They make much of the gear that goes into giant data centers. Demand for their products is shifting the balance of tech power.

© I-Hwa Cheng/Agence France-Presse — Getty Images

• May 10, 2026
  roundcube upgraded to v. 1.7.1 (security release)
• May 14, 2026
  - dovecot upgraded to v. 2.4.4
• May 10, 2026
  roundcube upgraded to v. 1.7.0
• Apr 7, 2026
  - qmail v. 2026.04.07
• Mar 30, 2026
  - dovecot 2.4.3 released
• Mar 4, 2026
  - clamav upgraded to v 1.5.2
• Feb 11, 2026
  - vpopmail upgraded to v. 5.6.13
  - vqadmin upgraded to v. 2.4.6
• Feb 8, 2026
  - vpopmail upgraded to v. 5.6.12
  - roundcube update to v. 16.13
• Feb 3, 2026
  - qmail upgrade
• Jan 31, 2025
  - vqadmin upgraded to v 2.4.5
• Jan 8, 2026
  - qmail upgraded to v2026.01.08
• Dec 14, 2025
  - roundcube upgraded to version 1.6.12
• Nov 28, 2025
  - qmailadmin upgraded to v1.2.27
• Nov 26, 2025
  - ezmlm-idx moved to my git space. Patched to compile with modern compilers. Fixed mysql documentation.
• Nov 22, 2025
  - dovecot: quota driver switched to 'count'
  - vpopmail upgraded to v.5.6.11
• Nov 8, 2025
  - qmailadmin upgraded to v 1.2.26
  - log file modified accordingly in fail2ban filter
• Oct 30, 2025
  - vpopmail updated to v. 5.6.10
  - dovecot ugraded to v. 2.4.2
  - dovecot-pigeonhole ugraded to v. 2.4.2
• Oct 22, 2025
  - qmailadmin updated to v 1.2.25
• Oct 18, 2025
  - clamav upgraded to v 1.5.1
• Oct 11, 2025
  - clamav upgraded to v 1.5.0. A recent version of rust is needed (successfully using 1.88 here). Just reinstall as explained below. No particular change is needed in the config files.
• 3 ottobre 2025:
  - Aggiunta la sezione Data Query Service nella pagina relativa a RBL, che risolve il problema del ban di spamhaus da connessioni fatte con DNS pubblico.
• Sep 30, 2025
  - daemontools v0.82: Fixed crash in multilog caused by invalid buffer access when read() returned -1
• Sep 8, 2025
  - daemontools v. 0.81 compiles with latest gcc 15.2
  - qmail updated to v. 2025.09.08
• Sep 1, 2025
  vpopmail v5.6.9
  - added -std=gnu17 to gain compatibility with gcc-15 (PR #6)
  - pw_clear_passwd field enlarged to varchar(128) to create room for long passwords (tx Ricardo Brisighelli) c54688d
• Aug 31, 2025
  - upgraded ucspi-tcp6 and ucspi-ssl to v. 0.13.5
• Aug 19, 2025
  - netqmail-1.07.1: now compiles with gcc 15.2
• Aug 18, 2025
  spamassassin's bayesian filter: improved the "Training Bayes" section
• Jul 10, 2025 qmail update
  - Authentication-Results: header support (Andreas Gerstlauer)
  - DKIM: added ERROR_FD=2 in control/filterargs to send error output of qmail-dkim in stderr when acting as a qmail-remote filter (Andreas Gerstlauer)
  - improved qmail-dkim error reporting when signing outgoing messages (Andreas Gerstlauer)
  - helodnscheck.cpp: qmail dir determined dinamically
  - qmHandle: Add -x and -X parametr for remove email by To/Cc/Bcc (by Stetinac)
• Jun 9, 2025 qmail v.2025.06.09
  - CRLF fix for fastremote-3 patch (thanks Andreas Gerstlauer)
  - Bug fix to the greetdelay program (thanks Andreas Gerstlauer): qmail-smtpd crashes if SMTPD_GREETDELAY is defined with no DROP_PRE_GREET defined.
• Jun 04, 2025
  - roundcube updated to v. 1.6.11
  - simscan updated to v. 1.4.6
• Apr 19, 2025
  - sauserprefs upgraded to v. 1.20.2
• Apr 18, 2025
  - qmail v2025.04.18: added script config-all.sh to automate the qmail core configuration (testing)
• Apr 19, 2025
  - sauserprefs upgraded to v. 1.20.2
• 4 aprile 2025
  - pubblicata una pagina con l'illustrazione del funzionamento di qmail, per quanto riguarda la configurazione suggerita in questa guida
• Mar 29, 2025
  - dovecot and dovecot-pigeonhole updated to v. 2.4.1-4
  - vpopmail updated to v. 2.6.8 (have a look at the release notes)
• Mar 23, 2025 (v. 5.6.7)
  - bug fix in vpopmaild.c: Crypted[64] enlarged to Crypted[128] to make room for SHA-512 passwords. This restores the usability of the RoundCube's 'password' plugin (commit)
  - fixed quota calculation in sql procedures for dovecot (tx Hakan Cakiroglu) (commit)
  - minor changes to the usage function of vmakedotqmail.c (commit)
• Mar 19, 2025 daemontools version 0.79
  This version does not add new features nor corrects bugs. It's just a reorganizations of the files in the source dir
  - daemontools will be installed in /var/qmail/daemontools
  - Moved 'package' and 'src' to the top dir
  - Version grabbed from 'VERSION' in package/upgrade
• Mar 17, 2025
  - added a patch to qmail-spp greylisting plugin to solve a compilation break on rocky 8 (tx Shailendra Shukla)
• Mar 15, 2025
  -dovecot config: added quota warning messages handling
• Mar 12, 2025
  - autorespond v 2.0.9: bug fix in memory allocation which caused a segfault when To: address has be used (tx Stephan for the hint)
• Mar 9, 2025
  - dovecot: fixed quota calculation in sql queries (tx Hakan Cakiroglu)
  - Roundcube recognizes unlimited quota
• Mar 5, 2025
  - solr upgraded to v. 9.8.0
• Feb 22, 2025
  - Dovecot: Bug fix in 90-sieve.conf: global script to move spam into Junk now working
  - Let’s Encrypt have announced that they will end their free alerting service. Added a script to do the same internally.
• Feb 15, 2025
  - vpopmail upgraded to v. 5.6.6. bug fix: pwstr.h was not installed by Makefile (tx Bai Borko)
• Fedb 11, 2025
  qmail v. 2025.02.11
  - Several adjustments to get freeBSD and netBSD compatibility. More info in the commit history. Hints/comments are welcome.
  - freeBSD users have to comment out the "LIBRESOLV" variable from the very beginning of the Makefile, as libresolv.so in not needed on freeBSD.
  - Dropped files install-big.c, idedit.c and BIN.* files.
  - Dropped files byte_diff.c, str_cpy.c, str_diff.c, str_diffn.c and str_len.c, which break compilation on clang and can be replaced by the functions shipped by the compiler (tx notqmail).
  - Old documentation moved to the "doc" dir. install.c and hier.c modified accordingly
  - conf-cc and conf-ld now have -L/usr/local/lib and -I/usr/local/include to look for srs2 library
  - conf-cc and conf-ld now have -L/usr/pkg/lib and -I/usr/pkg/include to satisfy netBSD
  - vpopmail-dir.sh: minor correction to vpopmail dir existence check
  - srs.c: #include <srs2.h> now without path
• Feb 9, 2025
  - some packages updated to compile on FreeBSD/clang: daemontools, vpopmail, autorespond, qmailadmin
  - roundcube updated to v. 1.6.10
• Jan 30, 2025
  - dovecot and dovecot-pigeonhole updated to v. 2.4.0
• Dec 31, 2024
  the default driver for the Roundcube password plugin is now sql, as vpopmaild doesn't work when SHA-512 passwords have been enabled on vpopmail (--disable-sha512-passwords). All SQL queries have been updated.
• Dec 20, 2024
  vpopmail upgraded to v. 5.6.4
  - Password strength enforcement PR #5 (grabbed from Matt Brookings' 5.5.0-dev version)
  - Dropped min pwd length feature.
  - vmysql.h: tables' layout changed in order to have VARCHAR instead of CHAR. Fields containing ip addresses enlarged to VARCHAR(39), to create room for ipv6. Unix timestamps definition changed from BIGINT(20) to INT(11). (commit 44bad58) Have a look to the upgrade notes below.
• Dec 06, 2024
  - vqadmin v. 2.4.3: added a patch to highlight users with restrictions and with admin privileges (thanks Bai Borko)
• Dec 01, 2024 (More info here)
  qmail v2024.12.01
  - Added support for EAI (RFC 5336 SMTP Email Address Internationalization) (#13). Thanks to https://github.com/arnt/qmail-smtputf8/tree/smtputf8-tls.
  - chkuser is now smtputf8 compliant. It accepts utf8 characters in sender and recipient addresses provided that the remote server advertises the SMTPUTF8 verb in MAIL FROM, otherwise it allows only ASCII characters plus additional chars from the CHKUSER_ALLOWED_CHARS set. (#15 #16)
  * dropped variables CHKUSER_ALLOW_SENDER_CHAR_xx CHKUSER_ALLOW_RCPT_CHAR_xx (replaced by CHKUSER_ALLOWED_CHARS)
  * dropped variables CHKUSER_ALLOW_SENDER_SRS and CHKUSER_ALLOW_RCPT_SRS, as we are always accepting '+' and '#' characters
  * added variables CHKUSER_INVALID_UTF8_CHARS and CHKUSER_ALLOWED_CHARS
