENTS.
|
|
|
|
- Changed: Updated tw.lang. (Thanx Bruce)
|
|
|
|
- Fixed: Usage of mysql_real_escape_string(). (Mihau)
|
|
|
|
- Fixed: Calculating of quotas. (Mihau)
|
|
|
|
- Fixed: Password generation when creating a new account. (Mihau)
|
|
|
|
- Fixed: PostgreSQL patches. (Tarvin)
|
|
|
|
- Fixed: Adding of multiple aliases. (Mihau)
|
|
|
|
- Fixed: CSS Menu width. (Mihau)
|
|
|
|
- Fixed: Overview when upgrading from 2.0.4. (Mihau)
|
|
|
|
- Fixed: smtp_mail() to wait for response from server.
|
|
|
|
- Fixed: pacrypt() so system works properly. (Thanx Npaufler)
|
|
|
|
- Fixed: quoting an email address when sending mail in vacation.pl. (Thanx Marc)
|
|
|
|
- Fixed: vacation.pl has a clean exit when it encounters an error. (Thanx Brian)
|
|
|
|
- Fixed: descriptions for quota={-1|0} in admin section (Mihau)
|
|
|
|
|
|
|
|
|
|
|
|
Version 2.1.0 -- 2005/01/07
|
|
|
|
---------------------------
|
|
|
|
- Added: Traditional Chinese language. (Thanx Bruce)
|
|
|
|
- Added: Traditional Bulgarian language. (Thanx Plamen)
|
|
|
|
- Added: Macedonian language. (Thanx Damjan)
|
|
|
|
- Added: Estonian language. (Thanx Peeter)
|
|
|
|
- Added: Slovenian language. (Thanx Nejc)
|
|
|
|
- Added: Check for update link in footer.
|
|
|
|
- Added: Additional language strings. Check LANGUAGE.TXT
|
|
|
|
- Added: Transport support. (read postfix transport for more information)
|
|
|
|
- Added: Additional language string for transport support.
|
|
|
|
- Added: MySQL 4.1 support.
|
|
|
|
- Added: PostgreSQL support. (Big Thanx WhiteFox!)
|
|
|
|
- Added: Setup Checker script. (Thanx Fenrir)
|
|
|
|
- Added: Database prefix. (Thanx Decramy)
|
|
|
|
- Added: Template tags. (Thanx Nelson)
|
|
|
|
- Added: admin/domain/alias/mailbox in delete dialog box.
|
|
|
|
- Added: $CONF['postfix_admin_url'] variable.
|
|
|
|
- Added: $CONF['postfix_admin_path'] variable.
|
|
|
|
- Added: $CONF['vacation_domain'] variable.
|
|
|
|
- Added: $CONF['welcome_text'] variable.
|
|
|
|
- Added: $CONF['special_alias_control'] variable. (Thanx Mihau)
|
|
|
|
- Added: Virtual Vacation 3.1 (Thanx David)
|
|
|
|
- Added: ADDITIONS directory with third party scripts and plugins.
|
|
|
|
- Added: Search function for aliases and mailboxes.
|
|
|
|
- Changed: Postfix Admin has now it's own license.
|
|
|
|
- Changed: New menu and color scheme. (Thanx Nelson)
|
|
|
|
- Changed: Disable number and unlimited number for aliases/mailboxes/quota.
|
|
|
|
- Changed: Virtual Vacation to have it's own transport. (Big Thanx Npaufler!)
|
|
|
|
- Changed: Removed the welcome text for a new mailbox from the language files.
|
|
|
|
- Changed: backup.php to be a more secure. (Thanx John)
|
|
|
|
- Fixed: Cleaned up stylesheet.
|
|
|
|
- Fixed: Default quota multiplier.
|
|
|
|
- Fixed: All POST/GET strings are escaped.
|
|
|
|
- Fixed: Corrected smtp_mail() to wait for result. (Thanx Patrice)
|
|
|
|
- Fixed: Pagination with alias_control switched on.
