CHANGELOG.TXT

# Postfix Admin
#
# LICENSE
# This source file is subject to the GPL license that is bundled with
# this package in the file LICENSE.TXT.
#
# Further details on the project are available at http://postfixadmin.sf.net
#
# Last update:
# $Id$

Version 3.0.1 - 2016/09/19 - SVN r1870
-------------------------------------------------

  - add missing Smarty files to Debian package
    (no changes to PostfixAdmin, therefore only released as Debian packages)

Version 3.0 - 2016/09/11 - SVN r1861
-------------------------------------------------

  - add sqlite backend option
  - add configurable smtp helo (CONF["smtp_client"])
  - new translation: ro (Romanian)
  - language update: tw, cs, de
  - fix escaping in gen_show_status() (could be used to DOS list-virtual by
    creating a mail address with special chars)
  - add CSRF protection for POST requests
  - list.tpl: base edit/editactive/delete links in list.tpl on $RAW_item to
    avoid double escaping, and fix some corner cases
  - editform.tpl: add {if} block for description column for easier customization
  - use smarty html_options instead of select_options()
  - remove advice about using SetEnv for database password
  - include_once(config.local.php) instead of include()ing it to prevent include
    loops if someone copies config.inc.php to config.local.php
  - vacation.pl: encode wide-chars utf8 in mail body, mime-decode original subject
  - fix db_quota_text() for postgresql (concat() vs. ||)
  - change default date for 'created' and 'updated' columns from 0000-00-00
    (which causes problems with MySQL strict mode) to 2000-01-01
  - allow punicode even in TLDs
  - update Smarty to 3.1.29
  - add checks to login.php and cli to ensure database layout is up to date
  - whitelist '-1' as valid value for postfixadmin-cli
  - don't stripslashes() the password in pacrypt
  - various small bugfixes

Version 3.0 beta3 (2.93) - 2015/09/26 - SVN r1802
-------------------------------------------------

  Summary of major changes:
  - add list.php and list.tpl for displaying lists
    - based on *Handler $struct, which means list view can now be customized with
      $CONF[*_struct_hook] functions (columns with display_in_list and non-empty
      label will be displayed)
    - add CSV export
    - replaces list-domain.php, list-admin.php and fetchmail.php (including their
      *.tpl files) and the alias and alias domain lists in list-virtual
    - improved / more detailed search support by using URL parameters
      (list.php?search[field]=value, optionally also ?searchmode[field]=< -
      no pretty search form yet, limited to fields the user/admin can access)
    - only display search input box if search fields are specified in *handler
      (that effectively means no search box for admin, domain and fetchmail listings)
    - can also be used for users (non-admins)
  - add FetchmailHandler (replaces fetchmail.php and its template), which also
    means postfixadmin-cli can configure fetchmail jobs now
  - add $CONF['fetchmail_struct_hook']
  - remove unused $CONF['users_domain_controle']

  PFAHandler:
  - new field types:
    - enma - associative array (value => displayed value), must be specified in
      the "options" column
    - html - raw HTML, used for mailbox status markers which include HTML tags
    - b64p - passwords stored as base64, used by FetchmailHandler
    - vtxt, vnum - "virtual", read-only text/integer
    - quot - formatted quota ("5/10", read-only)
  - automatically skip quot, vtxt and vnum fields in store()
  - add handling of users (non-admins), including permission checks
  - add and use $this->label_field and $this->label for nicer messages
  - add $this->order_by to allow ordering by any field(s)
  - add getMsg() function (needed by list.php)
  - add $msg['can_create'] (true by default, false will hide the 'create' button)
  - add $is_superadmin to make admin vs. superadmin easier to handle
  - add $can_edit and $can_delete (only available in edit/delete mode, set by
    init() based on the '_can_edit' and '_can_delete' from database query)
  - add $searchfields[] (list of fields to search by default, $search[_])
  - add $this->msg['show_simple_search'] (true if $searchfields is non-empty)
  - split off build_select_query() (also used for pagebrowser) from read_from_db()
    and add support for $search['_'] (searching in $searchfields[])
  - read_from_db(), getList(): add $searchmode parameter (_before_ $limit and
    $offset!) to be able to use query different query modes, not only "="
  - add getPagebrowser() (returns an array of pagebrowser keys)

  AdminHandler:
  - switch to using list.php (replaces list-admin.php)

  DomainHandler:
  - reduce required permissions to 'admin', restrict write operations to superadmins
  - add optical quota indicators for aliases, mailboxes and domain quota
  - fix counting of aliases for domains without any mailbox
  - use list.php for displaying domain list (replaces list-domain.php)

  MailboxHandler:
  - check_quota(): deny creating an unlimited mailbox if domain quota is set
  - storemore(): store maildir in the correct variable to fix running
    mailbox_postedit script (bug#342)

  AliasHandler:
  - read_from_db_postprocess(): disable _can_edit and _can_delete for default
    aliases if special_alias_control is off and not superadmin
  - add 'status' column, move gen_show_status handling for aliases from
    list-virtual into AliasHandler db_read_from_db_potprocess()
  - change getList() to work with empty $condition
  - add getPagebrowser() to filter out mailboxes

  edit.php:
  - Newer PHP versions (noticed with 5.6.6) don't include empty fields in
    $_POST, which broke changing a field to empty. Make sure all !isset()
    fields are set to ''.
  - for not-set bool values, set $values instead of the (wrong) $inp_values
  - add user (non-admin) mode

  delete.php:
  - allow users (non-admins) to use delete.php (not used in PostfixAdmin yet)

  list-virtual:
  - use AliasHandler, AliasdomainHandler and list.tpl for aliases and alias
    domains (the mailbox list still uses the old code)
  - replace $alias_pagebrowser_query and the create_page_browser() call
    with $handler->getPagebrowser()
  - adjust search to use ?search[_]=...
  - drop $check_alias_owner variable and check_alias_owner() call
    (replaced by the code added in AliasHandler)