• Nov 15, 2024
  - dovecot: added a postlogin script to update the vpopmail.lastauth SQL table on login (see 10-master.conf, thanks kengheng)
• Oct 26, 2024
  - qmail upgraded to v. 2024.10.26
  * qmail-remote.c patched to dinamically touch control/notlshosts/<fqdn> if control/notlshosts_auto contains any number greater than 0 in order to skip the TLS connection for remote servers with an obsolete TLS version. (tx Alexandre Fonceca) (commit)
  * defined CHKUSER_DISABLE_VARIABLE "RELAYCLIENT" in chkuser_settings.h
  * enabled CHKUSER_SENDER_NOCHECK_VARIABLE "RELAYCLIENT" in chkuser_settings.h
  * fixed several compilation breaks/warnings on later gcc compilers (tx Pablo Murillo)
  * invalid auth fix in qmail-smtpd.c's smtp_auth function (tx Alexandre Fonceca for the advice) (commit)
  * qmail path determined dinamically in conf-policy
  * added a patch to remove chkuser and the vpopmail dependency (patches dir)
• Oct 19, 2024 
  vpopmail v.5.6.3
  - bug fixed: passwords with length > 8 were denied if sha-512 was disabled
  - fixed a configure break where a trivial C test program exits on error with gcc-14.1 due to missing headers
  - vusaged/domain.c: fixed -Wimplicit-function-declaration compilation warning
  - vmysql.h: dropped the multicolumn PRIMARY KEY in valias table to allow multiple forwards for a given alias.
• Oct 9, 2024
  - daemontools-0.78.2: added -ltr to conf-ld to restore compatibility with systems with glibc prior to v. 2.17 like RHEL6/CentOS6, where the librt.so library is not linked
• Sep 22, 2024
  -fehqlibs updated to v. 25c
  -ucspi-tcp6 updated to v. 1.13.01
  -ucspi-ssl updated to v. 0.13.02
• Sep 7, 2024
  - daemontools-0.78: fixed a .gitignore issue which was preventing the package/compile script upload (thanks Ivelin Topalov)
  - RC updated to v. 1.6.9
  - clamav updated to v. 1.4.1
  - qmailadmin upgraded to v. 1.2.23 (tx Nathanaël Semhoun)
  * Added support for qmail-autoresponder
  * Fixed load lang not retrieved
• Aug 16, 2024
  - upgraded dovecot to v. 2.3.21.1
  - upgraded pigeonhole to v. 0.5.21.1
• Jul 31, 2024
  multilog uses "d" flag as default to gain compatibility with the readable datetime format of multilog in daemontools-0.78. Change it with the "t" flag if you prefer to have timestamps.
• Jul 29, 2024 (version 0.78)
  - multilog prints a readable datetime if used with "d" flag, it prints timestamps if used in the usual way with the "t" flag (80f2133)
  - fixed several compilation warnings and/or breaks on gcc-14.1
• Jul 26, 2024
  vqadmin (version 2.4.1): Fixed configure break. Trivial C test program breaks on gcc-14.1 due to missing headers (commit)
• July 17, 2024
  qmailadmin updated to v.1.2.22
  * owner no longer required in autorespond
  * template.c code optimization
• July 15, 2024
  simscan 1.4.4 released: attachment size limit to be passed to spamassassin now handled by the size_limit variable in control/simcontrol, instead of the control/simsizelimit file.
• Jun 8, 2024
  qmail patch upgraded to v. 2024.06.08:
  * conf-channels: default number of channels increased to 4 (was 2). Now qmail offers 2 additional channels with respect to the 2 offered by default (local and remote). More info here
  * maxrcpt: error code changed to 452 due to RFC 4.5.3.1 (was 553). If DISABLE_MAXRCPT is defined it skips the check, otherwise outgoing messages from mailing lists would be rejected. (commit)
• Jun 7, 2024
  - vusaged: the header files of libev are now installed in /usr/local/include/libev (was /usr/local/include) to avoid conflicts with libevent (they both have an event.h header file). vusaged configure command was adjusted accordingly.
• Jun 1, 2024
  - clamav upgraded to v. 1.3.1
• May 26, 2024
  - Added Mailman installation howto
  - qmail patch upgraded to v. 2024.05.16 (changelog)
  - Roundcube upgraded to 1.6.7 (security fix)
  - Spamassassin upgraded to v. 4.0.1
  - Spamassassin: Razor-agents upgraded to v. 2.86 (fork of the original (dead?) project)
• Mar 27, 2024
  qmailadmin updated to v. 1.2.21
• Mar 4, 2024
  - Solr updated to v. 9.5.0
  - the documentation has been revised a bit
• Feb 12, 2024 qmail update
  - DKIM patch upgraded to v. 1.48
  * fixed minor bug using filterargs for local deliveries (commit)
  - Fixed several compilation warnings (commit)
  - Fixed incompatible redeclaration of library function 'log2' in qmail-send.c qsutil.c as showed by notqmail friends here
  - removed FILES, shar target from Makefile
• Feb 11, 2024
  clamav updated to v. 1.3.0
• Feb 6, 2024
  qmail: DKIM patch upgraded to v. 1.47
  * fixed a bug which was preventing filterargs' wildcards to work properly on sender domain
• Jan 27, 2024
  simscan upgraded to v 1.4.3: fixed several compilation and autotools warnings
• Jan 21, 2024
  - qmail: liberal-lf: bare LF are no longer allowed by default due to smuggling vulnerability CVE-2023-51765. Bare LF can be allowed by defining ALLOW_BARELF in tcprules or in run file.
  - tcprules moved to /var/qmail/control
• Jan 15, 2024
  qmail update:
  - TLS patch by F. Vermeulen upgraded to version 20231230 (more info at https://inoa.net/qmail-tls/ tx Greg Bell for the patch)
  * support to openssl 3.0.11
• Jan 11, 2024
  - qmail: dkim patch upgraded to version 1.46
• Jan 4, 2024
  qmail patch: DKIM patch upgraded to v. 1.44
  - fixed an issue with filterargs where spawn-filter is trying to execute remote:env xxxxx.... dk-filter. This issue happens when FILTERARGS environment variable is not defined in the qmail-send rc script.
  - dkim.c fix: https://notes.sagredo.eu/en/qmail-notes-185/configuring-dkim-for-qmail-92.html#comment3668 
  - dkfilter fix: correctly selects the domain to sign in case of sieve bounces
  - adjustments fo dk-filter and dknewkey man pages
• Dec 30, 2023
  - spamassassin/DMARC filter: now DMARC_REJECT is not hit if SPF_HELO_PASS is true
• Dec 26, 2023
  - qmailadmin upgraded to v1.2.18
  - Pyzor installed from github, as version 1.0.0 is not python3 compliant (thanks Mike)
• Dec 11, 2023
  qmail, vpopmail, daemontools, qmailadmin, simscan and vqadmin source code moved to github
• Nov 20, 2023
  -qmail patch updated. dkim:
  * The patch now by default excludes X-Arc-Authentication-Results
  * dkim can additionally use the environment variable EXCLUDE_DKIMSIGN to include colon separated list of headers to be excluded from signing (just like qmail-dkim). If -X option is used with dk-filter, it overrides the value of EXCLUDE_DKIMSIGN.
• Nov 5., 2023
  -bug fix: vpopmail defaultdelivery patch: it won't create the .qmail file in case control/defaultdelivery already has vdelivermail, in order to prevent a vpopmail loop
  -qmailforward RC plugin: it won't create the copy record if $config['qmailforward_defaultdelivery'] contains 'vdelivermail'
• Oct 13, 2023
  - vpopmail: added "s/qmail cdb" patch, which gets vpopmail to locate correctly the qmail assign.cdb for s/qmail users. s/qmail users should configure vpopmail with --enable-sqmail-cdb
• Oct 6, 2023
  - clamav updated to v. 1.2.0
• Sep 26, 2023
  new qmail combined patch:
  -surblfilter logs the rejected URL in the qmail-smtpd log. It can now inspect both http and https URLs.
  -Improvements in man dkim.9, qmail-dkim.9 and surblfilter.9
• Sep 17, 2023
  - dovecot upgraded to v 2.3.21
  - pigeonhole upgraded to v 0.5.21
• Sep 14, 2023
  - simscan now defines the maximum size of messages to be passed to spamassassin via control/simsizelimit file
• Sep 5, 2023
  -new qmail patch and DKIM patch upgraded to v. 1.42
  *dk-filter.sh: "source $envfn" has been replaced with ". $envfn" in oder to work for pure bourne shells
  *minor corrections to the man pages
  -vpopmail: changed configuration option --enable-logging=e (was p). Now failed attempts will be logged with no password shown.
• Sep 3, 2023
  -daemontools: Buffer Overflow fixed in timestamp.c (patch multilog-readable_datetime, Ubuntu 22.04). It was causing empty log files everywhere. (thanks Bai Borko and KPC)
• Aug 27, 2023
