mailcow
Dockerized groupware and mail server suite with webmail
Alternative to: google workspace, gmail, microsoft 365, zoho mail, fastmail
2026-05c
2026-05-26This update includes an Nginx version bump, a security fix for unbound CVE-2026-33278, updated GitHub Actions, and translation updates.
2026-05b
2026-05-21Updates Nginx to 1.30.1, adds Uzbek language support, updates translations, and fixes HTML escaping in the quarantine table.
2026-05a
2026-05-13Updates SOGo to version 5.12.8 to address four security issues.
2026-05
2026-05-12This update addresses a security issue, updates Postfix postscreen_access.cidr, improves HTML escaping in the web interface, and updates translations.
2026-03b
2026-03-31This update addresses several security-related issues, specifically improving input validation and escaping for the Dovecot web component.
2026-03a
2026-03-13This update fixes LDAP and Keycloak authentication errors, resolves ACME DNS-01 challenge conflicts, and addresses a theme storage collision.
2026-03
2026-03-10Introduces forced 2FA setup, passwordless autodiscover, and DNS challenges for ACME, alongside updates to SOGo and Rspamd and various bug fixes.
2026-01
2026-01-29This release introduces PBKDF2-SHA512 support, MTA-STS for alias domains, configurable display names, and various UI improvements and dependency updates.
2025-12a
2025-12-12This update fixes login announcement rendering, reverts cron syntax for sa-rules, improves backup image prefetching, and adds PBKDF2-SHA512 hash algorithm support.
2025-12
2025-12-09This update includes various bug fixes, dependency updates, Vietnamese language support, a shift to zstd for backup compression, and security hardening for Nginx.
2025-10a
2025-10-24This release disables PHP opcache.jit, adds Vietnamese language support, updates translations, and updates several dependencies and the Alpine docker tag.
2025-10
2025-10-15Updated Redis and Rspamd, optimized phpfpm opcache, and implemented various bug fixes and security improvements for the web interface and LDAP autodiscover.
2025-09c
2025-10-07This update introduces SOGo URL encryption, enhances web security settings, improves IPv6 handling, and includes various bug fixes and translation updates.
2025-09b
2025-09-12This release includes IPv6 controller and Nginx configuration fixes, removes a deprecated SOGo SQL trigger, and cleans up an unused column in the alias table.
2025-09a
2025-09-10Improved IPv6 controller detection, updated scripts submodule handling, and adjusted daemon.json content for Docker 28.
2025-09
2025-09-10This update adds MTA-STS support via a new container, introduces an IPv6 controller requiring the host to have jq installed, and includes various feature enhancements and bug fixes.
2025-07
2025-07-15This update fixes a critical remote code execution vulnerability and includes various configuration updates and translation improvements.
2025-05
2025-05-13Introduces the ability to disable Olefy, expands OAuth2 redirect URL domains, adds web login enhancements, and includes various bug fixes for Dovecot, Postfix, and Rspamd.
2025-03b
2025-04-07This minor release provides bug fixes for the 2025-03 version, including updates to SOGo, Postfix, and various web and system improvements.
2025-03a
2025-03-27This release provides various bug fixes for Nginx, the web interface, and Swagger documentation for the 2025-03 release.
2025-03
2025-03-25This release introduces separated login portals, support for external Identity Providers, and updates Alpine images to 3.21.
2025-02
2025-02-27This release upgrades MariaDB to 10.11, migrates docker images to GitHub Container Registry, updates Rspamd, and fixes Dovecot login regexes.
2025-01a
2025-02-04This update fixes a security issue, updates clamd to 1.4.2, removes Nixspam DNSBL, and introduces various improvements to Nginx and Postfix configurations.
2025-01
2025-01-23This update replaces Solr FTS with Xapian, removes the integrated Nextcloud helper-script, fixes a security issue, and introduces various UI and configuration improvements.
2024-11b
2024-11-15This release fixes bugs from the previous revision, including increasing the MySQL thread stack and updating maildir and password reset handling in the web interface.
2024-11a
2024-11-12Revision A for 2024-11 fixes critical bugs, updates Sogo, corrects the PHP image, and improves the update script's DNS blocklist handling.
2024-11
2024-11-07This release includes various dependency updates, translation improvements, and new features like email address renaming and Redis session storage for PHP-FPM.
2024-08a
2024-08-20This release includes various bug fixes, Dockerfile refactors, a transition to mariadb-admin, and improved character encoding and parsing.
2024-08
2024-08-15This release introduces a forgot password flow, updates Rspamd and Sogo, and includes various bug fixes and translation updates.
