A small maintenance release this time to get new OS support and update application libraries with the latest security fixes

What's Changed

• Bump lxml from 4.6.3 to 4.6.5 by @dependabot in https://github.com/KHIT93/mailguardian/pull/85
• Bump django from 3.2.8 to 3.2.10 by @dependabot in https://github.com/KHIT93/mailguardian/pull/86
• Bump django from 3.2.10 to 3.2.12 by @dependabot in https://github.com/KHIT93/mailguardian/pull/89
• Bump moment from 2.29.1 to 2.29.2 by @dependabot in https://github.com/KHIT93/mailguardian/pull/93
• Bump url-parse from 1.5.3 to 1.5.10 by @dependabot in https://github.com/KHIT93/mailguardian/pull/92
• Bump follow-redirects from 1.14.4 to 1.14.8 by @dependabot in https://github.com/KHIT93/mailguardian/pull/90
• Bump minimist from 1.2.5 to 1.2.6 by @dependabot in https://github.com/KHIT93/mailguardian/pull/94
• Bump nanoid from 3.1.30 to 3.3.2 by @dependabot in https://github.com/KHIT93/mailguardian/pull/95
• Bump django from 3.2.12 to 3.2.13 by @dependabot in https://github.com/KHIT93/mailguardian/pull/96
• Bump async from 2.6.3 to 2.6.4 by @dependabot in https://github.com/KHIT93/mailguardian/pull/97
• Add support for Ubuntu 22.04
• Update MailScanner in the installer to 5.4.4-1

Full Changelog: https://github.com/KHIT93/mailguardian/compare/2.0.3…2.0.4

This release fixes a small issue where premailer fails to prepare the email for sending to email clients due to use of quite modern CSS features that are not yet supported in premailer.

A minor bugfixes addressing an issue in the installation process where certain configuration files were not properly modified

Next release is up.

This time only a minor bugfix release to address some issues during installation

We are finally here. MailGuardian 2.0.0 is out.
A lot of work has gone into making this release the best one ever.

You can see the full changelog below, but here is the shorthand version, TL;DR

Changes

• Added support for deployment on AlmaLinux 8.x
• Added support for deployment on RockyLinux 8.x
• Added support for deployment on CentOS 8.x
• Added support for deployment on Ubuntu 20.04
• Added support for deployment on Debian 11
• Updated the UI to use TailwindCSS 2.x
• Implemented new audit logging
• Added support for importing various types of data into the system
• Changed the terminology used, so that blacklist and whitelist are removed from our internal codebase
• Update application code to use Django 3.x by @KHIT93 in https://github.com/KHIT93/mailguardian/pull/47
• Updated install scripts by @KHIT93 in https://github.com/KHIT93/mailguardian/pull/46
• Fix installer path and lowercase configure.py by @shawniverson in https://github.com/KHIT93/mailguardian/pull/48
• Install python3-pip and add pytz if missing by @shawniverson in https://github.com/KHIT93/mailguardian/pull/49
• New feature: Compliance by @KHIT93 in https://github.com/KHIT93/mailguardian/pull/51

Full Changelog: https://github.com/KHIT93/mailguardian/compare/1.5.2…2.0.0

RC3 is here.
Not much changed since RC2, but a few things were fixed in the installer for Debian-based systems

RC2 is here. Not much has changed. Mostly fixes to the installer and some cleanup

2.0.0 stable is right around the corner

We have done quite some changes and improvements since the last version.
Mainly we have changes in the UI, as we have now replaced @tailwindcss/ui with the new TailwindCSS 2.x
We have many more plans for the UI and UX improvements in future releases, but we are eager to get 2.0.0 out
Aside from UI, we have also updated the Django framework to the latest Django 3.2.x LTS

This is the second beta release for 2.0.0 and this time we have mostly been working on the logging features as well as the migration script for conversion from plain Postfix to MailScanner Milter

This is the first tagged pre-release of V2 and we will use this to allow users to pretest the V2 changes as well as having an easy way to refer to all the changes that have come when we tag the final 2.0.0 release.
While a new installation is possible from this release, and through examination of the new install scripts, it is possible to upgrade to this pre-release, some things might still change