  - nuova patch per vpopmail e nuovo plugin qmailforward per Roundcube che vanno a risolvere diverse problematiche. Maggiori informazioni nella pagina dedicata..
• Aug 20, 2023 (diff)
  -qmail combined patch: install a sample control/smtpplugins file in case it does not exist yet, to avoid "unable to read control" crash.
• Aug 17, 2023
  - helodnscheck:
  * C++ version (testing).
  * bug fix: segfault in case of no result in DNS record.
  * default action changed to GNLR
• 5 agosto 2023
  L'installzione del certificato Let's Encrypt è ora basata su dehydrated. La vecchia documentazione basata su certbot non verrà più aggiornata.
• Jul 18, 2023
  vqadmin: patch updated
  - Italian translation file html/it updated, following the patch by Ali Erturk TURKER
  - the vqadmin source directory has been cleaned of unnececessary files
• Jul 15, 2023
  - fail2ban: l'installazione e la configurazione è stata rivista per funzionare su Debian, dove python2 non è presente (grazie a Gabriel Torres)
• Jun 30, 2023
  -daemontools: added my multilog-readable_datetime patch which replace the timestamp in the log lines with a human readable datetime. Do not install it if you prefer to stick with the timestamp.
  -if you install this patch you have to download again the convert-multilog program. In case you decide to stick with the original timestamp, then use the original convert-multilog. (diff)
  -qmail combiend patch: DKIM patch upgraded to v. 1.41
  *dknewkey will allow domains in control/domainkey
  *Made a few adjustments to the man pages and dkimsign.cpp for DKIMDOMAIN to work with qmail-smtpd (in case some configures qmail-smtpd to sign instead of the usual dk-filter/qmail-remote)
  -The broken link based on pobox.com in the default SPF error explanation was changed to https://mxtoolbox.com/SuperTool.aspx?action=spf
• Jun 25, 2023
  - Spamassassin: The ExtractText notes have been revised and corrected by Gabriel Torres
• Jun 18, 2023
  * qmail combined patch (diff)
  -vpopmail uid and gid are determined dinamically instead of assigning 89:89 ids by default
  -vpopmail install directory determined dinamically (was /home/vpopmail). Now the variable in the conf-cc file is determined as well.
  Feel free to post any issue in the comments as I'm not sure that /bin/sh will work in all Linux.
  * qmail run scripts:
  -defined the variable QMAILDIR in all run scripts in order to manage installations of qmail in directories different from default /var/qmail
  -/home/vpopmail is now ~vpopmail in order to manage installations of vpopmail in directories different from default /home/vpopmail
  -defined the variable TCPRULES_DIR on top of all run scripts
• May 18, 2023
  -certbot/letsencrypt: added the option --key-type rsa to the certbot command, to avoid that certbot will silently default to ECDSA the private key format, which results not understandable by my openssl-1.1. In this way the format of the private key will be RSA. More info here.
• May 17, 2023
  -SURBL: Top level domains URL is changed. So we have to adjust the update_tlds.sh script accordingly
• Apr, 26, 2023
  -new combined patch and dkim patch updated to v. 1.40
  -qmail-dkim uses CUSTOM_ERR_FD as file descriptor for errors (more info here)
• Apr 25, 2023
  - qmailadmin cracklib patch: bug fix in qmailadmin/passwd: it was changing the password also in case of cracklib alert (tx Alexandre Fonseca)
  - new qmailadmin combined patch released
• Mar 27, 2023
  qmail combined patch (diff here)
  -chkuser.c: double hyphens "--" are now allowed also in the rcpt email (tx Ali Erturk TURKER)
  -chkuser_settings.h CHKUSER_SENDER_NOCHECK_VARIABLE commented out. Sender check is now enabled also for RELAYCLIENT
  -removed a couple of redundant log lines caused by qmail-smtpd-logging
• Mar 18, 2023
  - new qmail combined patch
  * bugfix in dkimverify.cpp: now it checks if k= tag is missing (tx Raisa for providing detailed info)
  * redundant esmtp-size patch removed, as the SIZE check is already done by the qmail-authentication patch (tx Ali Erturk TURKER) diff here
• Mar 14, 2023
  - qmail combined patch: the split_str function in dknewkey was modified in order to work on debian 11 (tx J)
• Mar 12, 2023
  - qmail patch updated: the mail headers will change from "ESMTPA" to "ESMTPSA" when the user is authenticated via starttls/smtps (tx Ali Erturk TURKER)
  diff here
• Mar 1, 2023
  - qmail combined patch updated: added qmail-fastremote patch (tx Ali Erturk TURKER for the advise). qmail-remote CRLF removed (replaced by fastremote)
• Feb 27, 2023
  - qmail combined patch updated: now qmail-remote is rfc2821 compliant even for implicit TLS (SMTPS) connections (tx Ali Erturk TURKER)
• Feb 24, 2023
  - qmail combined patch updated: several missing references to control/badmailto and control/badmailtonorelay files were corrected to control/badrcptto and control/badrcpttonorelay (tx Ali Erturk TURKER) diff here
• Feb 20, 2023
  - qmail combined patch updated
  ---- dkim patch upgraded to v. 1.37
  ------ ed25519 support​ (RFC 8463)
  ------ old yahoo's domainkeys stuff removed (no longer need the libdomainkeys.a library)
• Feb 18, 2023
  -vpopmail: added a patch by Ali Erturk TURKER which fixes several issues
  -vqadmin: added a patch by Ali Erturk TURKER which, among the other things, makes vqadmin aware of mysql-limits
• Feb 10, 2023
  -dovecot: added a patch to restore the old vpopmail-auth driver (tx Ali Erturk TURKER)
• Jan 31,2023
  -bug fix in qmail-smtpd.c. 4096 bit RSA key cannot be open (tx Ali Erturk TURKER)
• Jan 4, 2023
  -Solr upgraded to version 9.1.0
  -The SOlr page has been improved as far as configuration, security and testing are concerned
• Jan 1, 2023
  -ClamAV upgraded to version 1.0.0
  -new qmail combined patch released. Bug fix in dk-filter. It was calling a non existent function (tx Andreas).
• Dic 17, 2022
  -qmail combined patch release
  * chkuser receipt check won't be disabled for RELAYCLIENT
  * CHKUSER_DISABLE_VARIABLE commented out from chkuser_settings.h
• Nov 20, 2022
  -switched all actions to nftables, as it has now replaced iptables and fail2ban has support for it.
• Nov 18, 2022
  -fail2ban upgraded to v. 1.0.2
• Oct 28, 2022:
  added a note on how to avoid being cutoff by spamhaus (tx Marco Varanda)
• 2022.10.02
  -dkim patch updated to v. 1.30 and new qmail combined patch released
  * bug fix: it was returning an error in case of domains with no key.
• Sep 29, 2022
  -bug fixed in the domainkey script: it wasn't creating the symbolic link of the selector name to the private key in case of a custom selector defined in the file control/dkimkeys
  Sep 28, 2022
  -qmail combined patch updated with new dkim patch v. 1.29. More info here
  -Roundcube webmail updated to v. 1.6.0
• Aug 12, 2022
  -dovecot: improved the sql stuff in case of --disable-many-domains (tx kengheng).
  -dovecot-pwd_query patch for vpopmail: added a procedure for the user_query (needed for dovecot/LDA)
  -dovecot-pwd_query patch for vpopmail renamed to dovecot-sql-procedures
  -combined patch for vpopmail updated
• Aug 08, 2022
  -qmailctl script improved. Now the script exits if services are not started with svscanboot or a supervise script is missing
  -roundcube/password plugin: the cracklib patch has been improved. Now it can retrieve the correct cracklib-check path
• Jul 28, 2022
  -The Roundcube plugins' page has been revised and polished. A couple of plugins have been added.
• May 22, 2022
  qmail patch: "qmail-smtpd pid, qp log" patch (http://iain.cx/qmail/patches.html#smtpd_pidqp) removed, as its log informations are already contained in the qlogreceived line. (diff)
  -improved a couple of read_failed error messages
• May 12, 2022
  -clamav: updated to v. 0.105
  -qmailctl: a few modifications to avoid error strings in the service uptime when service is stopped. qmail-smtpsd was added to svclist
  -qmail-smtpsd support added
• Apr 22, 2022
  -dovecot: added Solr support
• Apr 17, 2022
  -dovecot/auth-sql.conf.ext: changed the userdb lookup for LDA from static to sql, as the home dir was not retrieved correctly if positioned in a subfolder (i.e. domains/0/domainname).