2024-07
2024-08-05This release addresses critical security vulnerabilities, including a 2FA bypass and XSS flaws, while updating DMARC handling and Postfix CIDR access.
2024-06c
2024-07-12This release reverts updates to the debug.twig file and the PHP rebase on Debian 12.
2024-06b
2024-07-12This update includes improvements to the THREADS regular expression, a PHP rebase on Debian 12 to fix a DNS bug, and updates to the Postfix postscreen access list.
2024-06a
2024-06-27This release reverts recent translation updates and fixes a broken PHP container caused by curl DNS resolution issues.
2024-06
2024-06-27Updates Postfix to 3.7.10 and Debian 12, dropping support for TLS 1.0 and 1.1, introduces an experimental Flatcurve FTS engine, and updates Alpine containers to 3.20.
2024-04
2024-04-04This release fixes two security vulnerabilities (CVE-2024-31204 and CVE-2024-30270), upgrades Sogo to 5.10.0, and includes various translation updates and configuration improvements.
2024-02
2024-02-15This release includes various web UI bug fixes, improved domain name display, Rspamd alias domain footer support, and Netfilter ban time limit corrections.
2024-01e
2024-02-08This release includes netfilter rule fixes, a SOGo crash fix for older kernels, Dovecot timezone logging corrections, and Unbound healthcheck updates.
2024-01d
2024-02-02Fixed Dovecot replication health reporting and updated the Netfilter image to resolve connectivity issues.
2024-01c
2024-02-02This update includes a critical security fix, anSogo ACL fixes, Postfix CIDR updates, and netfilter isolation rules.
2024-01b
2024-01-22This release introduces the ability to skip unbound healthchecks, improves OpenRC configuration detection, and fixes bugs related to watchdog webhook variables and curl.
2024-01a
2024-01-18Increased the healthcheck timeout for unbound.
2024-01
2024-01-172023-12a
2023-12-29This update includes a Nextcloud server dependency upgrade, translation updates, and Postfix configuration changes regarding X-Mailer headers and bare newline restrictions.
2023-12
2023-12-19This release introduces nftables support, a new f2b_banlist endpoint, webhook notifications for the watchdog, and various dependency and translation updates.
2023-11a
2023-12-07This release includes a new spam-score API endpoint, Rspamd and Nextcloud updates, footer improvements, and various bug fixes for update scripts and ratelimits.
2023-11
2023-11-21This release includes a critical security fix for the Quarantine UI, Rspamd and Nextcloud updates, new translation additions, and various UI improvements.
2023-10a
2023-10-12Fixed the Clamd Version image in compose and reverted the removal of the restart action for older compose versions.
2023-10
2023-10-12This release includes various dependency updates, web UI enhancements like dark mode support, CPU load fixes for the dockerapi container, and several translation updates.
2023-09
2023-09-29Includes a critical fix for SOGo on macOS 14 (Sonoma) via an update to version 5.9.0.
2023-08
2023-08-03Updates Postfix configurations for main.cf merging, dns_blocklists.cf generation, and postscreen_dnsbl_reply_map to prevent DQS key disclosure.
2023-07a
2023-07-31This release updates SOGo to 5.8.4 and includes several Postfix improvements regarding DNS blocklists and ASN check response codes.
2023-07
2023-07-28lH {"description": "No release notes provided. The input containsB thought {"descriptionK" : "The provided input contains corrupted text and no valid release notes to analyze."}
2023-05a
2023-05-30This release updates Dovecot to version 1.24 to fix a critical password change vulnerability (CVE-2023-34108) and updates the Nextcloud server dependency.
2023-05
2023-05-25This release includes various web UI fixes, translation updates, an Alpine Docker tag update to v3.18, and improved synchronization defaults.
2023-04b
2023-04-20This release includes BS5 fixes, SOGo and Nextcloud updates, performance optimizations for mailbox management, and various bug fixes.
2023-04a
2023-04-03Hotfix to resolve Nextcloud 26 upgrade issues by adding a PHP 8.2 version check.
2023-04
2023-04-03This release updates PHP to 8.2, upgrades SOGo and Netfilter, improves Rspamd forwarding, and includes various bug fixes and translation updates.
2023-03
2023-03-03This security update fixes CVE-2023-26490 in Imapsync, updates Nextcloud, and includes general container OS updates and bug fixes.
2023-02a
2023-02-17This update includes critical security fixes for ClamAV, various dependency updates, translation improvements, and UI fixes for FIDO2 login and mbox sorting.
2023-02
2023-02-02This release includes translation updates, SOGo fixes, SSO for domain admins, quarantine pagination support, and dependency updates.