Major internal changes

• Changed to Django 3.1 as the base framework
• Integrated TailwindCSS @tailwindcss/ui into the project
• New installation script, which works for all supported distributions
• New structure version upgrade scripts

Breaking changes

• django-encrypted-model-fields has been replaced with django-cryptography for better stability and Django 3.x support. This means that any 2FA accounts need to be recreated. We plan to detect this during the upgrade to version 2.0.0 and disable it as well as output which users were impacted. If a possible migration path is found and if we can automate it, we will do so
• Terminolgy changes and name changes for our perl scripts
• Dropped support for Internet Explorer. We now show an error when we detect certain JavaScript features are not supported by the browser

New installation scripts

For 2.0.0, we really wanted to improve our installation procedure, since it has previously been a bit more manual than we wanted and it did therefore have introduction barrier for users not that experienced on the Linux platform.
The new scripts do therefore take care of almost everything. It detects your Linux distribution, checks if Python 3 is installed and if not, it installs it for you. It also installs and configures MailScanner and postfix for you.
We plan to also have the script let you choose the which version of MailGuardian to install and even help you do the full multi-node configuration.

This release does not do much by itself. It does however fix a bug in the two reports See all messages and Perform message operations.
These two reports used some internal functions of the underlying API library to generate the listing data for the report and during this internal function, the dataset was reset and all filtering was removed, so that it gave the same results with and without filters applied

This release just fixes a few minor issues, so nothing hugely important to get installed

Changes

• Fix inconsistency in header spacing for UI cards
• Updated libraries
• Set title attribute for header icons

It has been a long time since the last release, but finally I think that it is time for a new version to come out
This time, we have changed things up a bit with a completely new configuration structure.
Instead of a custom internal JSON-file, we wanted to make something that came a lot closer to what was there in Django by default.
This allows us to get access to every single configuration in standard django settings module and therefore also override any of them.
A simple thing made possible by this would be to send the quarantine reports from different servers than your mailguardian setup.

We might experiment with detaching the frontend web UI completely from MailScanner and postfix, so that the web UI could technically run on any webserver as long as it can connect to the same postgresql database as your mailguardian cluster nodes.

With the new configuration structure also comes an upgrade script, which is responsible for migrating your existing JSON configuration to the new configuration structure.

Aside from the new configuration system, we have also made the following changes/bugfixes:

• Fix a bug where you could set a reporting filer without filling in the required options
• Some bugfixes for the mail queue management
• Fixed a bug where the confirmation screen for password resets would show up blank
• Added upgrade script upgrade.py
• Added support for setting a custom link to get support (This can be used in commercial environments where you want to link to your company helpdesk system)
• Added support for defining a link to submit feedback
• Fix a bug where setting a filter on to/from to does not equal and then an email address or domain you have access to, would case the opposite filtering to go away and display records belonging to everyone else on the system
• Fixed a bug where adding a duplicate whitelist/blacklist entry woufd cause an exception on the backend, but no feedback to the user
• Fixed a bug where messages with a blank subject would cause the message not to get logged

Upgrade to this version

To upgrade to this version, you would need to get the latest version of the sourcecode from the releases page or by pulling directly from GitHub.
Then update python libraries in your virtualenv using pip install -r requirements.txt --upgrade and npm update
Then run the upgrade script python upgrade.py
Next run database migrations with python src/manage.py migrate
Next rebuild the frontend using npm run prod
Without running the upgrade script, nothing will work as the new configuration structure has made some breaking changes to the core of the settings module
Finally restart the ´MailScannerandmailguardian` services to reload both applications

This release is mainly to fix two bugs. One minor UI bug and one a little more problematic.

The UI bug

After we upgraded tailwindcss to version 1.x.x, there was a bug in our CSS code which caused to icons on the form select elements to show over the text/label. This has now been fixed

The template tag bug

The more serious bug fixed in this release is a little more serious. When upgrading to a release where cache keys were appended to static assets, in order to force clearing the browsers assets cache, we did unfortunately make every installation depend on the existence of the mix-manifest.json file.
If the file does not exist, nginx would give a 502 gateway error. Running manage.py runserver would indicate a 500 internal server error and from the output it would be possible to see that it was caused by this file.
The primary victims of this bug would be the nodes of a multi server setup, where the web UI was not running and therefore no assets had to be compiled with npm
In this release, it has been fixed by simply returning the requested with no cache key in the case where mix-manifest.json does not exist.