• Apr 9, 2022
  qmailadmin: --enable-imageurl=/files is now --enable-imageurl=/qmailadmin/files (no need to have an alias on apache config). Added --disable-catchall, which is bad for spam. Tx Gabriel Torres
• Apr 01, 2022
  -qmailadmin: new combined patch. It now logs to stderr when qma-auth.log file can't be opened in write mode. It was returning a white screen
• Mar 17, 2022
  -vpopmail: new combiend patch: fixed a compilation break in vmysql.c with Debian 11 / gcc-10
• Feb 26, 2022
  -added REJECTNULLSENDERS environment variable (diff)
• Feb 18, 2022
  -fail2ban: added a couple of new rules to the qmail-smtpd.conf filter
• Feb 13, 2022
  -fixed a TLS Renegotiation DoS vulnerability. Disabled all renegotiation in TLSv1.2 and earlier. (diff here)
• Feb 1, 2022
  -added a plugin to qmail to filter bad DNS HELOs (more info here)
  -Roundcube upgraded to v. 1.5.2
• Jan 17, 2022
  -new qmail combined patch (diff here):
  * now qmail-smtpd logs rejects when client tries to auth when auth is not allowed, or it's not allowed without TLS (a closed connection with no log at all appeared before).
  * added qmail-spp.o to the TARGET file so that it will be purged with "make clean".
• Dec 19, 2021
  -new qmail combined patch: added qmail-spp patch
• Oct 21, 2021
  roundcube updated to v. 1.5.0
• Sep 28, 2021
  clamav updated to v. 0.104. The new version installation is based on cmake (autotools abandoned)
• Sep 27, 2021
  -new qmail combined patch: now chkuser allows double hyphens "--" in the sender email, like in y--s.co.jp (diff here)
• Sep 8, 2021
  fail2ban updated to v. 0.11.2 and rc.fail2ban moved to /usr/local/bin/fail2banctl. The dovecot filter has been improved
• Sep 2, 2021
  -an issue in vusaged configure arised. I cured it with a patch, while Luca in the comments found a different solution.
• Aug 22, 2021
  -minor fix to qmail patch/qlog: now it logs the auth-type correctly (diff)
• Aug 15, 2021
  at the bottom of the qmail/testing page I added a note to the testssl script by Dirk Wetter, which allows you to inspect your SSL connection in detail.
• July 28, 2021
  simscan: my attachments-size-limit patch added. It allows you to overcome a limitation where simscan doesn't pass messages over 250k to spamassassin.
• July 16, 2021
  spamassassin: bayes_token.token database field changed to binary(5). It was char(5).
• Jul 12, 2021
  -spamassassin/userprefe: the "preference" varchar length in the database "userprefs" table was increased to 50 (was 30) to create space for long label such as  "bayes_auto_learn_threshold_spam", which resulted truncated before the modification.
• June 20, 2021
  -spamassassin: created a script to process the spam/ham for the learning and reporting system (more info here)
  -dovecot 15-mailboxes.conf: added mailboxes for the learning and reporting system
• June 19, 2021
  new qmail combined patch released
  -chkuser: defined extra allowed characters in sender/rcpt addresses and added the slash to the list (tx Thomas).
  -RSA key and DH parameters are created 4096 bit long also in Makefile-cert. qmail-smtpd.c and qmail-remote.c updated accordingly (tx Eric Broch).
  -Makefile-cert: the certs will be owned by vpopmail:vchkpw
• March 27, 2021
  - bug fixes in the vpopmail/defaultdelivery patch: increased the buffer for the .qmail-default file path, as in particular cases of long path/domain names it will result truncated. Fixed another bug where the .qmail.default file where opened twice.
  - now if vdelivermail is installed the "delete" option will be used instead of "bounce-no-mailbox", which is not reasonable anymore
• March 21, 2021
  qmail combined patch updated. update_tmprsadh.sh: RSA key and DH parameters increased to 4096 bits
• March 9, 2021
  vpopmail: the patch now installs the sql code needed for "one table per domain" (--disable-many-domains) in ~/vpopmail/etc/pwd-query_disable-many-domains.sql and creates the sql procedure if needed. Of course this add-on to vpopmail will be completely transparent when you compile with the default option --enable-many-domains
• Feb 26, 2021
  vpopmail: added a defaultdelivery patch, which makes vpopmail to copy your preferred delivery agent (stored in QMAILDIR/control/defauldelivery) into the .qmail-default file of any newly created domains, overriding the default vpopmail's behaiviour, where vpopmail copies its delivery agent vdelivermail.
  Feb 5, 2021
  - vpopmail: the patch has been improved. The sql-aliasdomains stuff is now done by means of the vpopmail's C programs and functions.
  Feb 3, 2021
  - vpopmail: new patch and script released.
  Just configure --enable-sql-aliasdomains (default) and forget. The dbtable will be created the first time you will create an aliasdomain.
• Jan 29, 2021
  - dovecot/auth-sql.conf.ext now uses the userdb's prefetch driver in order to perform one single query when doing the auth
  - dovecot/dovecot-sql.conf.ext has been modified to allow authentication both with real and alias domains, provided that you patched vpopmail accordingly. More info in this page.
  - vpopmail: sql-aliasdomains and combined patch released (new aliasdomains dbtable has to be created!)
• Jan 13, 2021
  - vpopmail/dovecot: added support for sql aliasdomains
• Gen 5, 2021
  - dovecot upgraded to v. 2.3.13 (vpopmail-auth removed by dovecot's developers)
  - pigeonhole upgraded to v. 0.5.13
• Gen 3, 2021
  - Roundcube: Upgraded to v. 1.4.10
  - Roundcube: disabled the SMTP authentication when sending messages via RC. SMTP port changed to 25.
• Gen 2, 2021
  - ucspi-tcp6: upgraded to latest version
  - fehQlibs have to be installed as a prerequisite of ucspi-tcp6
• Dec 4, 2020
  - combined patch for qmail updated to solve compatibility problems with new gcc-10
  - a patch was also released to get vpopmail compiled with gcc-10
  - Tony Fung suggested a script to expunge messages, which can be very useful in case you need to expunge differently depending on your mailboxes/domains.
• Nov 18, 2020
  spamassassin:
  - solved some priviledge problems with the reports of the RC's markasjunk plugin, which is going to write inside the log dir and read the razor's identity file.
  - moved all log files into /var/log/spamassassin (apache group now has +w priv). spamdctl and logrotate scripts modified accordingly
• 2020.10.30
  Clamav: added clamav-unofficial-sigs (tx Tony Fung for the suggestion). Updated clamdctl and freshclamctl scripts to allow the restart function, needed by clamav-unofficial-sigs script
• 2020.10.28
  modified the spamassassin's DMARC rule. Now it passes emails with one between DKIM and SPF valid, according to RFC7489 (thanks Marcel Veldhuizen and Iulian for the hints)
• 2020.10.08
  rcptcheck-overlimit.sh: bug fix (tx Tony Fung)
• 2020.09.02
  spamassassin/DMARC: corrected the askDNS rule as it was not triggering the reject in the event that only one of DKIM or SPF failed (tx A F)
• 2020.09.01
  qmailadmin: minor adjustments to the skin patch
• 2020.08.12
  dovecot: upgraded to v. 2.3.11.3
  dovecot-pigeonhole: upgraded to v. 0.5.11
• 2020.08.11
  Roundcube: upgrade to v. 1.4.8
• 2020.08.10
  - new qmailadmin skin/combined patch released:
  mod_user.html: added the "value" attribute to the name/gecos input tag (tx Pablo Murillo)
• 2020.08.04
  - simscan: upgraded to v. 1.4.1
• 2020.08.02
  - several clarifications in the simscan page;
  - revised the ripMIME installation as the dev version of the program is now downloaded from github, to solve complation breaks.
• 2020.07.29
  - new combined patch
  * dk-filter: corrected a bug where dk-filter was using DKIMDOMAIN unconditionally. Now it uses DKIMDOMAIN only if _SENDER is null (tx Manvendra Bhangui).
• 2020.07.27
  - new combined patch
  * added a fix for cve-2005-1513 (tx C for the hint)
• 2020.07.15 
  - spamassassin: added Razor2, Pyzor, Spamcop configuration
  - Roundcube/markasjunk plugin has now info about the cmd_learn and the multi_driver drivers
  (tx Gabriel Torres)