|
|
|
|
- Fixed: Swedish language. (Thanx Bjorne)
|
|
|
|
- Fixed: Polish language. (Thanx Piotr)
|
|
|
|
- Fixed: Minor Virtual Vacation bugs. (Thanx David)
|
|
|
|
- Fixed: check_quota().
|
|
|
|
- Fixed: Minor encode_header() issue. (Thanx Matthew)
|
|
|
|
- Fixed: edit-alias.php when running with magic_quotes_gpc = off
|
|
|
|
|
|
|
|
|
|
|
|
Version 2.0.5 -- 2004/08/21
|
|
|
|
---------------------------
|
|
|
|
- Added: Chinese language. (Thanx Matthew)
|
|
|
|
- Added: Catalan language. (Thanx Jaume)
|
|
|
|
- Added: Czech language. (Thanx Jakub)
|
|
|
|
- Added: Dynamic language detection.
|
|
|
|
- Added: Header in header.tpl to set charset header from language file.
|
|
|
|
- Added: More subroutines and alias checking for Vacation. (Thanx David)
|
|
|
|
- Added: Domain pass-through with certain pages.
|
|
|
|
- Added: Backup MX option for domain.
|
|
|
|
- Added: Log contains IP address of admin.
|
|
|
|
- Added: Pagination for alias/mailbox listing.
|
|
|
|
- Added: 2 additional language strings to support Backup MX.
|
|
|
|
- Added: Support for motd.txt (Domain Admins only).
|
|
|
|
- Added: Support for motd-admin.txt (Site Admins only).
|
|
|
|
- Added: Support for motd-users.txt (Users only).
|
|
|
|
- Added: Optional hostname for vacation.
|
|
|
|
- Added: generate_password() to generating random passwords for mailboxes.
|
|
|
|
- Changed: dk -> da, se -> sv, no-nn -> nn
|
|
|
|
- Changed: All email addresses are now converted to lowercase, strtolower().
|
|
|
|
- Changed: Moved onMouseOver to the CSS stylesheet.
|
|
|
|
- Changed: Moved font color to the CSS styleheet.
|
|
|
|
- Changed: PHP mail() is replaced by an internal function, smtp_mail().
|
|
|
|
- Changed: mysql_fetch_array() replaced with internal function db_array().
|
|
|
|
- Changed: mysql_fetch_assoc() replaced with internal function db_assoc().
|
|
|
|
- Changed: mysql_fetch_row() replaced with internal function db_row().
|
|
|
|
- Changed: Quota multiplier is now a configuration option.
|
|
|
|
- Fixed: Login didn't check for active flag.
|
|
|
|
- Fixed: Minor html table errors.
|
|
|
|
- Fixed: Row count by using COUNT(*).
|
|
|
|
- Fixed: Locked down subdirectories.
|
|
|
|
- Fixed: Create admin properly populates the domain_admins table.
|
|
|
|
- Fixed: Cleaned up stylesheet.css.
|
|
|
|
- Fixed: Delete mailbox properly removes vacation entries.
|
|
|
|
|
|
|
|
|
|
|
|
Version 2.0.4 -- 2004/02/26
|
|
|
|
----------------------------
|
|
|
|
- Added: Euskara language. (Thanx Julen)
|
|
|
|
- Added: Hungarian language. (Thanx Christian)
|
|
|
|
- Added: Icelandic language. (Thanx Gestur)
|
|
|
|
- Added: Italian language. (Thanx Stucchi)
|
|
|
|
- Added: Norwegian - Nynorsk language. (Thanx Paul)
|
|
|
|
- Added: Polish language. (Thanx Jarek)
|
|
|
|
- Added: Portuguese - Brazil language. (Thanx Roberto)
|
|
|
|
- Added: Rusian language. (Thanx Paul)
|
|
|
|
- Added: Turkish language (Thanx Onuryalazi)
|
|
|
|
- Added: Encode a string according to RFC 1522 for use in headers if it
|
|
|
|
contains 8-bit characters. (Thanx Evgeniy)
|
|
|
|
- Added: One click active change of mailbox/domain/admin. (Thanx Marcin)
|
|
|
|
- Changed: Header in header.tpl to read charset header from language file.