Upgrading to this release

Download the latest source code and upgrade libraries inside your virtualenv using pip install -r requirements.txt --upgrade and update node packages with npm install and recompile with npm run production

Not much on this release.
We have unfortunately not had much time lately to close some of the feature request listed under our open issues.

So this release is just to upgrade the libraries and packages used to build MailGuardian and therefore no breaking changes or other issues this time.

Download the latest source code and upgrade libraries inside your virtualenv using pip install -r requirements.txt --upgrade and update node packages with npm install and recompile with npm run production

Bugfix release to revert psycopg2 to before version 2.8, as version 2.8.x has had some internal changes and therefore there weere issues with the upgrade on some linux systems.
We have reverted to 2.7.5 to ensure compatiblity until the issues with psycopg2 2.8 have been resolved

Just a short one this time

Basically this release has a focus on getting to Django 2.2 LTS, as well as upgrade and apply security patches to the libraries used by the application. Also the UI part has been updated the the most recent versions as well.

I did not really have to call this release 1.4.0, but it made sense as a lot has changed around the UI since 1.3.4

Upgrade scripts are still being developed, so for the time being, you have to run pip install -r requirements.txt --upgrade and npm install && npm run prod to upgrade packages.

Time for a new release. Mostly some bugfixes and UI changes this time.

Changes

• Some UI tweaks for the application
• Optimized the Dashboard and underlying API to work better
• Add initial support for displaying logos on the UI
• Add support for automatically redirecting back to the requested page if you are not logged in
• Upgrade Django Framework to 2.1.5 for some important security fixes
• Fixed a bug where the mailqueue was only fetched for the local node and not for all nodes (#28 )

Since libraries and assets have changed in this release, you need to update both.

Update assets

Run npm install && npm run prod inside your MailGuardian installation

Update python libraries

Run source bin/activate && pip install -r requirements.txt --upgrade inside your MailGuardian installation

It is time for yet another release. This time we have mostly bugfixes as well as version upgrades for some the libraries we have used.
This means that you have to run pip install -r requirements.txt --upgrade, npm install, npm run prod and python /home/mailguardian/mailguardian/src/manage.py migrate
You will also need to restart MailScanner

Changes

• Increased the refresh interval for the /messages page, as 5 seconds was too quick. New limit is 30 seconds
• Fixed #23
• Fixed #25 for supporting Internet Explorer with a polyfill
• Datatype changes for some fields, as linebreaks in subjects seem to cause problems in Perl
• Fixed #26 regarding some issues with whitelisting and blacklisting

It is time for a new version. This time mostly a bugfix release

Changes

• Fix #22 where a bug was discovered when setting a filter on domain or address as a domain admin
• Fix #20 for domains not always adding to users
• Fix #19 where message actions were hidden when pagination was not needed in message operations report
• Fix #18 where message status did not show on the message operations page
• Some UI fixes for message operations as we were sending entire message objects and not just the ids
• Fix an error on the UI that prevented blacklist/whitelist entries from being added

Also we have made a change to the certbot certificate generation, so that we generate a 4096-bit key instead of the default 2048-bit key

Today we have tagged release 1.3.0
Some exiting new things in this release

Changes in this release

• Added support for translations in the UI and in email templates
• Added support for 2FA
• Added search for users, hosts, domains and relays

As part of adding the 2FA support, we have added a library that requires an encryption key to be defined.
Although we have been working on building an upgrade script, we have not yet finished with it, so in this release you have to manually generate and add the key

Since we have added some things and updated some things, you have to run the following commands after pulling the changes and entering your virtualenv:

pip install -r requirements.txt --upgrade
python /home/mailguardian/mailguardian/src/manage.py migrate
python /home/mailguardian/mailguardian/src/manage.py compilemessages

If you run the code from a git pull or the sourcecode zip-file/tarball, then you also have to do this:

npm install
npm run prod

For this to work, you have to generate a key like the one shown in the mailguardian-env.example.json file.