• 2020.07.03
  Roundcube/password plugin: added a patch to make it work in combination with cracklib, to enforce password strenght (tx Tony Fung)
• 2020.06.10
  Roundcube: upgrade to v. 1.4.5 
• 2020.05.22
  new qmailadmin skin/combined patch released
• 2020.05.05
  -qmailadmin
  * patched qmailadmin to provide a new responsive skin for the control panel.
  * combined patch released
• 2020.05.01
  -qmailadmin
  * added qmailadmin-cracklib patch to enforce password complexity
  * pwd-strenght patch removed
• 2020.04.25
  -combined patch updated
  * qmail-smtpd.c: added rcptcount = 0; in smtp_rset function to prevent the maxrcpto error if control/maxrcpt limit has been exceeded in multiple messages sent sequentially rather than in a single mail (tx Alexandre Fonceca)
• 2020.04.16
  - new combined patch: qmail-remote-logging patch added (more info here)
• 2020.04.10
  - new combined patch: DKIM patch updated to v. 1.28
  * outgoing messages from null sender ("<>") will be signed as well with the domain in env variable DKIMDOMAIN
  * declaring NODK env variable disables old domainkeys signature, while defining NODKIM disables DKIM.
• 2020.03.31
  - DKIM configuration: added UNSIGNED_SUBJECT variable to the run files, which can be useful to declare if one wants to allow messages without the sign of the subject (more info here)
  2020.03.19
  dovecot: added the autoexpunge setting in 15-mailbox.conf. The expunge via cronjob in not needed anymore
• 2020.02.26
  vqAdmin: fixed a problem which was preventing the patch to be applied (tx Marco Varanda)
• 2020.02.25
  dovecot: modified 10-master.conf to set up stats' service priviledges and correct an error which appeared in qmail-send
• 2020.02.11
  table spamassassin.txrep modified as the column "count" was renamed (tx Tony Fung).
• 2020.02.06
  queue-repair.py: applied a patch to make the program python3 compliant (tx Tony Fung)
• 2020.02.04
  dovecot-sql.conf.ext: adjusted the user_query string to get compatibility with mariadb-10.3 (tx Tony Fung)
• 2020.01.11
  - new combined patch: qmail-tls patch updated to v. 20200107
  * working client cert authentication with TLSv1.3
• 2019.12.12
  spamassassin: upgraded to v. 3.4.3
• 2019.12.08
  - big patch updated
  * qmail-smtpd.c: now TLS is defined before chkuser.h call, to avoid errors on closing the db connection (tx ChangHo.Na) 
  - domainkeys script improved: it now manages 2048 bit long key (tx Tatsuya Yokota)
• 2019.12.01
  dovecot: upgraded to v. 2.3.8
  dovecot-pigeonhole: upgraded to v. 0.5.8
  Roundcube: upgraded to v. 1.4.1 (mobile responsive skin released!)
  Roundcube plugins: updated
• 2019.09.18
  spamassassin: added a page concerning TxRep and another one concerning DMARC filter
• 2019.09.09
  dovecot: now the SQL user_query retrieves the quota as well (tx Alexandre Fonceca, more info here)
• 2019.08.07
  - a couple of adjustments to chkuser (tx Luca Franceschini, more info here)
  * BUG - since any other definition of starting_string ends up as "DOMAIN", if starting_string is otherwise defined, chkuser will be turned off.
  * CHKUSER_ENABLE_ALIAS_DEFAULT, CHKUSER_VAUTH_OPEN_CALL and CHKUSER_DISABLE_VARIABLE are now defined in chkuser_settings.h
  * Now CHKUSER_DISABLE_VARIABLE, CHKUSER_SENDER_NOCHECK_VARIABLE, CHKUSER_SENDER_FORMAT_NOCHECK, CHKUSER_RCPT_FORMAT_NOCHECK and CHKUSER_RCPT_MX_NOCHECK can be defined at runtime level as well.
• 2019.07.12
  - qmail-channels patch added
  more info here http://www.thesmbexchange.com/eng/qmail-channels_patch.html 
  - improved verbosity of die_read function in qmail-smtpd.c (qmail-smtpd: read failure). More info here.
• 2019.06.19
  - DKIM patch updated to v. 1.26
  * BUG - honor body length tag in verification
• 2019.05.24
  - qmail-tls patch updated to v. 20190517
  * bug: qmail-smtpd ssl_free before tls_out error string (K. Wheeler)
• 2019.05.23
  - DKIM patch updated to v. 1.25
  * SIGSEGV - when the txt data for domainkeys is very large exposed a bug in the way realloc() was used incorrectly.
  * On 32 bit systems, variable defined as time_t overflows. Now qmail-dkim will skip expiry check in such conditions.
• 2019.04.25
  * bug fixed on qmail-smtpd.c: it was selecting the wrong openssl version on line 2331 (tx ChangHo.Na)
  2019.04.09
  - qmail-tls patch updated to v. 20190408
  * make compatible with openssl 1.1.0 (Rolf Eike Beer, Dirk Engling, Alexander Hof)
  * compiler warnings on char * casts (Kai Peter)
• 2019.04.03
  - libdomainkeys patch updated (tx Manvendra Banghui)
• 2019.03.22
  - new combined patch: fixed a bug causing crashes of qmail-remote when using openssl-1.1 (tx Luca Franceschini)
• 2019.02.27
  - port to openssl-1.1
  - DKIM patch updated to v. 1.24
  * bug fix: restored signaturedomains/nosignaturedomains functionalities.
• 2019.02.26
  simscan: patch updated (tx Pablo Murillo)
  vQadmin: some adjustments into apache config and it's working again under apache-2.4 (tx Erald)
• 2019.02.01
  fail2ban upgraded to v. 0.10.4
• 2018.09.23
  spamassassin upgraded to v. 3.4.2
• 2018.08.25
  -DKIM patch updated to v. 1.23
  * fixed a bug where including round brackets in the From: field ouside the double quotes (From: "Name Surname (My Company)" <name.surname@company.com>) results in a DKIMContext structure invalid error (tx Mirko Buffoni).
  * qmail-dkim and dkim were issuing a failure for emails which had multiple signature with at least one good signature. Now qmail-dkim and dkim will issue a success if at least one good signature is found.
• 2018.08.23
  -logging patch updated to v. 5
  * fixed a bugin logit and logit2 functions where a RSET command and a subsequent brutal quit of the smtp conversation ^] by the client cause a segfault (tx Mirko Buffoni, more info here)
• 2018.08.02
  ezmlm-web: Ricardo Brisighelli sent me two patches which solves compilation breaks with gcc-7
• 2018.06.22
  -clamav updated to v. 0.100.0
• 2018.04.06
  -added a patch to daemontools to extend the log file size limit to 100MB (tx Sam Tang)
• 2018.04.04
  -qmailctl script updated (tx Sam Tang)
  * "qmailctl stat" now shows something like "0 days, 00 hours 16 mins"
  * can assign another service which related qmail for monitoring, like dovecot, clamd, freshclam...
  * change "up" and "down" to green and red color.
• 2018.04.03
  -DKIM patch updated to v. 1.22
  * openssl 1.1.0 port
  * various improvements, bug fixes
• 2018-03-21
  added a new page to explain how to install a letsencrypt certificate for qmail and dovecot here
• 2018-02-07
  clamav updated to v. 0.99.3 (bug fix, tx to Bob Greco) 
• 2018-01-10
  == combined patch updated
  -maildir++
  * fixed a bug where the filesize part of the S=<filesize> component of the Maildir++ compatible filename is wrong (tx MG). More info here and here.
  -qmail-queue-extra
  * removed, because it was causing more problems than advantages, as the domain of the log@yourdomain.tld had to match the system domain inside control/me and can't be a virtual domain as well.
  == dovecot: upgraded to v. 2.3.0
  == dovecot-pigeonhole: upgraded to v. 0.5.0.1 
• 2017-10-24
  new patch arrived (tx Luca Franceschini)
  -qlogfix (diff here)
  * log strings should terminate with \n to avoid trailing ^M using splogger
  * bug reporting custom errors from qmail-queue in qlog
  -added dnscname patch
  -added rcptcheck patch
  added rcptcheck-overlimit.sh (tx Luca Franceschini)
  added a page about rcptcheck-overlimit.sh usage
• 2017-09-05
  Roundcube upgraded to v. 1.3.1. The enigma plugin requires Crypt_GPG-1.6.2
• 2017-08-24
  -fail2ban: the qmail-smtpd.conf filter has been simplyfied and is now based on the "qlogenvelope" lines 
• 2017-08-18
  -combined patch updated: qmail-smtpd now retains authentication upon rset (tx to Andreas)
• 2017-07-05
  -roundcube upgraded to v. 1.3.0
• 2017-05-14
• Combined patch updated:
  DKIM patch updated to v. 1.20
  It now manages long TXT records, avoiding the rejection of some hotmail.com messages.
• 2017-03-02
  -ucspi-tcp6 upgraded to v. 1.04 (some bug fixes http://www.fehcom.de/ipnet/ucspi-tcp6.html)
• 2016-12-19
  -Several new patches and improvements added (thanks to Luca Franceschini)
  More info here http://notes.sagredo.eu/node/178
• 2016-12-14
  simscan: bug fix and new combined patch (thanks to Bob Greco, more info here)
• 2016-12-02
  -fixed BUG in qmail-remote.c: in case of remote server who doesn't allow EHLO the response for an alternative
  HELO was checked twice, making the connection to die. (Thanks to Luca Franceschini)
  Patch applied: http://notes.sagredo.eu/files/qmail/patches/fix_sagredo_remotehelo.patch
• 2016-09-19
  -big patch updated: qmail-tls patch updated to v. 20160918
    * bug: qmail-remote accepting any dNSName, without checking that is matches (E. Surovegin)
    * bug: documentation regarding RSA and DH keys (K. Peter, G. A. Bofill)
• 2016-08-06
  qmailadmin: added the ezmlm-idx 7 compatibility patch
  2016-08-04
• ucspi-tcp6 upgraded to v. 1.02
• 2016-07-20
  -roundcube: added enigma plugin
• 2016-05-31
  -roundcube upgraded to v. 1.2.0. All plugins updated as well
• 2016-05-15
  -force-tls patch improved (a big thanks to Marcel Telka). Now qmail-smtpd avoids to write the auth verb if the
  the STARTTLS command was not sent by the client
• 2016-03-09
  -combined patch updated
  * dkim patch updated to v. 1.19: verification will not fail when a dkim signature does not include the subject provided that the  UNSIGNED_SUBJECT environment variable is declared. More info here.
• 2016-01-18
  -removed the line "DKIMKEY=/var/qmail/control/domainkeys/%/default" from the qmail rc config file, as DKIMKEY is actually ignored by dk-filter, which will look for the key in that location by default. Use DKIMSIGN instead to define yor domainkey location (thanks to Steffen for the hint)
• 2015-12-26
  qmail-tls updated to v. 20151215
  * typo in #if OPENSSL_VERSION_NUMBER for 2015-12-08 patch release (V. Smith)
  * add ECDH to qmail-smtpd
  * increase size of RSA and DH pregenerated keys to 2048 bits
  * qmail-smtpd sets RELAYCLIENT if relaying allowed by cert
  more info here 
  -roundcube upgraded to v. 1.1.4 (security fixes, more info here)
• 2015-12-15
  -DKIM patch updated to v. 1.18 (a big thank to Manvendra Bhangui for his kind support). More info here
  2015-11-23
  qmail-submission/run modified: SMTPAUTH="!" to enable the submission feature (auth required). Now incoming msg can be received only on standard 25 port 
• 2015-10-06
  -fail2ban upgraded to v. 0.9.3
• 2015-10-03
  -new combiend patch released: qmail-authentication updated to v. 0.8.3
• 2015-09-02
  dovecot: the user query on the auth is now able to manage pop3/imap/webmail vpopmail limits (thanks to Arturo Blanco)
• 2015-08-29
  vQadmin: combined patch released (more info inside the patch itself)
• 2015-08-08
  -fixed a bug on qmail-remote.c that was causing the sending of an additional ehlo greeting (thanks to Cristoph Grover)
• 2015-05-28
  qmailadmin: added a patch to log auth failures (thanks to Tony)
  fail2ban: added a filter against qmailadmin log failures
• 2015-05-03
  spamassassin: upgraded to v. 3.4.1
• 2015-04-25
  qmailadmin: added a patch to check for the password strenght
• 2015-04-11
  -combined patch updated: 
  --qmail-authentication: upgraded to v. 0.8.2
  --qmail-tls: upgraded to v. 20141216 (POODLE vulnerability fixed)
• 2015-03-28
  -combined patch updated: added qmail-empf patch
• 2015-02-25
  the home page graphic of qmailadmin has copyright issues as shown here (thanks to Marc for the hint)
• 2015-02-17
  roundcube: upgraded to v. 1.1.0. All plugins have been upgraded as well
• 2015-01-10
  roundcube: added carddav plugin
• 2014-11-20
  combined patch updated:
  -the SSLv3 connection upon the auth was switched off because of security reasons (thanks to Florian).
• 2014-11-15
  combined patch updated:
  -modified the QUEUE_EXTRA variable in extra.h to record the Message-ID in the qmail-send's log (thanks to Simone for the hint). Look here for details.
• 2014-11-08
  simscan has been improved with the jms patch. The work dir is mounted as a ramdisk now
• 2014-10-29
  fail2ban: qmail-smtp.conf filter updated to look for GREETDELAY lines
• 2014-10-14
  SSLv3 disabled on dovecot because of security reasons (more info here)
• 2014-10-14
  dovecot upgraded to v. 2.2.14
  dovecot-pigeonhole recompiled
• 2014-10-04
  dovecot upgraded to v. 2.2.14.rc1
  dovecot-pigeonhole upgraded to v. 0.4.3
  the global sieve folder was moved to /usr/local/dovecot/etc/sieve/
• 2014-09-29
  roundcube upgraded to v. 1.0.3.
  added a roundcube-auth filter to fail2ban
• 2014-08-26
  roundcube upgraded to v. 1.0.2. Fixed some errors in the relative page, as sometime the $config variable was still $rcmail_config as in the past, and all the config files are now merged into config.inc.php (thanks to Otto)
• 2014-08-24
  the log rotation of qmail is managed by the jms'  https://qmail.jms1.net/scripts/convert-multilog. Thanks to Marc for the suggestion
• 2014-08-18
  added a page concerning fail2ban setup
• 2014-05-13
  clamav upgraded to v. 0.98.3
  roundcube upgraded to v. 1.0.1
  ezmlm-idx upgraded to v. 7.2.2
  qmailadmin recompiled against ezmlm-idx-7.2.2
• 2014-05-03
  ezmlm-idx upgraded to v. 7.2.0
  Bruce Guenter has released a new version of ezmlm-idx, getting the program to be compliant with the Yahoo DMARC Policy Change. You have to recompile qmailadmin against ezmlm as well.
• 2014-04-14
  combined patch updated:
  -added qmail-maxrcpt patch, which allows you to set a limit on how many recipients are specified
• 2014-04-08
  roundcube upgraded to v. 1.0.0
• 2014-03-10
  combined patch updated:
  -added qmail-smtpd-liberal-lf patch, which allows qmail-smtpd to accept messages that are terminated with a single \n instead of the required \r\n sequence. This should avoid some "read failed" reject.
• 2014-02-14
  spamassassin upgraded to v. 3.4.0
• 2014-01-10
  roundcube upgraded to v. 1.0-rc. Plugins have been upgraded as well
• 2014-01-24
  ucspi-tcp6 upgraded to v. 1.00: fixed problems when compiling with C99 compilers
• 2013-12-30
  combined patch updated:
  -added qmail-SRS patch. You must install libsrs2 now.
  -the character "=" in the sender address is now considered valid by chkuser in order to accept SRS
• 2013-12-20
  combined patch update (more info here):
  -added qmail-date-localtime patch
  -added qmail-hide-ip patch
  -the original greetdelay by e.h. has been replaced with the improved patch by John Simpson. Now communications trying to send commands before the greeting will be closed. Premature disconnections will be logged as well. More info here
  -modified the configuration of qmail-smtpd and qmail-submission according to the new greetdelay patch
  -updated the page concerning greetdelay
  -CHKUSER_SENDER_FORMAT enabled to reject fake senders without any domain declared (like )
  -chkuser logging: I slightly modified the log line adding the variables' name just to facilitate its interpretation
  -added qmail-moreipme patch
  -added qmail-dnsbl patch (more info here)
  -added a page concerning qmail-dnsbl patch
• 2013-12-05
  added two patches to my combined patch to make qmail rfc2821 compliant
• 2013-11-23
  any-to-cname patch added to the combined patch
• 2013-10-30
  Added two contributions by Costel Balta:
  -how to avoid to be "cut off" from spamhaus.org (read here)
  -adding the foxhole db to clamav (on the bottom of the clamav page)
• 2013-09-27
  -DKIM patch upgraded to v. 1.17. Defined -DHAVE_SHA_256 while compiling dkimverify.cpp in the Makefile. This solved an issue while verifying signatures using sha256.
• 2013-09-16
  Minor fixes to the DKIM patch
• 2013-09-14
  -new combined patch released. The DKIM patch has been upgraded to v. 1.16; the signing at qmail-remote level has been revised by its author.
  -I added notes about qmail-remote signing in the DKIM page of this guide.
  -the domainkey program now gives ownership of the domainkey to qmailr, which runs qmail-remote
• 2013-08-25
  -qmail-qmqpc.c call to timeoutconn() needed a correction because the function signature was modified by the