  misc:
  - translation updates: cs (patch#126), pl (by marcin-github), sv (patch#128)
  - add CliScheme.php to display the database scheme (for usage in upgrade.php)
  - error_log() a warning if nameserver queries in check_domain() take more than 2
    seconds in total
  - add functions db_quota_text() and db_quota_percent() to generate SQL queries
    for used quota ("x/y" and percentage)
  - pacol(): replace $not_in_db with $multiopt - the remaining parameters can be
    specified as associative array (backwards-compatible). Also add $linkto parameter
  - db_where_clause(): add $additional_raw_where and $searchmode parameters,
    split query into WHERE and HAVING
  - delete no longer used check_alias_owner() function
  - display "view log" menu entry only if logging is enabled (patch#127)
  - smarty.inc.php assign(): additionally provide the unsanitized values as RAW_$key
  - setup.php: after creating a superadmin, display a note that the setup is done
    and it's possible to login now
  - setup.php: stop relying on subversion keyword for database upgrades
  - explictly set session_cache_limiter to nocache (bug#347)
  - fetchmail.pl: honor the (newly added) active column
  - change fetchmail.date field to date (no auto-update) (bug#351)
  - several small changes and fixes at various places - too many to list them here

Version 3.0 beta2 (2.92) - 2014/10/28 - SVN r1706
-------------------------------------------------

  - AliasHandler: don't clean goto field when making alias inactive (bug#316)
  - list-virtual: display quota even if $CONF[used_quotas] == NO (bug#307)
  - vacation.pl: fix postgresql queries in vacation.pl (bug#315)
  - fix query in AliasHandler getList() which caused an empty list and breaks
    deletion of aliases in MariaDB (bug#313, bug#325)
  - fetchmail.pl: fix ssl extra options (cert check, cert path, fingerprint)
  - fix logging (run setup.php to fix old log entries) (bug#317)
  - fetchmail.php: change error_reporting() to exclude E_NOTICE (bug#322)
  - translation updates: fr (patch#123), nl (patch#122)
  - $CONF[default_aliases] can now use the new domain as alias target (patch#124)
  - check that vacation start/end date are not in the past (patch#122)
  - update vacation INSTALL.TXT with more secure locations
  - update Smarty to 3.1.21

Version 3.0 beta1 (2.91) - 2014/05/06 - SVN r1670
-------------------------------------------------

  Summary of major changes:
  - new command-line interface "postfixadmin-cli"
  - major rewrite:
    - move lots of code into *Handler classes, which are used by web and
      command-line interface
    - replace various edit-*.php and create-*.php with a generic editform
      (edit.php/editform.tpl)
    - this also means it's easy to customize forms, add fields etc.
      (see $CONF['*_struct_hook'])
    - lots of code cleanup, remove/merge lots of duplicated code and templates
    - use smarty for templates
  - add ability to choose activation date, end date and reply interval for
    vacation message
  - various enhancements everywhere
  - redesign login page, list and edit pages (goodbye, green!) and make them wider
  - several new config options and changed defaults
  - NOTE: changes from the 2.3.x releases also apply to this version

  new config options:
  - $CONF['language_hook']
    Hook function to override or add translations to $PALANG.
    Example hook function included (commented out).
  - $CONF['password_validation'] - array with regular expressions to check
    if a password is valid/good enough.
    The default configuration enforces:
    - minimum length 5 characters/digits/whatever
    - at least 2 characters
    - at least 2 digits
  - $CONF['*_struct_hook'] - make $struct in the *Handler classes customizeable
  - $CONF['vacation_choice_of_reply'] - list of reply interval options
  - $CONF['domain_quota'] - total quota per domain
  - $CONF['theme_custom_css'] - to add some custom CSS without editing the
    default CSS file
  - $CONF['motd_*'] - replaces motd*.txt

  changed config defaults (with their new default value):
  - $CONF['database_type'] = 'mysqli';
  - $CONF['dovecotpw'] = "/usr/sbin/doveadm pw";
    $CONF['new_quota_table'] = 'YES'; (for dovecot 2)
  - $CONF['domain_path'] = 'YES'; $CONF['domain_in_mailbox'] = 'NO';
    (results in domain.tld/username/ maildirs)
  - $CONF['alias_control'] = 'YES'; $CONF['alias_control_admin'] = 'YES';
  - $CONF['backup'] = 'NO';
  - $CONF['show_status']='YES'; $CONF['show_status_key']='YES';
    $CONF['show_undeliverable']='YES'; $CONF['show_popimap']='YES';
    $CONF['show_undeliverable_exceptions'] - "gmail.com" removed
  - $CONF[*_post*_script] - add empty defaults
  - $CONF['admin_email'] = ''
    IMPORTANT: If set, this will be used as mail sender for all mails
    (2.3.x used the currently logged in admin's username in most cases).
    $CONF['admin_email'] = '' will match the 2.3.x behaviour.

  removed config options:
  - $CONF['min_password_length'] - now handled in /.{5}/ in
    $CONF['password_validation']
  - $CONF['postfix_admin_url'] - relative paths are now used everywhere

  list-virtual.php:
  - display percentage of quota usage
  - display alias domains less confusing (using From/To)
  - list-virtual can now display only mailboxes, only aliases or only alias
    domains - or all in one page as in 2.3
  - extreme speedup of page browser in list-virtual if a large number of
    mailboxes or aliases exist
  - include search support (replaces search.php and brings various bug fixes
    for free)
  - fix: delivery to mailbox with a recipient delimiter (mailbox+foo@domain)
    was marked as "forward only"
  - fix: don't mark mailboxes with vacation active as undeliverable
  - fix: undeliverable targets were not flagged if another target pointed to a
    domain in $CONF[show_undeliverable_exceptions]

  fetchmail.php, fetchmail.pl:
  - add sslcertck, sslcertpath, sslfingerprint fields/check
    (sslcertpath and sslfingerprint require $CONF[fetchmail_extra_options]
    because they don't have input validation)

