Improvements

• webmail: Change many inline styles to using css classes, and add dark mode. (#163 by mattfbacon, a16c08681b71)
• webmail: In compose window, merge close & cancel button, and align buttons on the right. (4d28a02621f2)
• mox backup: Add hint about systemd ReadWritePaths if hardlinking fails on linux due to cross-device link. (#170 by rdelaage, 44a6927379cd)
• mox backup: Clarify behaviour with destination directory, and exit code. (#172 by RobSlgm, 1fc8f165f75e)
• When removing account, remove its data directory instead of leaving it around. (#162 by RobSlgm & x8x, 30ac690c8f64)
• Give more helpful pointers for dns-related setup, such as troubleshooting dns resolving, and multi-line dkim dns records. (#158, [#164], vipas84, RobSlgm, 83004bb18e3c)
• Improve http request handling for internal services (web interfaces) and multiple domains. The handler for /admin/ is now only enabled on the listener (machine) host name by default, no longer all hosted domains. The internal handlers (for admin, account, webmail, webapi), can now also be explicitly configured in the webserver section, for additional/custom endpoints to serve those services on. (#160 by TragicLifeHu, 614576e409a6)
• During DNS self-check, if the SRV records with just a dot (for a non-existent service), is missing, show as warning, not as error. (#184 by morki, e350af7eed68)
• During DNS self-check, warn when DANE is not configured (through static host keys), instead of showing "OK". (#185 by morki, 73373a19c134)
• Systemd service file now syslogs as facility "mail". (by kiekerjan, 151bd1a9c044)
• Add favicon to web interfaces. Admins can use the webserver config to serve a different file. (#186 by morki, c629ae26afee)
• Attempts at improving interoperability with SMTP clients and the "login" SASL authentication mechanism. (#51 by hmfaysal, [#223] by gdunstone & wneessen, aead73883601, 7ecc3f68ce92)
• Recognize more charsets than utf-8/iso-8859-1/us-ascii when parsing message headers with addresses. (#204 by morki, 5678b0332486)
• webapi: Implement adding "alternative files" to messages sent with the Send method. (#188 by morki, 6c488ead0b9e)
• webmail: Add setting to show html version of a message by default, instead of text version. (#196 by GildedHonour, b77f44ab5819)
• When login sessions to admin/account/webmail interfaces expiry or are no longer valid, explain the reason in the message above the login form. (#202 by ally9335, a977082b89db)
• webapi: Add "RcptTo" to webapi MessageGet result. (mattanja on matrix, b0c4b090102c)
• webadmin: At managing aliases, mention an alias member won't receive a message if the member address is in the message From header. (#220 by wneessen, bbc419c6ab91)
• In ACME port config option, explain why using a HTTPS reverse proxy will not work for ACME tls-alpn-01 verification. (#218 by mgkirs, 7d3f3071561b)
• Add more details to X-Mox-Reason message header added during delivery, for understanding why a message is accepted/rejected. (#179 by Fell, [#157] by mattfbacon, 32b549b260a1)
• Many small improvements.

Bug fixes

• webadmin: Propagate error when quota size cannot be parsed, improve parsing and hint in error message. (#115 by pmarini-nc, 72be3e8423f6)
• webadmin: Don't show js runtime typecheck errors for invalid values in DMARC and TLS reports. (#161 by RobSlgm, a2c9cfc55be6)
• webmail: In list of From address to use in compose window, don't add the catchall address. (1a0a396713ab)
• webmail: Only show "edit" button on drafts, and similar for "e" shortcut. (8254e9ce66d2)
• webadmin: Show correct host TLSRPT record in dns selfcheck, and make all suggested dns records absolute. (#182 by mdavids, 9bab3124f6fa)
• Show the same SPF record for a domain in the dnsrecords and dnscheck output/pages. (#176 by rdelaage & RobSlgm, 7e54280a9d9d)
• Fix parsing message headers with addresses that need double quotes. (#199 by gene-hightower, 016fde8d7832)
• Reject attempts at STARTTLS for SMTP & IMAP when no TLS config is present. Instead of dereferencing a nil pointer, which is caught by the go runtime, with fallback error handling gracefully closing the SMTP connection. (a7bdc41cd407)
• For certain errors during SCRAM authentication, handle errors more gracefully instead of aborting the connection. (#222 by wneessen, c7315cb72d65)
• For messages retired from the delivery queue, set "success" field properly, and include the SMTP code/enhanced code on success too (not only on failure). (fdc0560ac4e7)
• webmail: Fix loading a "view" (messages in a mailbox) when the "initial" message cannot be parsed. (#219 by wneessen, fb65ec0676ab)
• smtpclient: Handle server closing connection after writing its response to RCPT TO in pipelined mode. (#198 by soheilpro, 17346d6def1d)
• imapserver: Prevent unbounded memory allocations when handling a command (solves same problem as in CVE-2024-34055). (aef99a72d8f8)
• For incoming SMTP deliveries with STARTTLS, use certificate of hostname if SNI hostname is unknown. Instead of failing the connection because no certificates are available. Fixes interoperability with SMTP clients that do opportunistic SMTP without sending a hostname. (#206 by RobSlgm, 62bd2f442731)

Update instructions

Before upgrading, do a dry-run first.

• Make a temporary backup with the old mox version: mox-v0.0.11 backup data/tmp/testupgrade
• Verify that all is well with the old version: mox-v0.0.11 verifydata data/tmp/testupgrade
• Verify the state with the new version: mox-v0.0.12 verifydata data/tmp/testupgrade

With a successful dry-run, the upgrade should go smoothly. Make a new backup with mox-v0.0.11 backup data/tmp/backup (the previous backup was modified by the dry-run, so couldn't be used to restore!), replace the binary and restart. For further details, see https://www.xmox.nl/faq/#hdr-how-do-i-upgrade-my-mox-installation

If you run into any problems, please create a bug report.

After upgrading, you may want to run "mox reparse" to parse the message headers of all messages in all accounts. Message headers for addresses with character sets other than us-ascii/utf-8/iso-8859-1 will be fixed.

Thanks

Thanks for all contributions, bug reports, feedback and discussions. It improves mox, keep it coming!

Development on mox is funded through the NLnet NGI0 Entrust Fund, https://nlnet.nl/entrust/, with financial support from the European Commission's Next Generation Internet programme.

Downloading & compiling

See https://www.xmox.nl/install/#hdr-download.