Search the Community

The migration guide mentions the password hashing algorithm Dovecot uses. Is anything known about Courier IMAP? My current authmysqlrc is: # cat /etc/courier/authmysqlrc | sed -e 's/^MYSQL_PASSWORD.*$/MYSQL_PASSWORD removed/' MYSQL_OPT 0 MYSQL_SERVER 127.0.0.1 MYSQL_USERNAME froxlor MYSQL_PASSWORD removed MYSQL_PORT 3306 MYSQL_DATABASE froxlor MYSQL_USER_TABLE mail_users MYSQL_CRYPT_PWFIELD password_enc MYSQL_UID_FIELD uid MYSQL_GID_FIELD gid MYSQL_LOGIN_FIELD username MYSQL_HOME_FIELD homedir MYSQL_MAILDIR_FIELD maildir MYSQL_QUOTA_FIELD (quota*1024*1024) MYSQL_AUXOPTIONS_FIELD CONCAT("allowimap=",imap,",allowpop3=",pop3) Because password_enc looks like $1$zEOfoobarB4hjtXhJqEH/ and contains a algorithm type, I guess that's why the migration guide says to disable the default scheme, and it will use the $1$ to detect it? Is it always $1$, or are there also newer algorithms that Courier doesn't like?

Dear froxlor community, we are excited to announce the release of froxlor 2.0! This release includes several improvements and new features, which we have summarized below for you: Redesigned UI: The appearance of the user interface has been completely modernized. The redesigned froxlor is now even more user-friendly, efficient and customizable. We've added a global search for general data as well as for searching functions and configuration options. Custom column selection for listings has been added. And of course, it's all 100% responsive. Revamped installation routine: The froxlor installation has been improved in many ways it is now easier, faster than ever and looks better. Now you can activate SSL and PHP-FPM from within the installation process and start using froxlor in minutes. Improved security features: With expanded and enhanced security features like modern password hashing-algorithms we have made froxlor a better place for your data. On top of that, the code has been completely reviewed and restructured to make security fixes easier, CSFR-tokens on forms have been implemented to make Cross Site transactions more secure, and much more. CLI tool: With the new froxlor CLI tool, you can now use froxlor via the command line – great for automation! For example, complete the installation process, check and run updates, (re)configure services and more. Changes in 2.0: New features: [API] new MysqlServer Command to allow multiple MySQL servers to be used by customers [API] optional requests via api.php?/module/function/ [UI] Global-search [UI] Customize visibility of table-columns [CLI] new bin/froxlor-cli tool (installer, updater, helper scripts and cron) [Distros] added Debian Bookworm (12)* and Ubuntu 22.04 (Jammy Jellyfish) Breaking changes: PHP-7.4+ and php-gmp extension are now required [API] auth via HTTP-Auth, old format with apikey/secret in the request is no longer possible [UI] auto-update must be enabled explicitly in lib/config.inc.php [Config] proftpd needs to be re-configured (or simply add `OpenSSL` to `SQLAuthTypes` in `/etc/proftpd/sql.conf`) [Config] dovecot needs to be re-configured (or simply comment out `default_pass_scheme ...` in `/etc/dovecot/dovecot-sql.conf.ext`) [Distros] removed Debian Stretch / Ubuntu Xenial and CentOS [APT package] default installation path is now /var/www/html/froxlor. If you are updating, your froxlor installation will be moved there from /var/www/froxlor! Changes in minor releases: 2.0.10 security release enforce password requirements set in settings for directory-protection [CWE-521: Weak Password Requirements] add missing use statement for error-reporting to include the dbms version [CWE-391: Unchecked Error Condition] validate existence of language in admin-templates [CWE-840: Business Logic Errors] verify cronjob interval is one of the fixed available values [CWE-96: Static Code Injection] fix possible privilege escalation from customer to root when specifying custom error documents in directory-options [CWE-94: Code Injection] See also our Migration Guide for more information. We hope you enjoy froxlor 2.0 and look forward to your feedback. Download: 2.0 | website Documentation at https://docs.froxlor.org/. Visit https://www.froxlor.org and join our Discord channel (https://discord.froxlor.org) for support, help, participation or just to chat Thank you, the froxlor team * Debian 12 is not yet released and should be considered unstable. Froxlor will fully support Debian Bookworm after its release.