  functions.inc.php
  - allowed_quota: if $CONF[quota] == NO, just return 0 (unlimited)
  - authentification_get_username() - honor POSTFIXADMIN_SETUP to avoid
    a redirect to login.php after creating an admin with setup.php and to
    get "SETUP.PHP" for db_log()
  - check_domain(), check_email(): instead of calling flash_error(),
    return string with error message - or empty string if everything is ok
  - check_email():
    - replace $CONF[vacation_domain] only at the end of the mail address
    - don't trim() mail address to avoid that aliases starting with a space are
      allowed. This fixes http://sourceforge.net/p/postfixadmin/bugs/210/
  - check_language(): remove things like ";q=0.8" before checking if
    a language exists
  - check_owner():
    - escape_string() $username and $domain to prevent SQL injections
  - db_pgsql() - new function to replace lots of
    "if ($CONF[database_type] == 'pgsql')) checks
  - db_delete(): allow to specify additional conditions for the WHERE clause
  - db_get_boolean(): allow 0 and 1 as parameters, not only boolean true/false
  - db_log():
    - allow log actions create_admin and edit_admin
    - add edit_admin_state and delete_admin as comment/reminder that they
      should also be logged
  - db_query(): error_log() failed query
  - db_where_clause($condition, $struct) - new function to create a WHERE clause
    (bool values are converted with db_get_boolean() based on $struct)
  - _flash_string():
    - also accept an array of messages, not only a string
    - html-escape messages to fix XSS if the message contains user-supplied input
  - generate_password(): make generated password always 8 chars long
    (instead of $CONF['min_password_length'])
  - get_domain_properties(): use DomainHandler (function result mostly
    unchanged, only difference: instead of quota_sum in bytes it now
    returns total_quota in MB)
  - list_domains_for_admin():
    - rewrite to work for superadmins also (will list all domains now
      instead of "ALL"), which means we can drop the admin vs. superadmin
      check at various places
  - pacrypt():
    - no longer escape_string() the result. This fixes
      http://sourceforge.net/p/postfixadmin/bugs/218/
    - for 'system' encryption, use full hashed password as salt
      https://sourceforge.net/p/postfixadmin/bugs/2/
    - dovecot:*:
      - add support for dovecot *-CRYPT passwords (needs dovecot >= 2.1)
      - allow "." in dovecot method (to allow a suffix like ".b64")
      - Also, the {METHOD} part is no longer removed (passwords without
        {METHOD} still work)
  - remove_from_array() - new function
  - safesession() - new function (like safeget(), but for $_SESSION)
  - smtp_mail(): error_log() the error message if fsockopen() fails
  - table_by_key() now always prepends $CONF['database_prefix']
    NOTE: If you have/had an incomplete database_tables array and use
    $CONF['database_prefix'], you might need to rename the affected tables
    manually (add the database_prefix in their name).
  - moved several functions to the *Handler classes
  - deleted no longer used functions:
    - admin_exist()
    - authentication_is_admin()
    - authentication_is_user()
    - boolconf() (moved to Config::bool())
    - check_string()
    - create_admin()
    - check_alias() (moved to AliasHandler->create_allowed())
    - db_boolean_to_int()
    - domain_exist()
    - get_admin_properties()
    - get_mailbox_properties()
  - get rid of global $table_* variables, use table_by_key() instead

  PFAHandler.php:
  - parent class for all *Handler classes
  - contains code shared between all classes

  AdminHandler.php:
  - Handler class for admins
  - for now, set the superadmin column and add "ALL" in domain_admins to
    keep the database backwards-compatible with 2.3.x

  AdminpasswordHandler.php:
  - used for the "change password" form for admins

  DomainHandler.php
  - handler class for domains
  - delete(): do not allow to delete a domain if it is an alias domain target

  AliasdomainHandler.php:
  - handler class for alias domains
  - alias domains can now be edited

  AliasHandler.php:
  - rewrite based on PFAHandler
  - we even get a "deliver to local mailbox" checkbox :-)
  - only allow @domain as target if $this->id is a catchall
  - remove deprecated functions:
    - get()
    - hasStoreAndForward()
    - update()
    - is_mailbox_alias()
    - is_vacation_address()
    - hasAliasRecord()

  MailboxHandler (previously named UserHandler in 2.3):
  - rewrite based on PFAHandler
  - drop old __construct(), view() and change_pass()
  - replace check of old password in change_pw() with $this->login
  - delete(): also cleanup fetchmail, quota and quota2 tables
  - always check password with validate_password()
  - always display correct available quota (using allowed_quota())
  - do not escape the password coming from $_POST. Fixes
    http://sourceforge.net/p/postfixadmin/bugs/218/

  VacationHandler:
  - rewrite based on PFAHandler (not useable yet)
  - add ability to choose activation date, end date and reply interval for
    vacation message - http://sourceforge.net/p/postfixadmin/patches/111/

  vacation.pl:
  - allow to use original subject in vacation reply subject ("Re: $SUBJECT")
    http://sourceforge.net/p/postfixadmin/patches/117/
  - encode subject - https://sourceforge.net/p/postfixadmin/bugs/272/ ,
    https://sourceforge.net/p/postfixadmin/patches/119/
  - add a friendly from address to vacation messages ($friendly_from)
  - make error handling if we cannot send the reply more robust
  - add $smtp_client config option to specify the helo name
  - added custom noreply detection ($noreply_pattern, $custom_noreply_pattern)

  Config.php
  - new class to store $CONF
  - also used to store $PALANG texts (Config::Lang())
  - contains functions to read config entries in various ways (bool etc.)