"encryption_key": "OX3ZuHZIAi2WJtbQIbvOziP4Ux1y2CrUn5jeeOIWYp0=",

Also, you have to add a config_version key to mailguardian-env.json:

"config_version": "1.3.0",

This has to be done before you restart mailguardian.service

It is once again time for a new release.
MailGuardian 1.2.0 comes with a lot of bugfixes and improvements.
This new release has also added support for using the new MailScanner 5.1.x Milter together with Postfix.
The MailScanner Milter is still in an experimental state, so we have only implemented support for using it with incoming email.

We have also updated the underlying Django framework to the latest 2.1.2 version, which means that you need to run pip install -r requirements.txt --upgrade from within your virtual environment.

Issues

As always, feel free to report any issues to us on Github.
You can also contribute to the development of the application by looking at the open issues and help solve them. You can also send us a direct pull request with something you would like to add or something you want to improve

Changes in this release

In this release we address some minor og still critical bugs:

• Fixed an issue where message actions could not be performed against other hosts in a multi node configuration
• Fixed a bug where the loading spinner would lock the application when reaching the login-screen

Changes in this release

• We addressed some security related issues in regards to storing the secret key used for cookie encryption. See note below for how to add this to your mailguardian-env.json file
• Improved the way the UI responds on slower connections, so that users get an instant response of the application loading the next page as soon as they have click the menu item
• Fixed som bugs related to how we determine if a file exists in the quarantine directories and would therefore have to possibility to be released
• Added charts to the different reports that can be viewed as well as improve the amount of data shown
• Improved the jobs running for cleaning the database after the retention period is over
• Add support for static notifications to show on the login screen and on the dashboard

In this release we have made changes to the database structure, which means that you have to populate these changes on to the database with python src/manage.py migrate from inside your virtualenv.

This release comes with changed assets, which means that you will need to run npm install and npm run prod to recompile these if you are running on the raw sourcecode or directly from pulling the changes from GitHub.
If you are using the prebuilt bundle, you simple have to download and replace the files.

Changes since 1.0.0-rc.3

• Fixed an issue where the quarantine report would render an empty table when no messages have been caught. Now it renders a nice message telling the user that there was not spam caught since the last report
• Fixed some issues with the statistics for the dashboard, so that now we get the statistics and the graphical chart
• Upgraded to latest Django 2.1 codebase
• Added domain-level and user-level filtering for the dashboard, so that users only see statistics for their own emails and domain administrators only see statistics for the domains assigned to them
• Implemented a log processing command, to sync the transport log data to the database so that users can see delivery status of inbound and outbound messages in the webinterface
• Fixed parts of #9 so that the user now gets instant loading screen when clicking a menu item instead of having to wait for the destination page to start loading.
• Added a new Tasks API as described in #10 and we will be improving on this in the near future
• Added some updated instructions for the README file, since some people have had recurring questions for how to increase the size of messages being scanned by SpamAssassin

Attached you will find a prebuilt bundle where you do not need to have NodeJS installed to get it working.
If you are running/getting the application with Git, then you do need NodeJS to recompile the sourcecode javascript and styles (CSS).

Increasing the size limit for when message scan is skipped

Change the Max SpamAssassin Size and Max Spam Check Size of /etc/MailScanner/MailScanner.conf and restart MailScanner. Be careful not to set this to high, as bigger messages will increase the processing time for SpamAssassin when evaluating a large message.

Issues

If you find any issues during the usage of the application, please fill in an issue with as much information as possible and we will gladly assists you in the task of fixing the issue.

Fixes

If you would like to contribute a fix or some updated code to the project, please feel free to create a pull request.

Changes since 1.0.0-rc.2

• Tweak the new update notification screen
• A lot of UI tweak and refactoring of the CSS
• Bugfixes for setup_cron command

As with previous releases, we will release a prebuilt bundle where you do not need to have NodeJS installed to get it working.
If you are running the application with Git, then you do need NodeJS to recompile the sourcecode javascript and styles to code that actually works in the browser.

A few more bugfixes might come during the coming weeks, and hopefully we will launch stable 1.0.0 around the beginning of August 2018.