|
|
|
|
- Fixed: Some form values are now parsed through htmlspecialchars().
|
|
|
|
(Thanx Marcin)
|
|
|
|
- Fixed: admin/delete.php ignored $CONF['vacation'].
|
|
|
|
- Fixed: More minor fixes to Virtual Vacation.
|
|
|
|
|
|
|
|
|
|
|
|
Version 2.0.3 -- 2004/01/14
|
|
|
|
----------------------------
|
|
|
|
- Added: Site Admin email address.
|
|
|
|
- Added: Danish language. (Thanx Lars)
|
|
|
|
- Added: Dutch language. (Thanx Mourik)
|
|
|
|
- Added: Faroese language. (Thanx Danial)
|
|
|
|
- Added: Finnish language. (Thanx Palo)
|
|
|
|
- Added: French language. (Thanx Kuthz)
|
|
|
|
- Added: Swedish language. (Thanx Slite)
|
|
|
|
- Added: Ignoring of MAILER-DAEMON type emails for Vacation.
|
|
|
|
- Fixed: Minor issues regarding mail().
|
|
|
|
- Fixed: Minor issues regarding crypt().
|
|
|
|
- Fixed: Strip issue of email address for Vacation.
|
|
|
|
|
|
|
|
|
|
|
|
Version 2.0.2 -- 2004/01/06
|
|
|
|
----------------------------
|
|
|
|
- Added: German language. (Thanx Tobias)
|
|
|
|
- Added: Spanish language. (Thanx Alvaro)
|
|
|
|
- Fixed: The body was not included using sendmail.php.
|
|
|
|
- Fixed: Undefined variables.
|
|
|
|
- Fixed: Minor HTML cleanup.
|
|
|
|
|
|
|
|
|
|
|
|
Version 2.0.1 -- 2004/01/04
|
|
|
|
----------------------------
|
|
|
|
- Fixed: The language variable caused a problem on some systems.
|
|
|
|
|
|
|
|
|
|
|
|
Version 2.0.0 -- 2004/01/03
|
|
|
|
----------------------------
|
|
|
|
- Added: The ability for one domain admin to maintain multiple domains.
|
|
|
|
- Added: Domain to domain forwarding.
|
|
|
|
- Added: Mailboxes can now be activated or deactivated.
|
|
|
|
- Added: Configurable welcome message for new mailboxes.
|
|
|
|
- Added: Optional sending of welcome message.
|
|
|
|
- Added: Create alias "To" defaults to current domain.
|
|
|
|
- Added: Logging of admin / user actions.
|
|
|
|
- Added: Limit for aliases and/or mailboxes per domain.
|
|
|
|
- Added: Disable aliases and/or mailboxes per domain.
|
|
|
|
- Added: Max quota per mailbox per domain.
|
|
|
|
- Added: Multi-Language support.
|
|
|
|
- Added: Statistics overview for all domains.
|
|
|
|
- Added: User .forwarding for mailbox users.
|
|
|
|
- Added: Logo for Postfix Admin (Thanx Andrew).
|
|
|
|
- Added: Extra MySQL debugging capabilities.
|
|
|
|
- Added: Clear text password support.
|
|
|
|
- Added: PHP crypt() support.
|
|
|
|
- Changed: Separated logic and SQL from content.
|
|
|
|
- Changed: config.inc.php doesn't point to example.com anymore.
|
|
|
|
- Changed: Virtual Vacation no longer requires procmail.
|
|
|
|
- Changed: Complete re-write.
|
|
|
|
|
|
|
|
|
|
|
|
Version 1.5.4 -- 2003/06/16
|
|
|
|
----------------------------
|
|
|
|
- Added: Option for "Back to".
|
|
|
|
- Added: Option for Vacation module.
|
|
|
|
- Added: Table declaration for the use of Quota in the INSTALL.TXT.
|
|
|
|
This requires an additional local delivery agent.
|
|
|
|
Quotas are not supported by Postfix!
|
|
|
|
- Changed: The word "View" to "List".