  edit.php
  - generic edit page for everything (admins, domains, mailboxes, aliases, ...)
  - use ?table= parameter to decide what will be edited (basically $tableHandler)
  - read handler-specific configuration from $handler->webformConfig()
    and use it at various places
  - always redirect to edit.php?table=$table after adding an item to
    ensure correct initialization for next item
  - call $handler->mergeId if $id_field is editable, but not displayed
    in form (usecase: merge localpart + domain to address)
  - set $form_fields and $id_field later (after $hander->init()) - needed
    for AliasHandler to decide if goto_mailbox should be displayed
  - only set $values if a field is editable and displayed in the form

  editform.tpl:
  - generic edit form template, uses $struct to render the form
  - implement handling of 'list' fields (<select> with multiple choices
    allowed)
  - also include alternative implementation with checkboxes (commented out)

  upgrade.php
  - _pgsql_field_exists(), _mysql_field_exists():
    Those functions are always called with the expanded table name - don't
    expand it twice. (The better solution would be to change all calling
    code to provide non-expanded tablenames, but that's more work.)
  - change {BIGINT} to include "NOT NULL DEFAULT 0"
  - upgrade_1283(): add a "superadmin" column to the admin table
    This is the first step to get rid of the "ALL" dummy domain.
  - upgrade_1284(): migrate the ALL domain to the superadmin column
    Note: The ALL domain is not (yet) deleted to stay backwards-compatible
    for now (will be done in a later upgrade function)
  - change {BOOLEAN} to include "default false"

  login.php
  - when login.php is requested, logout the current admin/user
    https://sourceforge.net/p/postfixadmin/bugs/284/
  - this also means login.php is now used for logout
  - error_log() failed login attemps
    https://sourceforge.net/p/postfixadmin/feature-requests/111/

  delete.php, editactive.php:
  - require token for CSRF protection, see
    https://sourceforge.net/p/postfixadmin/bugs/269/

  xmlrpc.php:
  - adopt to *Handler syntax
  - setAway(): add (optional) new parameters for interval_time, activeFrom and
    activeUntil - https://sourceforge.net/p/postfixadmin/patches/113/
  - change $_SESSION['username'] to $_SESSION['sessid']['username']

  *.lang:
  - get rid of several duplicate texts
  - removed HTML tags from $PALANG texts
  - several translation updates

  documentation updates:
  - SECURITY.TXT: add note about templates_c directory
  - DOCUMENTS/POSTFIX_CONF.TXT is now executable and can generate the
    mysql_*.cf maps for postfix
  - update DOCUMENTS/DOVECOT.TXT for dovecot 2.x

  squirrelmail plugin:
  - various bugfixes
  - documentation update

  Debian packaging:
  - Changed source format to 3.0 (quilt)
  - simplified the DB credential patch and removing ucf registrations on package
    purge...
  - control: added php5-cli dependency
  - rules:
    - some permission fixes to postfixadmin-cli scripts
    - New target prep: Create a needed tar.gz file to build a non-nativ .dpkg
    - New target build-package: Call this target to build a shiny new .dpkg file
  - postfixadmin.docs: removed redundant changelog file
  - debian/postfixadmin.postrm: Call wwwconfig scripts only if they are existing

Version 2.3.8 - 2015/10/07 - SVN r1814 (postfixadmin-2.3 branch)
----------------------------------------------------------------

  - fix query to enable/disable alias in edit-mailbox for PostgreSQL (#311)
  - don't prefill username in users/ login on failed logins - fixes (probably
    harmless) XSS
  - fix show_gen_status() to properly escape mail addresses in query (#356)
  - fix escaping in create-admin, create-mailbox and fetchmail templates -
    fixes (harmless) XSS on form validation errors
  - don't echo the password back to the browser in the fetchmail form
  - allow MariaDB in Debian package dependencies

Version 2.3.7 - 2014/02/20 - SVN r1651 (postfixadmin-2.3 branch)
----------------------------------------------------------------

  - SECURITY: fix SQL injection in show_gen_status()
  - lt.lang, da.lang translation update
  - when enabling/disabling a mailbox, also update the corresponding alias
  - fix creating superadmin in setup.php with MariaDB (more strict SQL)
  - don't trim() mail address to avoid that aliases starting with a space are
    allowed. This fixes http://sourceforge.net/p/postfixadmin/bugs/210/ and
    https://sourceforge.net/p/postfixadmin/feature-requests/113/
  - update regex in check_domain() to support new, longer TLDs like .international
  - mark vacation_notification.notified field as latin1 to avoid overlong index
  - vacation.pl: encode subject
  - vacation.pl: disable use of TLS by default due to a bug in Mail::Sender 0.8.22
    (you can re-enable it with $smtp_tls_allowed)

Version 2.3.6 - 2013/01/02 - SVN r1417 (postfixadmin-2.3 branch)
----------------------------------------------------------------

  - display domain and mailbox description with correct encoding
  - fix footer link
  - focus username input field in login form
  - fix double inclusion of config.inc.php in setup.php
  - fix bool and date handling in fetchmail

Version 2.3.5 - 2012/01/16 - SVN r1335 (postfixadmin-2.3 branch)
----------------------------------------------------------------

  - fix SQL injection in pacrypt() (if $CONF[encrypt] == 'mysql_encrypt')
  - fix SQL injection in backup.php - the dump was not mysql_escape()d,
    therefore users could inject SQL (for example in the vacation message)
    which will be executed when restoring the database dump.
    WARNING: database dumps created with backup.php from 2.3.4 or older might
             contain malicious SQL. Double-check before using them!
  - fix XSS with $_GET[domain] in templates/menu.php and edit-vacation
  - fix XSS in some create-domain input fields
  - fix XSS in create-alias and edit-alias error message
  - fix XSS (by values stored in the database) in fetchmail list view,
    list-domain and list-virtual
  - create-domain: fix SQL injection (only exploitable by superadmins)
  - add missing $LANG['pAdminDelete_admin_error']
  - don't mark mailbox targets with recipient delimiter as "forward only"
  - wrap hex2bin with function_exists() - PHP 5.3.8 has it as native function

Version 2.3.4 - 2011/09/16 - SVN r1180 (postfixadmin-2.3 branch)
----------------------------------------------------------------

  - generate more secure random passwords
  - squirrelmail plugin: fix typo in variable name
  - list-domain: fix SELECT query to work with PgSQL even when using custom fields
  - create-domain: force domain name to lowercase to avoid problems with PgSQL
    foreign keys
  - fix vacation.pl to log to "mail" syslog facility
  - error_log() dovecotpw error messages

Version 2.3.3 - 2011/03/14 - SVN r1010 (postfixadmin-2.3 branch)
----------------------------------------------------------------