Important notice

In this release we found a bug, where the setup_cron command would generate incorrect crontab entries, resulting in cronjobs not running. We have fixed the issue, so you simply have to clear the crontab for your application user and then re-run the setup_cron command.

Issues

If you find any issues during the usage of the application, please fill in an issue with as much information as possible and we will gladly assists you in the task of fixing the issue.

Fixes

If you would like to contribute a fix or some updated code to the project, please feel free to create a pull request.

Changes since 1.0.0-rc.1

• A lot of code cleanup
• Made the audit log visible in the browser
• Added support for outgoing email scanning using SMTP relay in postfix
• Added a management command to automatically install application cron jobs
• A lot of bugfixes

As with previous releases, we will release a prebuilt bundle where you do not need to have NodeJS installed to get it working.
If you are running the application with Git, then you do need NodeJS to recompile the sourcecode javascript and styles to code that actually works in the browser.

A few more bugfixes might come during the coming weeks, and hopefully we will launch stable 1.0.0 around the beginning of August 2018.

I cannot wait until the day.

Issues

If you find any issues during the usage of the application, please fill in an issue with as much information as possible and we will gladly assists you in the task of fixing the issue.

Fixes

If you would like to contribute a fix or some updated code to the project, please feel free to create a pull request.

It has been a long journey since I started developing this application back in December of 2017. Now we are 8 months later and over 350 commits and I can finally tag the first release candidate of version 1.0.0

The only thing remaining is to get the application tested in production. I have already deployed some servers to handle spam filtering for some of my own projects and will start to see how that runs.

As a lot of might have noticed, there is currently no test suite for the application and I will be working on that in the coming months. If anyone is up for the challenge to contribute a set of unit tests and feature tests, please submit a Pull Request.

Changes in this release

• Fixed a few UI bugs
• Make the UI aware of a multi-node configuration
• Add a section on the domain, where you will be able to see the DNS configuration needed to use the domain with the servers deployed with this application
• Add support for configuration of the DNS in either failover mode og balancing-mode
• A lot of adjustments and bugfixes for the installation script

Important message

This software is still in the development stages and we might still introduce breaking changes, without an automatic migration path.
Please note that while the README.md contains some instructions for MailScanner configuration using postfix, we do still not provide full installation details for the entire installation and therefore you might need to look at the MailScanner website as well.

Supported MTA's

At the moment we do only support postfix with pgsql support built in. Support for sendmail and exim will be added along the way. Please also note that the software was developed and tested on Debian 9 Stretch using Python 3.5, Python 3.6 and Python 3.7.

Asset compilation

In this release, we have provided an experimental bundle, which contains precompiled assets, so that you will only need to download and extract the file. After that you need to configure your webserver and create the virtualenv.
Until the software reaches a stable 1.0.0, we will not provide an officially precompiled set of frontend assets, which means that you might need to have NodeJS installed on the system where you will be running the application, so that you can compile the assets yourself, if you are facing issues.

The light at the end of the tunnel is near, as we release 1.0.0-beta.2 today.
This new release brings some really great features and polishes the installation procedure.

Breaking changes

• The endpoint for message actions has changed, so if you are running from the github sourcecode, you need to recompile the assets with NodeJS
• Python dependencies have changed, so you need to rerun pip install -r requirements.txt and python src/manage.py migrate

Other changes

• Added support for multiple hosts
• Updated the installation script to match the latest sourcecode

Important message

This software is still in the development stages and we might still introduce breaking changes, without an automatic migration path.
Please note that while the README.md contains some instructions for MailScanner configuration using postfix, we do still not provide full installation details for the entire installation and therefore you might need to look at the MailScanner website as well.

Supported MTA's

At the moment we do only support postfix with pgsql support built in. Support for sendmail and exim will be added along the way. Please also note that the software was developed and tested on Debian 9 Stretch using Python 3.5, Python 3.6 and Python 3.7.

Asset compilation

In this release, we have provided an experimental bundle, which contains precompiled assets, so that you will only need to download and extract the file. After that you need to configure your webserver and create the virtualenv.
Until the software reaches a stable 1.0.0, we will not provide an officially precompiled set of frontend assets, which means that you might need to have NodeJS installed on the system where you will be running the application, so that you can compile the assets yourself, if you are facing issues.