|
|
|
|
|
|
|
|
|
|
|
|
Version 1.5.3 -- 2003/06/06
|
|
|
|
----------------------------
|
|
|
|
- Fixed: Even more minor bugs in regards to declaration of variables.
|
|
|
|
(Thanx Aquilante and Kyle_m)
|
|
|
|
|
|
|
|
|
|
|
|
Version 1.5.2 -- 2003/06/05
|
|
|
|
----------------------------
|
|
|
|
- Fixed: Minor bugs in regards to declaration of variables.
|
|
|
|
|
|
|
|
|
|
|
|
Version 1.5.1 -- 2003/06/04
|
|
|
|
----------------------------
|
|
|
|
- Added: Optional mailbox per domain directory structure. (Thanx Jim)
|
|
|
|
- Added: Option to completely control the stored aliases. (Thanx Alex)
|
|
|
|
- Changed: config.inc.php is renamed to config.inc.php.sample. (Thanx Alex)
|
|
|
|
- Fixed: $PHP_SELF in config.inc.php and my_lib.php. (Thanx Jim)
|
|
|
|
|
|
|
|
|
|
|
|
Version 1.5.0 -- 2003/05/28
|
|
|
|
----------------------------
|
|
|
|
- Added: Support for "Back to Main Site"
|
|
|
|
- Added: config.inc.php as the main configuration file.
|
|
|
|
- Added: Drop down box for domain selection when adding a new admin.
|
|
|
|
- Added: Resend of test email to newly created mailbox.
|
|
|
|
- Added: Mailbox and Aliases count for domainview.
|
|
|
|
- Added: Change description of domain without deleting the complete
|
|
|
|
domain.
|
|
|
|
- Added: Change name of mailbox user without deleting the mailbox.
|
|
|
|
- Added: Expire headers for unnecessary reloads. (Thanx Alex)
|
|
|
|
- Fixed: Code clean up.
|
|
|
|
- Fixed: Minor bugs and cosmetic fixes.
|
|
|
|
- Fixed: Modified check_string() to check numbers and returns false if not
|
|
|
|
matched. (Thanx btaber)
|
|
|
|
- Fixed: Correct session handling in login.php (Thanx Yen-Wei Liu)
|
|
|
|
- Fixed: Correct deletion of RFC822 email addresses. (Thanx Yen-Wei Liu)
|
|
|
|
- Removed: Completely removed the site_lib.php.
|
|
|
|
- Removed: my_lib.php from the admin directory.
|
|
|
|
- Removed: Symlink to index.php.
|
|
|
|
|
|
|
|
|
|
|
|
Version 1.4.0 -- 2003/04/07
|
|
|
|
----------------------------
|
|
|
|
- Added: When deleting a domain, all aliases and mailboxes for that domain
|
|
|
|
are also deleted from the database.
|
|
|
|
- Added: Add standard aliases for every domain that is created.
|
|
|
|
These aliases can point to the main "local" administrator.
|
|
|
|
The aliases are configured in the config.php in the admin directory.
|
|
|
|
- Changed: The layout of my_lib.php and site_lib.php have been changed.
|
|
|
|
- Changed: Modifying an alias is now done with TEXTAREA for more
|
|
|
|
flexibility.
|
|
|
|
- Fixed: Minor bugs and cosmetic fixes.
|
|
|
|
|
|
|
|
|
|
|
|
Version 1.3.8a -- 2003/03/31
|
|
|
|
----------------------------
|
|
|
|
- Fixed: After deletion of a domain it would not return to the correct page.
|
|
|
|
|
|
|
|
|
|
|
|
Version 1.3.8 -- 2003/03/25
|
|
|
|
----------------------------
|
|
|
|
- Added: Admin password change. No longer needed to delete and re-enter
|
|
|
|
the admin user for a specific domain.
|
|
|
|
|
|
|
|
|
|
|
|
Version 1.3.7 -- 2002/12/24
|
|
|
|
----------------------------
|
|
|
|
- Initial public release of Postfix Admin.
|
|
|
|
|
|
|
|
|
|
|
|
# vim: set expandtab softtabstop=2 tabstop=2 shiftwidth=2:
|