  - create-alias: allow multiple alias targets
  - create-alias, edit-alias: prevent input data loss on validation errors
  - list-virtual: fix displaying of 'modified' column for aliases when using
    postgres
  - replaced deprecated split() with preg_split() or explode()
  - functions.inc.php: better error messages when database functions are missing
  - create domain: fixed typo in variable name that broke the default value for
    default aliases
  - postgres: changed mailbox.quota, domain.quota and domain.maxquota fields
    to bigint to allow mailboxes >4 GB (run setup.php to upgrade your database)
  - vacation.pl logged literal $variable instead of the variable content at two
    places
  - edit-vacation: log enabling/disabling vacation if done by admins
  - POSTFIX_CONF.txt: fixed filename for quota map
  - config.inc.php: removed double $CONF['database_prefix']
  - config.inc.php: fixed comments about domain_post* script parameters
  - updated INSTALL.TXT and UPGRADE.TXT
  - sk translation update
  - some more minor fixes

Version 2.3.2 - 2010/08/24 - SVN r860 (postfixadmin-2.3 branch)
---------------------------------------------------------------

  - SUMMARY: PostfixAdmin 2.3.2 is a bugfix-only release for Postfix Admin 2.3.1
  - SECURITY: attackers could find out if a admin exists (login pre-filled the
    username after "only" a wrong password was entered)
  - SECURITY: fix sql injection in list-domain (only exploitable by superadmins)
  - alias targets in users/edit-alias are now validated
  - invalid alias targets in users/edit-alias are shown to the user again
    instead of dropping them
  - fix dovecot:* password encryption (was broken in 2.3.1)
  - fix displaying used quota for dovecot <= 1.1 (was broken in 2.3.1)
  - when deleting a domain that is an alias domain (on the "from" side), the
    alias domain is deleted

Version 2.3.1 - 2010/07/09 - SVN r847 (postfixadmin-2.3 branch)
---------------------------------------------------------------

  - SUMMARY: PostfixAdmin 2.3.1 is a bugfix-only release for Postfix Admin 2.3.
    The only visible change is displaying the alias target for mailboxes which
    was a longstanding issue/"missing feature".
    The ADDITIONS directory contains some new scripts.
  - SECURITY: users could bypass checking the old password when changing the
    password by entering a too short new password. Fortunately only
    "exploitable" by authentificated users.
  - merge in changes to /debain (thanks normes) from trunk
  - display alias targets for mailboxes (if $CONF['special_alias_control'] = YES)
  - add hook for custom maildir path generation
  - add import_users_from_csv.py script (by Simone Piccardi)
  - add mailbox_post* scripts for cyrus
  - handle dovecot passwords without any tempfile (prevents safe_mode issues)
  - fix MySQL 6.0 compatibility
  - fix quota display (for dovecot >= 1.2)
  - fix short open tags ("<?")
  - translation updates and fixes
  - documentation updates and fixes
  - document commandline parameters for $CONF[*_script] options in config.inc.php
  - list-virtual: added error message if the check_owner query returns more
    than one result (can happen with pre-2.3 databases and prevents access for
    superadmins)
  - add in_array() check to avoid that superadmins can enter invalid domains
  - fix delete link for alias domains (when on target domain)
  - delete values from quota and quota2 table when deleting a mailbox
  - fix hardcoded table names in list-domain.php
  - fixed edit-alias.php not to drop alias to the mailbox if
    special_alias_control = NO
  - fix alias handling for mailboxes (special_alias_control vs.
    alias_control_admin confusion)
  - fix typo in upgrade.php that broke index creation and deletion when using
    non-default table names
  - fix creating 'ALL' domain (dummy for superadmins) when using non-default
    table names
  - fix: db_query did not return number of SELECTed rows if query starts with
    with whitespace
  - check for $CONF['encrypt'] = 'dovecot:md5-crypt' (postfixadmin login not
    working because dovecotpw uses a new salt each time), recommend
    internal md5crypt instead
  - replaced terribly outdated, broken squirrelmail plugin with a fresh version.
    Note: The new plugin version requires the Zend framework.

Version 2.3 - 2009/10/24 - SVN r739
-----------------------------------

  - automatically create quota tables for dovecot (both 1.0/1.1 and >= 1.2)
  - list-virtual can now handle both table formats
  - fixed upgrade.php for MySQL 6.0 compability
  - changed vacation.pl syslog facility from "user" to "mail"
  - added config option for postregsql database port
  - added config option to enable/disable XMLRPC interface (default: off)
  - Fix check/query for alias with enabled vacation in vacation.pl
  - Fix db_get_boolean() to return t/f for postgresql, not true/false
  - Fix missing quoting for boolean values in SQL queries at various places
  - Allow SHA courier-authlib passwords
  - various small bug fixes
  - fixed SVN revision for 2.3rc7 in changelog (was r691, should be r694)

Version 2.3rc7 - 2009/07/27 - SVN r694
--------------------------------------

  - Fix bug with confd-link.sh debian thing (breakage on Lenny with wwwconfig-common 0.1.2)
  - Fix crypt() issue (see https://sourceforge.net/tracker/?func=detail&aid=2814820&group_id=191583&atid=937964 )

Version 2.3rc6 - 2009/07/20 - SVN r689
--------------------------------------

  - Updates to vacation.pl
  - PHP 5.3 compatibility
  - Easier dependencies for .debs - should work on Lenny/Ubuntu etc without issue now.

Version 2.3rc5 - 2009/05/20 - SVN r658
--------------------------------------

  - Improvements to the setup process
  - Far better Debian packaging (we hope!) which should make installation much, much easier.
  - Various bug fixes
  - Performance enhancements (or we fixed the regressions ...) in domain listing etc.

Version 2.3rc4 - 2009/04/18 - SVN r632
--------------------------------------

  - *Security fix* - on upgrade setup.php is restored; allowing a malicious
    user to create their own superadmin account. We've removed the requirement to delete
    setup.php, and instead a new config parameter (setup_password) is used to protect access
    to this page. Password is encrypted, and setup.php can be used to generate the initial value.
  - Fix undefined variables problem(s)
  - Fix PostgreSQL date timestamp issues...

