mailcow logo

mailcow

Dockerized groupware and mail server suite with webmail

Alternative to: google workspace, gmail, microsoft 365, zoho mail, fastmail


About Versions (90)

2026-05c

2026-05-26

This update includes an Nginx version bump, a security fix for unbound CVE-2026-33278, updated GitHub Actions, and translation updates.

2026-05b

2026-05-21

Updates Nginx to 1.30.1, adds Uzbek language support, updates translations, and fixes HTML escaping in the quarantine table.

2026-05a

2026-05-13

Updates SOGo to version 5.12.8 to address four security issues.

2026-05

2026-05-12

This update addresses a security issue, updates Postfix postscreen_access.cidr, improves HTML escaping in the web interface, and updates translations.

2026-03b

2026-03-31

This update addresses several security-related issues, specifically improving input validation and escaping for the Dovecot web component.

2026-03a

2026-03-13

This update fixes LDAP and Keycloak authentication errors, resolves ACME DNS-01 challenge conflicts, and addresses a theme storage collision.

2026-03

2026-03-10

Introduces forced 2FA setup, passwordless autodiscover, and DNS challenges for ACME, alongside updates to SOGo and Rspamd and various bug fixes.

2026-01

2026-01-29

This release introduces PBKDF2-SHA512 support, MTA-STS for alias domains, configurable display names, and various UI improvements and dependency updates.

2025-12a

2025-12-12

This update fixes login announcement rendering, reverts cron syntax for sa-rules, improves backup image prefetching, and adds PBKDF2-SHA512 hash algorithm support.

2025-12

2025-12-09

This update includes various bug fixes, dependency updates, Vietnamese language support, a shift to zstd for backup compression, and security hardening for Nginx.

2025-10a

2025-10-24

This release disables PHP opcache.jit, adds Vietnamese language support, updates translations, and updates several dependencies and the Alpine docker tag.

2025-10

2025-10-15

Updated Redis and Rspamd, optimized phpfpm opcache, and implemented various bug fixes and security improvements for the web interface and LDAP autodiscover.

2025-09c

2025-10-07

This update introduces SOGo URL encryption, enhances web security settings, improves IPv6 handling, and includes various bug fixes and translation updates.

2025-09b

2025-09-12

This release includes IPv6 controller and Nginx configuration fixes, removes a deprecated SOGo SQL trigger, and cleans up an unused column in the alias table.

2025-09a

2025-09-10

Improved IPv6 controller detection, updated scripts submodule handling, and adjusted daemon.json content for Docker 28.

2025-09

2025-09-10

This update adds MTA-STS support via a new container, introduces an IPv6 controller requiring the host to have jq installed, and includes various feature enhancements and bug fixes.

2025-07

2025-07-15

This update fixes a critical remote code execution vulnerability and includes various configuration updates and translation improvements.

2025-05

2025-05-13

Introduces the ability to disable Olefy, expands OAuth2 redirect URL domains, adds web login enhancements, and includes various bug fixes for Dovecot, Postfix, and Rspamd.

2025-03b

2025-04-07

This minor release provides bug fixes for the 2025-03 version, including updates to SOGo, Postfix, and various web and system improvements.

2025-03a

2025-03-27

This release provides various bug fixes for Nginx, the web interface, and Swagger documentation for the 2025-03 release.

2025-03

2025-03-25

This release introduces separated login portals, support for external Identity Providers, and updates Alpine images to 3.21.

2025-02

2025-02-27

This release upgrades MariaDB to 10.11, migrates docker images to GitHub Container Registry, updates Rspamd, and fixes Dovecot login regexes.

2025-01a

2025-02-04

This update fixes a security issue, updates clamd to 1.4.2, removes Nixspam DNSBL, and introduces various improvements to Nginx and Postfix configurations.

2025-01

2025-01-23

This update replaces Solr FTS with Xapian, removes the integrated Nextcloud helper-script, fixes a security issue, and introduces various UI and configuration improvements.

2024-11b

2024-11-15

This release fixes bugs from the previous revision, including increasing the MySQL thread stack and updating maildir and password reset handling in the web interface.

2024-11a

2024-11-12

Revision A for 2024-11 fixes critical bugs, updates Sogo, corrects the PHP image, and improves the update script's DNS blocklist handling.

2024-11

2024-11-07

This release includes various dependency updates, translation improvements, and new features like email address renaming and Redis session storage for PHP-FPM.

2024-08a

2024-08-20

This release includes various bug fixes, Dockerfile refactors, a transition to mariadb-admin, and improved character encoding and parsing.

2024-08

2024-08-15

This release introduces a forgot password flow, updates Rspamd and Sogo, and includes various bug fixes and translation updates.