2023-01a
2023-01-25This release includes dependency updates for Alpine and Nextcloud, fixes for Nextcloud installation and the DockerAPI, and improvements to Acme IP check bypass and Rspamd.
2023-01
2023-01-19This release updates Dovecot to 2.3.20, improves the Nextcloud helper script, applies UI fixes,H, and updates various GitHub Actions and translations.
2022-12b
2022-12-27Updated translations and upgraded DataTables to v1.13.1 to resolve crashes in non-English locales.
2022-12a
2022-12-26This release includes various UI fixes, bug corrections for date sorting and locale algorithms, and improvements to the compose updater.
2022-12
2022-12-24This release migrates the Web UI to Bootstrap 5, updates base images to Alpine 3.17, updates Nextcloud to 25 and Clamd to 1.0, and includes various bug fixes and translation updates.
2022-11b
2022-12-13Fixes a SoGO/CalDav personal calendar issue on macOS 13 and increases the update script timeout for online status checks.
2022-11a
2022-12-12Updated German language translations and disabled automatic IMAPSYNC deactivation following a memory leak fix.
2022-11
2022-12-01This release updates PHP to 8.1, Rspamd to 3.4, and SOGo to 5.8.0 nightly, while adding new API documentation and GitHub Actions.
2022-10a
2022-10-26This update features a patched Netfilter image, a downgrade of Rspamd to version 3.2 stable, and fixes for quote escaping and quarantine item parsing.
2022-10
2022-10-25This update includes Netfilter fixes, Redis and Rspamd upgrades, backup performance improvements with PIGZ, Traditional Chinese translation, and several UI enhancements.
2022-09a
2022-09-30Updated Twig to version 3.4.3 to address CVE-2022-39261.
2022-09
2022-09-27This release includes security hardening for GitHub workflows, a fix for a Swagger UI CVE, and various improvements to the API and user interface.
2022-08b
2022-09-08This release includes a modification to the branch switch in generate_config.sh and a fix for SOGo regarding Sieve.
2022-08a
2022-09-02Fixes compatibility issues with older v2 Compose Plugin versions and resolves a Sieve Error affecting IMAP clients and SOGo.
2022-08
2022-09-01Updates include TFA flow improvements, update.sh enhancements, SOGo 5.7.1 update, and a Bootstrap 5 UI redesign for nightly builds.
2022-07a
2022-07-29This release updates ClamAV to 0.105.1, improves the domain API schema, and increases the TFA keyHandle maximum length.
2022-07
2022-07-14This release updates SOGo and Dovecot, improves the TFA flow and FIDO2 registration, and introduces CI updates and various bug fixes.
2022-06b
2022-06-23Added auto-correction for composev1 Binds in compose.yml and fixed an IMAPSYNC issue when no custom parameter is set.
2022-06a
2022-06-23This release includes translation updates, IMAPSYNC exploit hardening, DKIM key reuse, and now requires Docker-Compose v2.
2022-06
2022-06-07This release improves Mailadmin performance, updates several base images and components including ClamAV and Postfix, and upgrades to Docker Compose v2.
2022-05d
2022-05-19Security update addressing CVE-2022-31245 by removing case-sensitive PIPEMESS and PIPEMES parameters from Imapsync and the database.
2022-05c
2022-05-13The Swagger UI now explicitly defines the used OpenAPI specifications.
2022-05b
2022-05-12This release includes aB a fix for the mailbox API endpoint and UI improvements for domain tagging and footCL footable opacity.
2022-05a
2022-05-05Readded the .gitkeep file to the web templates cache directory.
2022-05
2022-05-05This update introduces domain and mailbox tagging, updates SOGo to 5.6.0, adds an API version endpoint, and includes various fixes for NGINX, Dovecot, and Clamd.
2022-04
2022-04-05Updates ClamAV, Rspamd, and SOGo, enables autodiscover for app passwords, and includes various translation and configuration fixes.
2022-03a
2022-03-17This update fixes minor bugs and graphical issues, updates Twig for security, and migrates the backup and restore script to Debian Bullseye.
2022-03
2022-03-02This update includes version upgrades for Dovecot, ClamAV, Rspamd, and Olefy, along with minor bug fixes for the UI and console warnings.
2022-01a
2022-02-01This hotfix adds a version tag to the UI, improves passwordless SOGo authentication, updates the autoreply schedule, and fixes a FIDO2 authentication bug.
2022-01
2022-01-21Updates include replacing the U2F API with WebAuthn for 2FA, updating SOGo, ClamAV, and Solr for security fixes, and resolving various container bugs.