Version 2.3rc3 - 2009/04/06 - SVN r611
--------------------------------------

  - Minor improvements to the Debian packaging, expect more soon
  - Assorted bug fixes
  - Partial support for per-user fetchmail.pl support

Version 2.3rc2 - 2009/02/03 - SVN r593
--------------------------------------

  - Refactor /users (see /model) and provide XmlRpc interface for remote mail clients
     (e.g. squirrelmail-postfixadmin)
  - Add dovecotpw support - see:
     https://sourceforge.net/tracker/index.php?func=detail&aid=2607332&group_id=191583&atid=937966
  - Add unit tests for model/ directory (see /tests)
  - Add additional scripts to ADDITIONS
  - Documentation updates
  - Various language updates
  - added ADDITIONS/delete-mailq-by-domain.pl (by Jose Nilton)
  - added ADDITIONS/quota_usage.pl (by Jose Nilton) - produces report of quota usage
  - added support for courier authlib authentication flavors ($CONF['authlib_default_flavor'])


Version 2.3 Beta - 2009/01/15 - SVN r527
-----------------------------------------

  - added support for domain aliases (from lenix) (can be disabled with $CONF['alias_domain'])
    Important: If you update from a previous version, you'll have to adapt your postfix
    configuration (see DOCUMENTS/POSTFIX_CONF.txt) - or just disable alias domain support,
    your postfix configuration will continue to work
  - updated postfix example configuration for domain aliases and to use the new mysql map format
  - vacation.pl:
    - add option for re-notification after definable timeout (patch from Luxten)
      (default stays on "notify once")
    - force usage of envelope from/to, better checks for mailinglists, spam etc.
      If in doubt, do not send a vacation reply (patch from Lutxen)
    - added a small test suite
    - use Log4Perl
    - allow to enter the configuration in /etc/mail/postfixadmin/vacation.conf
      instead of editing vacation.pl directly
    - bump version number of vacation.pl
  - added domain-postcreation script support
  - added dovecot quota support (documentation + viewing in postfixadmin)
  - enhanced mailbox table to make it easier for people to customise where mailboxes live
    (new column "local_part")
  - enhanced fetchmail.pl script (file locking, syslog logging, configuration file etc)
  - added clear error message for non-resolvable domains when creating mailboxes or aliases
  - check for non-resolvable domains on domain creation
  - new option $CONF['create_mailbox_subdirs_prefix'] for compatibility with more IMAP servers
  - added support for mysql encrypt() password encrpytion
  - fix "illegal mix of collations" problem in MySQL by explicitely setting the charset everywhere
  - fix: cleanup vacation_notification table when disabling vacation
  - fix: config and fetchmail tables now honor $CONF['database_tables']
  - fix: several table names were hardcoded in database creation/update
  - fix: "unlimited" and "disabled" for quota and limits were crossed at several places
  - fix: honor $CONF['default_transport'] even if $CONF['transport'] = "no" (patch by fabiobon)
  - fix: transport field is no longer emptied on domain edit if editing transport is disabled
  - show links to create mailboxes or alias even on disabled domains
  - added support for fetchmail's "ssl" option
  - superadmin can now setup fetchmail for all users, not only for himself
  - force username to be lowercase - this helps some IMAP clients apparently
  - the "probably undeliverable" marker now honors catchall targets
  - on mailbox creation, show password if $CONF['generate_password'] == 'YES', but
    do not show it if it was _not_ autogenerated and $CONF['show_password'] == 'NO'
  - dropped $CONF['show_custom_count']. PHP can count ;-)
  - dropped obsolete VIRTUAL_VACATION/mail-filter script
  - translation updates
  - several small bugfixes


Version 2.2.1.1 - 2008/07/23 - SVN r412
---------------------------------------

  - fixed version number in functions.inc.php ;-)


Version 2.2.1 - 2008/07/21 - SVN r408
-------------------------------------

  - added quota parameter to mailbox_postcreation hook
  - new hook to update the quota after editing a mailbox ($CONF['mailbox_postedit_script'])
  - fixed subfolder creation order and timing
  - allow smtp server to be specified in vacation.pl
  - fixed MySQL charset issues
  - several small bugfixes
  - Norwegian (bokmal) translation added
  - several translation updates


Version 2.2.0 - 2008/04/29
--------------------------

  <Far more changes than those listed here; thanks to all the community who have provided
   patches and time to help us get here!>
  - Unicode support for vacation messages
  - More language translations
  - Merged the two vacation scripts (PostgreSQL version won :) )
  - Added setup.php/upgrade.php scripts to handle upgrades
    - See also new 'config' database table
  - Added support for 'fetchmail' so mail from a remote server can be retrieved.
  - Many, many bug fixes