2024-07

2024-08-05

This release addresses critical security vulnerabilities, including a 2FA bypass and XSS flaws, while updating DMARC handling and Postfix CIDR access.

2024-06c

2024-07-12

This release reverts updates to the debug.twig file and the PHP rebase on Debian 12.

2024-06b

2024-07-12

This update includes improvements to the THREADS regular expression, a PHP rebase on Debian 12 to fix a DNS bug, and updates to the Postfix postscreen access list.

2024-06a

2024-06-27

This release reverts recent translation updates and fixes a broken PHP container caused by curl DNS resolution issues.

2024-06

2024-06-27

Updates Postfix to 3.7.10 and Debian 12, dropping support for TLS 1.0 and 1.1, introduces an experimental Flatcurve FTS engine, and updates Alpine containers to 3.20.

2024-04

2024-04-04

This release fixes two security vulnerabilities (CVE-2024-31204 and CVE-2024-30270), upgrades Sogo to 5.10.0, and includes various translation updates and configuration improvements.

2024-02

2024-02-15

This release includes various web UI bug fixes, improved domain name display, Rspamd alias domain footer support, and Netfilter ban time limit corrections.

2024-01e

2024-02-08

This release includes netfilter rule fixes, a SOGo crash fix for older kernels, Dovecot timezone logging corrections, and Unbound healthcheck updates.

2024-01d

2024-02-02

Fixed Dovecot replication health reporting and updated the Netfilter image to resolve connectivity issues.

2024-01c

2024-02-02

This update includes a critical security fix, anSogo ACL fixes, Postfix CIDR updates, and netfilter isolation rules.

2024-01b

2024-01-22

This release introduces the ability to skip unbound healthchecks, improves OpenRC configuration detection, and fixes bugs related to watchdog webhook variables and curl.

2024-01a

2024-01-18

Increased the healthcheck timeout for unbound.

2024-01

2024-01-17

2023-12a

2023-12-29

This update includes a Nextcloud server dependency upgrade, translation updates, and Postfix configuration changes regarding X-Mailer headers and bare newline restrictions.

2023-12

2023-12-19

This release introduces nftables support, a new f2b_banlist endpoint, webhook notifications for the watchdog, and various dependency and translation updates.

2023-11a

2023-12-07

This release includes a new spam-score API endpoint, Rspamd and Nextcloud updates, footer improvements, and various bug fixes for update scripts and ratelimits.

2023-11

2023-11-21

This release includes a critical security fix for the Quarantine UI, Rspamd and Nextcloud updates, new translation additions, and various UI improvements.

2023-10a

2023-10-12

Fixed the Clamd Version image in compose and reverted the removal of the restart action for older compose versions.

2023-10

2023-10-12

This release includes various dependency updates, web UI enhancements like dark mode support, CPU load fixes for the dockerapi container, and several translation updates.

2023-09

2023-09-29

Includes a critical fix for SOGo on macOS 14 (Sonoma) via an update to version 5.9.0.

2023-08

2023-08-03

Updates Postfix configurations for main.cf merging, dns_blocklists.cf generation, and postscreen_dnsbl_reply_map to prevent DQS key disclosure.

2023-07a

2023-07-31

This release updates SOGo to 5.8.4 and includes several Postfix improvements regarding DNS blocklists and ASN check response codes.

2023-07

2023-07-28

lH {"description": "No release notes provided. The input containsB thought {"descriptionK" : "The provided input contains corrupted text and no valid release notes to analyze."}

2023-05a

2023-05-30

This release updates Dovecot to version 1.24 to fix a critical password change vulnerability (CVE-2023-34108) and updates the Nextcloud server dependency.

2023-05

2023-05-25

This release includes various web UI fixes, translation updates, an Alpine Docker tag update to v3.18, and improved synchronization defaults.

2023-04b

2023-04-20

This release includes BS5 fixes, SOGo and Nextcloud updates, performance optimizations for mailbox management, and various bug fixes.

2023-04a

2023-04-03

Hotfix to resolve Nextcloud 26 upgrade issues by adding a PHP 8.2 version check.

2023-04

2023-04-03

This release updates PHP to 8.2, upgrades SOGo and Netfilter, improves Rspamd forwarding, and includes various bug fixes and translation updates.

2023-03

2023-03-03

This security update fixes CVE-2023-26490 in Imapsync, updates Nextcloud, and includes general container OS updates and bug fixes.

2023-02a

2023-02-17

This update includes critical security fixes for ClamAV, various dependency updates, translation improvements, and UI fixes for FIDO2 login and mbox sorting.

2023-02

2023-02-02

This release includes translation updates, SOGo fixes, SSO for domain admins, quarantine pagination support, and dependency updates.

2023-01a

2023-01-25

This release includes dependency updates for Alpine and Nextcloud, fixes for Nextcloud installation and the DockerAPI, and improvements to Acme IP check bypass and Rspamd.

2023-01

2023-01-19

This release updates Dovecot to 2.3.20, improves the Nextcloud helper script, applies UI fixes,H, and updates various GitHub Actions and translations.

2022-12b

2022-12-27

Updated translations and upgraded DataTables to v1.13.1 to resolve crashes in non-English locales.

2022-12a

2022-12-26

This release includes various UI fixes, bug corrections for date sorting and locale algorithms, and improvements to the compose updater.

2022-12

2022-12-24

This release migrates the Web UI to Bootstrap 5, updates base images to Alpine 3.17, updates Nextcloud to 25 and Clamd to 1.0, and includes various bug fixes and translation updates.

2022-11b

2022-12-13

Fixes a SoGO/CalDav personal calendar issue on macOS 13 and increases the update script timeout for online status checks.

2022-11a

2022-12-12

Updated German language translations and disabled automatic IMAPSYNC deactivation following a memory leak fix.

2022-11

2022-12-01

This release updates PHP to 8.1, Rspamd to 3.4, and SOGo to 5.8.0 nightly, while adding new API documentation and GitHub Actions.

2022-10a

2022-10-26

This update features a patched Netfilter image, a downgrade of Rspamd to version 3.2 stable, and fixes for quote escaping and quarantine item parsing.

2022-10

2022-10-25

This update includes Netfilter fixes, Redis and Rspamd upgrades, backup performance improvements with PIGZ, Traditional Chinese translation, and several UI enhancements.

2022-09a

2022-09-30

Updated Twig to version 3.4.3 to address CVE-2022-39261.

2022-09

2022-09-27

This release includes security hardening for GitHub workflows, a fix for a Swagger UI CVE, and various improvements to the API and user interface.

2022-08b

2022-09-08

This release includes a modification to the branch switch in generate_config.sh and a fix for SOGo regarding Sieve.

2022-08a

2022-09-02

Fixes compatibility issues with older v2 Compose Plugin versions and resolves a Sieve Error affecting IMAP clients and SOGo.

2022-08

2022-09-01

Updates include TFA flow improvements, update.sh enhancements, SOGo 5.7.1 update, and a Bootstrap 5 UI redesign for nightly builds.

2022-07a

2022-07-29

This release updates ClamAV to 0.105.1, improves the domain API schema, and increases the TFA keyHandle maximum length.

2022-07

2022-07-14

This release updates SOGo and Dovecot, improves the TFA flow and FIDO2 registration, and introduces CI updates and various bug fixes.

2022-06b

2022-06-23

Added auto-correction for composev1 Binds in compose.yml and fixed an IMAPSYNC issue when no custom parameter is set.

2022-06a

2022-06-23

This release includes translation updates, IMAPSYNC exploit hardening, DKIM key reuse, and now requires Docker-Compose v2.

2022-06

2022-06-07

This release improves Mailadmin performance, updates several base images and components including ClamAV and Postfix, and upgrades to Docker Compose v2.

2022-05d

2022-05-19

Security update addressing CVE-2022-31245 by removing case-sensitive PIPEMESS and PIPEMES parameters from Imapsync and the database.

2022-05c

2022-05-13

The Swagger UI now explicitly defines the used OpenAPI specifications.

2022-05b

2022-05-12

This release includes aB a fix for the mailbox API endpoint and UI improvements for domain tagging and footCL footable opacity.

2022-05a

2022-05-05

Readded the .gitkeep file to the web templates cache directory.

2022-05

2022-05-05

This update introduces domain and mailbox tagging, updates SOGo to 5.6.0, adds an API version endpoint, and includes various fixes for NGINX, Dovecot, and Clamd.

2022-04

2022-04-05

Updates ClamAV, Rspamd, and SOGo, enables autodiscover for app passwords, and includes various translation and configuration fixes.

2022-03a

2022-03-17

This update fixes minor bugs and graphical issues, updates Twig for security, and migrates the backup and restore script to Debian Bullseye.

2022-03

2022-03-02

This update includes version upgrades for Dovecot, ClamAV, Rspamd, and Olefy, along with minor bug fixes for the UI and console warnings.

2022-01a

2022-02-01

This hotfix adds a version tag to the UI, improves passwordless SOGo authentication, updates the autoreply schedule, and fixes a FIDO2 authentication bug.

2022-01

2022-01-21

Updates include replacing the U2F API with WebAuthn for 2FA, updating SOGo, ClamAV, and Solr for security fixes, and resolving various container bugs.