   outgoingip patch. Thanks to Robbie Walker
   (diff file here http://notes.sagredo.eu/files/qmail/patches/qmail-qmqpc.diff)
• 2013-08-22
  ucspi-tcp6: upgraded to v. 0.99. The current version includes an hack by Manvendra Bhangui from indimail.org which gets tcpserver and qmail's spfcheck to be IPv4-mapped IPv6 addresses compliant, provided that you install his modified qmail-spf patch (my combined patch already has this adjustment to spf).
  Fot those interested, a few days ago Manvendra Bhangui released a package of patches including now not only DKIM and SURBL but also SPF and the entire qmail totally IPv6 compliant. The upgrade for me is not so straightforward, but I'm planning to have it in my big patch soon or later. For the moment you can play with it downloading from http://sourceforge.net/projects/indimail/files/netqmail-addons/qmail-dkim-1.0/
• 2013-08-21
  -big patch updated: fixed a bug in hier.c which caused the installation not to build properly the queue/todo dir structure (thanks to Scott Ramshaw)
• 2013-08-19
  -DKIM-SURBL patch by Manvendra Bhangui updated to v. 1.14
  -added a page about SURBL configuration
• 2013-08-12
  -DKIM patch upgraded to v. 1.12. The new patch adds surblfilter functionality.
  -added qmail-smtpd pid, qp log patch
• 2013-08-08
  -qmail-SPF modified by Manvendra Bhangui to make it IPv4-mapped IPv6 addresses compliant. In order to have it working with such addresses you have to patch tcpserver.c accordingly. You can use a patch fot ucspi-tcp6-0.98 by Manvendra Bhangui at http://notes.sagredo.eu/files/qmail/patches/tcpserver-ipv6mapped_ipv4.patch or wait for v. 0.99 relase of ucspi-tcp6
  -added outgoingip patch
  -added qmail-bounce patch
• 2013-05-20
  dovecot: upgraded to v. 2.2.2
  dovecot-pigeonhole: rebuilt
• 2013-05-18
  Roundcube: upgraded to v. 0.9.1
• 2013-05-09
  -dovecot-pigeonhole: upgraded to stable 0.4.0 version
• 2013-05-06
  -dovecot: upgraded to v. 2.2.1 The configuration has been modified to use the sql/mysql driver in place of the vpopmail one; the password is now sended in plain text
  -dovecot-pigeonhole: upgraded to latest development version
  -RoundCube: imap_auth_type has been set to NULL to send the password in plain text and make dovecot's auth happy
  -the dovecot's expunge shell script was simplyfied. Using the sql driver solved all issues of the old vpopmail backend related to the missing iteration feature.
• 2013-04-16
  Roundcube: upgraded to v. 0.9.0
  All rc plugins have been updated as well
• 2013-03-31
  new combined patch: qmail-auth updated to latest v. 0.8.1 Added authentication by recipient domain for qmail-remote. Look at README.auth for further details
• 2013-02-11
  new combined patch: some code adjustments in qmail-smtpd.c smtpd_ehlo() to restore total compatibility with esmtp-size patch
• 2013.02.08
  new combined patch: qmail-auth has been updated to the latest v. 0.7.6. Look at README.auth for further details
  ucspi-tpc6: updated to v. 0.98
• 2013.01.28 new combined patch released: fixed an issue on qmail-pop3d which was causing a double +OK after the pass command (thanks to Rakesh, Orbit and Simplex for helping in testing and troubleshooting)
• 2013.01.27 ucspi-tpc6: updated to v. 0.97
• 2013.01.06 ucspi-tpc6 0.96 by E.Hoffmann replace the ucspi-tcp 0.88 by DJB. It provides IPv6 and rblsmtpd greetdelay support
  combined patch modified. The variable GREETDELAY was renamed to SMTPD_GREETDELAY just to avoid conflicts with the GREETDELAY variable inside rblsmtpd
  qmail-smtpd/run file modified accordingly
• 2012.11.14 Roundcube: upgraded to v. 0.8.4
• 2012.11.10 Roundcube: upgraded to v. 0.8.3. Autologon plugin: modified
• 2012-10-31 new combined patch: qmail-auth has been updated to the latest v. 0.7.5. Look at README.auth for further details
  The qmail-forcetls patch was simplyfied accordingly.
• 2012.10.25 vpopmail: upgraded to v. 5.4.33 (now marked as stable). Be aware that you have to recompile netqmail, qmailadmin and vqadmin as well.
  qmailadmin: upgraded to v. 1.2.16
• 2012.10.19 Roundcube: added context menu, autologon and logout_redirect plugins
• 2012.10.18 Roundcube: upgraded to v. 0.8.2
• 2012.10.11 dovecot: upgraded to v. 2.1.10
  dovecot-pigeonhole: upgraded to v.0.3.3
• 2012.10.10 fixed vQadmin 'invalid language' issue (see vQadmin page for details http://notes.sagredo.eu/it/node/57)
• 2012.09.19 ClamAV: upgraded to v. 0.97.6
• 2012.09.04 zipdownload Roundcube's plugin: modified to gain compatibility to v. 0.8.1 (thanks to taki)
• 2012.08.31 Roundcube: upgraded to v. 0.8.1
  dovecot: upgraded to v. 2.1.9
  dovecot-pigeonhole: recompiled
• 2012.08.11 Roundcube: upgraded to v. 0.8.0
• 2012.05.26 dovecot-pigeonhole: upgraded to v 0.3.1
• 2012.05.24 dovecot: upgraded to v. 2.1.6
• 2012-04-25 new combined patch: added qmail-remote CRLF (thanks to Pierre Lauriente for the help on testing and troubleshooting)
  The qmail-remote CRLF patch solved a problem of broken headers after sieve forwarding that was caused by a bad handling of the CR (carriage return) by qmail-remote. The issue is also reported here http://www.dt.e-technik.uni-dortmund.de/~ma/qmail-bugs.html
• 2012.04.16
  qmail-tap added to my combined patch
• 2012.03.03 dovecot: upgraded to v. 2.1.1
  The configuration files have been updated: the most important change was the location of auth_socket_path variable inside 10-mail.conf
• 2012.02.17 dovecot: upgraded to v. 2.1.0
  dovecot-pigeonhole: upgraded to v.0.3.0
• 2012.02.08: esmtp-size patch added to my combined patch
• 2012.01.29: New combined patch released: added doublebounce-trim patch
• 2012.01.21 Roundcube: updated to v. 0.7.1. All plugins have been updated to latest version as well.
• 2011.12.13 dnsbl.sorbs.org is not on my RBL examples anymore, as it proved to be a bad list. It's rejecting gmail's IPs and also confusing the IP of my own server as dynamic.
• 2011.12.12 New combined patch released.
  -modified update_tmprsadh to chown the .pem files to vpopmail to avoid hang-ups during the smtp conversation on port 587 caused by permission problems.
• 2011.10.06 New combined patch released.
  -fixed qmail-remote.c which was not going into tls on authentication (thanks to Krzysztof Gajdemski)
  -force-tls now quits if the starttls command is not provided when required (thanks to Jacekalex)
• 2011.09.30 Dovecot: upgraded to v. 2.0.15
  dovecot-pigeonhole: upgraded to v . 0.2.4
  ICU: upgraded to v. 4.8.1
• 2011.09.29 RoundCube: upgraded to v. 0.6. All plugins have been updated to latest version
• 2011.08.13 RoundCube: upgraded to v. 0.5.4 (security fix)
• 2011.07.27: Big patch updated. My force-tls patch allows the management of STARTTLS and CRAM-MD5 variables in the run file, so that there's no need to recompile each time anymore.
  I also added the "qmail-inject-null-sender" patch by Stéphane Cottin, which addresses a bug on qmail-inject
• 2011.07.23 The configuration of dovecot was updated to allow maildir++ (thanks to Nicolas) on files 90-quota.conf and 20-imap.conf
• 2011.07.15 The combined patch has been updated: an issue which caused the compilation's break down of qmail on 64b platforms has been fixed
• 2011.07.03 Added support for rblsmtpd. Added a page about the greetdelay patch.
• 2011.06.29 New combined patch released. Added ext-todo and big-todo patches, which adress the "silly qmail syndrome" on big servers.
• 2011.06.24 Spamassassin: updated to v. 3.3.2
• 2011.06.02 Roundcube: updated to v. 0.5.3 (2 important bug fixes)
• 2011.05.29 Dovecot: added a page concerning the purging of expired emails from Trash/Junk
• 2011.05.25 RoundCube: updated to v. 0.5.2. Updated almost all roundcube's plugin to latest version.
• 2011.05.17 Added Luca Morettoni's qmail-rblchk
• 2011.04.19 Dovecot-2.0.12 upgrade; dovecot-pigeonhole v.0.2.3 upgrade
• 2011.04.06 Vermulen's TLS patch updated (security fix, see http://www.kb.cert.org/vuls/id/555316).
  New qmail combined patch releasead.
• 2011.02.25 Added DKIM patch and related page

---------

• 2010.12.12 first release of this guide and related patch

Le SURBL sono liste di siti web che appaiono nel corpo della posta indesiderata. Diversamente dalla maggior parte delle liste non sono liste di indirizzi IP.

I siti web che appaiono nei messaggi di posta indesiderata tendono ad essere più stabili rispetto agli indirizzi IP in rapido cambiamento dei botnet che sono soliti inviare la maggior parte di questi messaggi. Le liste di IP come zen.spamhaus.org possono essere usate in un primo stadio di filtraggio per aiutare a identificare da circa l'80% al 90% dei messaggi di posta indesiderata. Le liste SURBL possono contribuire a eliminare il restante 75% della posta indesiderata in un successivo stadio di filtraggio. Usate insieme alle liste di IP (RBL), le SURBL risultano un metodo molto efficace per identificare fino al  95% della posta indesiderata.

Changelog

• Mar 29, 2026
  - aggiunta una nota sui control file
• Feb 17, 2026
  - added notes to testing section
• Sep 26, 2023
  -surblfilter logs the rejected URL in the qmail-smtpd log. It can now inspect both http and https URLs.
  -Improvements in man dkim.9, qmail-dkim.9 and surblfilter.9
• May 17, 2023
  -Top level domains URL is changed. So you have to adjust the update_tlds.sh script accordingly

Solr è un server di indicizzazione basato su Apache Lucene. Dovecot communica con esso attraverso delle query HTTP/XML. Il server di indicizzazione consente di fare ricerche di testo in modo veloce nelle mail, compreso il corpo dei messaggi.

• Scarica l'ultima versione: v. 9.10.1
• Documentazione ufficiale
• Documentazione di Solr FTS Engine per Dovecot

Changelog

• 8 febbraio 2026
  - upgrade alla versione 9.10.1
• 5 marzo 2025
  - la versione 9.8.0 richiede SOLR_OPTS="$SOLR_OPTS -Dsolr.config.lib.enabled=true" in solr.in.sh

Aggiornamento alla versione 9.10.x

• Maggiori informazioni qui
• Dovecot ha recentemente rilasciato i file schema aggiornati alla versione 9, alternativi a quelli che si trovano qui

Prima di ogni cosa controllare che la propria versione di java sia almeno la 11.

Scaricare Solr:

SOLR_VER=9.10.1
wget https://www.apache.org/dyn/closer.lua/solr/solr/${SOLR_VER}/solr-${SOLR_VER}.tgz?action=download -O solr-${SOLR_VER}.tgz

Arrestare quindi il server Solr e lanciare l'aggiornamento con le opzioni -f (aggiornamento) e -n (non lanciare do not start the server when finished) options:

tar xzf solr-${SOLR_VER}.tgz solr-${SOLR_VER}/bin/install_solr_service.sh --strip-components=2
sudo bash ./install_solr_service.sh solr-${SOLR_VER}.tgz -f -n

Gli utenti Slackware invece dovranno procedere diversamente:

wget https://notes.sagredo.eu/files/qmail/solr/install_solr_slackware.sh
chmod +x install_solr_slackware.sh
./install_solr_slackware.sh solr-${SOLR_VER}.tgz -f -n

Scaricare e installare il nuovo schema e il file di configurazione per Dovecot

cd /var/solr/data/dovecot/conf
rm -f schema.xml managed-schema.xml solrconfig.xml
wget https://raw.githubusercontent.com/dovecot/core/refs/heads/main/doc/solr-schema-9.xml -O schema.xml 
wget https://raw.githubusercontent.com/dovecot/core/refs/heads/main/doc/solr-config-9.xml -O solrconfig.xml
chown solr:solr solrconfig.xml schema.xml

Il nuovo file di configurazione sostituisce LRUCache con CaffeineCache e cambia la locazione delle librerie .jar (diff).

Riconfigurare il proprio /etc/default/solr.in.sh file, dato che molte opzioni sono cambiate radicalmente, quindi riavviare Solr.

Dobbiamo abilitare le librerie di configurazione come descritto qui per risolvere un errore che compare dalla versione 9.8.0 quando con lo scjema di Dovecot. Aggiungere questa riga al file /etc/default/solr.in.sh:

SOLR_OPTS="$SOLR_OPTS -Dsolr.config.lib.enabled=true"

Infine aggiornare gli indici (editare lo script apposito per inserire la propria password di Dovecot)

wget https://notes.sagredo.eu/files/qmail/solr/solr_rescan_index.sh
chmod +x solr_rescan_index.sh
chown root:root solr_rescan_index.sh
chmod o-wrx solr_rescan_index.sh

./solr_rescan_index.sh
Stopping Dovecot 
. 
<?xml version="1.0" encoding="UTF-8"?> 
<response> 

<lst name="responseHeader"> 
 <int name="status">0</int> 
 <int name="QTime">20</int> 
</lst> 
</response> 
Starting Dovecot.

Lo script non deve restituire errori (status=0). Se invece si ottengono degli errori è necessario ricontrollare le autorizzazioni di sicurezza e le credenziali dell'utente dovecot di Solr.

• Info: https://roundcube.net
• Versione: 1.7.1

Roundcube è una webmail avanzata con una bella interfaccia grafica.

Changelog

• May 24, 2026
  - version 1.7.1 (security release)
• Mar 9, 2025
  added $config['quota_zero_as_unlimited'] = true; to show quota unlimited instead of unknown for accounts with unlimited quota