  - Added: Feature to show status of aliases/mailboxes (GregC)
  - Fixed: Many admin/*.php files merged with /*.php
  - Fixed: 'alias' instead of '$table_alias' being used by some .php files (GregC)
  - Fixed: Overview no longer lists alias entries for mailboxes (GregC)
  - Changed: Added exit buttons to several edit options. (GregC)
  - Fixed: user options are a little more idiot-proof, templates are consistent (GregC)
  - Changed: Users can view and edit their vacation config (GregC)
  - Added: Slovakian language posted on SourceForge by eszabo
  - Changed: searches include mailbox.name matches (GregC)
  - Fixed: function check_email will ignore vacation_domain if vacation==YES (GregC)
  - Changed: applied patches from Christian Boltz posted at
    http://www.cboltz.de/tmp/postfixadmin-3.patch, referenced at
    https://sourceforge.net/tracker/index.php?func=detail&aid=1696647&group_id=191583&atid=937966 (GregC)
  - Added: main.php to admin dirctory (GregC)
  - Added: Item "Main" on admin menu (GregC)
  - Changed: Edit-vacation now edits for admins/superadmins (GregC)
  - Added: Do not store local copy when forward mail. (Mihau) [24]
  - Added: Virtual Vacation for PostgreSQL. (Tarvin)
  - Added: Virtual Vacation 3.2 (Thanx David)
  - Added: SUBJECT tag for Virtual Vacation.
  - Added: Dovecot setup document for Postfix Admin. (Thanx Massimo)
  - Added: SquirrelMail plugin to change_password.
  - Changed: Starting to merge /admin in root. (Mihau)
  - Changed: Moved some TXT files to DOCUMENTS.
  - Changed: Updated tw.lang. (Thanx Bruce)
  - Fixed: Usage of mysql_real_escape_string(). (Mihau)
  - Fixed: Calculating of quotas. (Mihau)
  - Fixed: Password generation when creating a new account. (Mihau)
  - Fixed: PostgreSQL patches. (Tarvin)
  - Fixed: Adding of multiple aliases. (Mihau)
  - Fixed: CSS Menu width. (Mihau)
  - Fixed: Overview when upgrading from 2.0.4. (Mihau)
  - Fixed: smtp_mail() to wait for response from server.
  - Fixed: pacrypt() so system works properly. (Thanx Npaufler)
  - Fixed: quoting an email address when sending mail in vacation.pl. (Thanx Marc)
  - Fixed: vacation.pl has a clean exit when it encounters an error. (Thanx Brian)
  - Fixed: descriptions for quota={-1|0} in admin section (Mihau)


Version 2.1.0 -- 2005/01/07
---------------------------
  - Added: Traditional Chinese language. (Thanx Bruce)
  - Added: Traditional Bulgarian language. (Thanx Plamen)
  - Added: Macedonian language. (Thanx Damjan)
  - Added: Estonian language. (Thanx Peeter)
  - Added: Slovenian language. (Thanx Nejc)
  - Added: Check for update link in footer.
  - Added: Additional language strings. Check LANGUAGE.TXT
  - Added: Transport support. (read postfix transport for more information)
  - Added: Additional language string for transport support.
  - Added: MySQL 4.1 support.
  - Added: PostgreSQL support. (Big Thanx WhiteFox!)
  - Added: Setup Checker script. (Thanx Fenrir)
  - Added: Database prefix. (Thanx Decramy)
  - Added: Template tags. (Thanx Nelson)
  - Added: admin/domain/alias/mailbox in delete dialog box.
  - Added: $CONF['postfix_admin_url'] variable.
  - Added: $CONF['postfix_admin_path'] variable.
  - Added: $CONF['vacation_domain'] variable.
  - Added: $CONF['welcome_text'] variable.
  - Added: $CONF['special_alias_control'] variable. (Thanx Mihau)
  - Added: Virtual Vacation 3.1 (Thanx David)
  - Added: ADDITIONS directory with third party scripts and plugins.
  - Added: Search function for aliases and mailboxes.
  - Changed: Postfix Admin has now it's own license.
  - Changed: New menu and color scheme. (Thanx Nelson)
  - Changed: Disable number and unlimited number for aliases/mailboxes/quota.
  - Changed: Virtual Vacation to have it's own transport. (Big Thanx Npaufler!)
  - Changed: Removed the welcome text for a new mailbox from the language files.
  - Changed: backup.php to be a more secure. (Thanx John)
  - Fixed: Cleaned up stylesheet.
  - Fixed: Default quota multiplier.
  - Fixed: All POST/GET strings are escaped.
  - Fixed: Corrected smtp_mail() to wait for result. (Thanx Patrice)
  - Fixed: Pagination with alias_control switched on.
  - Fixed: Swedish language. (Thanx Bjorne)
  - Fixed: Polish language. (Thanx Piotr)
  - Fixed: Minor Virtual Vacation bugs. (Thanx David)
  - Fixed: check_quota().
  - Fixed: Minor encode_header() issue. (Thanx Matthew)
  - Fixed: edit-alias.php when running with magic_quotes_gpc = off


Version 2.0.5 -- 2004/08/21
---------------------------
  - Added: Chinese language. (Thanx Matthew)
  - Added: Catalan language. (Thanx Jaume)
  - Added: Czech language. (Thanx Jakub)
  - Added: Dynamic language detection.
  - Added: Header in header.tpl to set charset header from language file.
  - Added: More subroutines and alias checking for Vacation. (Thanx David)
  - Added: Domain pass-through with certain pages.
  - Added: Backup MX option for domain.
  - Added: Log contains IP address of admin.
  - Added: Pagination for alias/mailbox listing.
  - Added: 2 additional language strings to support Backup MX.
  - Added: Support for motd.txt (Domain Admins only).
  - Added: Support for motd-admin.txt (Site Admins only).
  - Added: Support for motd-users.txt (Users only).
  - Added: Optional hostname for vacation.
  - Added: generate_password() to generating random passwords for mailboxes.
  - Changed: dk -> da, se -> sv, no-nn -> nn
  - Changed: All email addresses are now converted to lowercase, strtolower().
  - Changed: Moved onMouseOver to the CSS stylesheet.
  - Changed: Moved font color to the CSS styleheet.
  - Changed: PHP mail() is replaced by an internal function, smtp_mail().
  - Changed: mysql_fetch_array() replaced with internal function db_array().
  - Changed: mysql_fetch_assoc() replaced with internal function db_assoc().
  - Changed: mysql_fetch_row() replaced with internal function db_row().
  - Changed: Quota multiplier is now a configuration option.
  - Fixed: Login didn't check for active flag.
  - Fixed: Minor html table errors.
  - Fixed: Row count by using COUNT(*).
  - Fixed: Locked down subdirectories.
  - Fixed: Create admin properly populates the domain_admins table.
  - Fixed: Cleaned up stylesheet.css.
  - Fixed: Delete mailbox properly removes vacation entries.


Version 2.0.4  -- 2004/02/26
----------------------------
  - Added: Euskara language. (Thanx Julen)
  - Added: Hungarian language. (Thanx Christian)
  - Added: Icelandic language. (Thanx Gestur)
  - Added: Italian language. (Thanx Stucchi)
  - Added: Norwegian - Nynorsk language. (Thanx Paul)
  - Added: Polish language. (Thanx Jarek)
  - Added: Portuguese - Brazil language. (Thanx Roberto)
  - Added: Rusian language. (Thanx Paul)
  - Added: Turkish language (Thanx Onuryalazi)
  - Added: Encode a string according to RFC 1522 for use in headers if it
    contains 8-bit characters. (Thanx Evgeniy)
  - Added: One click active change of mailbox/domain/admin. (Thanx Marcin)
  - Changed: Header in header.tpl to read charset header from language file.
  - Fixed: Some form values are now parsed through htmlspecialchars().
    (Thanx Marcin)
  - Fixed: admin/delete.php ignored $CONF['vacation'].
  - Fixed: More minor fixes to Virtual Vacation.


Version 2.0.3  -- 2004/01/14
----------------------------
  - Added: Site Admin email address.
  - Added: Danish language. (Thanx Lars)
  - Added: Dutch language. (Thanx Mourik)
  - Added: Faroese language. (Thanx Danial)
  - Added: Finnish language. (Thanx Palo)
  - Added: French language. (Thanx Kuthz)
  - Added: Swedish language. (Thanx Slite)
  - Added: Ignoring of MAILER-DAEMON type emails for Vacation.
  - Fixed: Minor issues regarding mail().
  - Fixed: Minor issues regarding crypt().
  - Fixed: Strip issue of email address for Vacation.


Version 2.0.2  -- 2004/01/06
----------------------------
  - Added: German language. (Thanx Tobias)
  - Added: Spanish language. (Thanx Alvaro)
  - Fixed: The body was not included using sendmail.php.
  - Fixed: Undefined variables.
  - Fixed: Minor HTML cleanup.


Version 2.0.1  -- 2004/01/04
----------------------------
  - Fixed: The language variable caused a problem on some systems.


Version 2.0.0  -- 2004/01/03
----------------------------
  - Added: The ability for one domain admin to maintain multiple domains.
  - Added: Domain to domain forwarding.
  - Added: Mailboxes can now be activated or deactivated.
  - Added: Configurable welcome message for new mailboxes.
  - Added: Optional sending of welcome message.
  - Added: Create alias "To" defaults to current domain.
  - Added: Logging of admin / user actions.
  - Added: Limit for aliases and/or mailboxes per domain.
  - Added: Disable aliases and/or mailboxes per domain.
  - Added: Max quota per mailbox per domain.
  - Added: Multi-Language support.
  - Added: Statistics overview for all domains.
  - Added: User .forwarding for mailbox users.
  - Added: Logo for Postfix Admin (Thanx Andrew).
  - Added: Extra MySQL debugging capabilities.
  - Added: Clear text password support.
  - Added: PHP crypt() support.
  - Changed: Separated logic and SQL from content.
  - Changed: config.inc.php doesn't point to example.com anymore.
  - Changed: Virtual Vacation no longer requires procmail.
  - Changed: Complete re-write.


Version 1.5.4  -- 2003/06/16
----------------------------
  - Added: Option for "Back to".
  - Added: Option for Vacation module.
  - Added: Table declaration for the use of Quota in the INSTALL.TXT.
    This requires an additional local delivery agent.
    Quotas are not supported by Postfix!
  - Changed: The word "View" to "List".


Version 1.5.3  -- 2003/06/06
----------------------------
  - Fixed: Even more minor bugs in regards to declaration of variables.
    (Thanx Aquilante and Kyle_m)


Version 1.5.2  -- 2003/06/05
----------------------------
  - Fixed: Minor bugs in regards to declaration of variables.


Version 1.5.1  -- 2003/06/04
----------------------------
  - Added: Optional mailbox per domain directory structure. (Thanx Jim)
  - Added: Option to completely control the stored aliases. (Thanx Alex)
  - Changed: config.inc.php is renamed to config.inc.php.sample. (Thanx Alex)
  - Fixed: $PHP_SELF in config.inc.php and my_lib.php. (Thanx Jim)


Version 1.5.0  -- 2003/05/28
----------------------------
  - Added: Support for "Back to Main Site"
  - Added: config.inc.php as the main configuration file.
  - Added: Drop down box for domain selection when adding a new admin.
  - Added: Resend of test email to newly created mailbox.
  - Added: Mailbox and Aliases count for domainview.
  - Added: Change description of domain without deleting the complete
    domain.
  - Added: Change name of mailbox user without deleting the mailbox.
  - Added: Expire headers for unnecessary reloads. (Thanx Alex)
  - Fixed: Code clean up.
  - Fixed: Minor bugs and cosmetic fixes.
  - Fixed: Modified check_string() to check numbers and returns false if not
    matched. (Thanx btaber)
  - Fixed: Correct session handling in login.php (Thanx Yen-Wei Liu)
  - Fixed: Correct deletion of RFC822 email addresses. (Thanx Yen-Wei Liu)
  - Removed: Completely removed the site_lib.php.
  - Removed: my_lib.php from the admin directory.
  - Removed: Symlink to index.php.


Version 1.4.0  -- 2003/04/07
----------------------------
  - Added: When deleting a domain, all aliases and mailboxes for that domain
    are also deleted from the database.
  - Added: Add standard aliases for every domain that is created.
    These aliases can point to the main "local" administrator.
    The aliases are configured in the config.php in the admin directory.
  - Changed: The layout of my_lib.php and site_lib.php have been changed.
  - Changed: Modifying an alias is now done with TEXTAREA for more
    flexibility.
  - Fixed: Minor bugs and cosmetic fixes.


Version 1.3.8a -- 2003/03/31
----------------------------
  - Fixed: After deletion of a domain it would not return to the correct page.


Version 1.3.8  -- 2003/03/25
----------------------------
  - Added: Admin password change. No longer needed to delete and re-enter
    the admin user for a specific domain.


Version 1.3.7  -- 2002/12/24
----------------------------
  - Initial public release of Postfix Admin.


# vim: set expandtab softtabstop=2 tabstop=2 shiftwidth=2: