Dear froxlor community,

we are excited to announce the final release of froxlor version 2.2.0! This update brings several significant improvements and new features designed to enhance your user experience and provide greater control over your server management. Below are the key highlights of this release:

Key Features and Improvements

• New Antispam Feature:

  • Froxlor now includes a powerful antispam feature using rspamd, allowing you to configure spam scores and implement greylisting on a per-email-account basis. This provides enhanced protection against unwanted emails and helps maintain clean and secure mailboxes.

• Updater Enhancements:

  • The updater will automatically clear or remove existing entries related to DomainKey (DKIM) in panel_domains if the antispam feature is not activated.
    • Please be sure you are not using these entries with a 3rd party domainkey service or similar; if in doubt, rather activate antispam and dont configure the rspamd-service to not lose any keys!!!

• API Updates:

  • We have introduced a new parameter, gui_access, for the Admins.add/update and Customers.add/update API endpoints. This allows for more precise control over administrative and customer interface access.

• SSL Improvements:

  • Froxlor now offers the ability to use the froxlor-vhost certificate for email services. Additionally, a renew-hook has been added to automatically restart services after certificate renewal, ensuring uninterrupted and secure email communication.

• MySQL Enhancements:

  • A new 'master user' feature has been added for customers, allowing them to access all their databases with a single user account. This simplifies database management and enhances user convenience.

• Ubuntu 24.04 Support:

  • Froxlor now supports Ubuntu 24.04, ensuring compatibility with the latest version of this popular Linux distribution.

Upgrade Instructions

To upgrade to froxlor version 2.2.0, please follow the standard upgrade procedures outlined in our documentation. We recommend backing up your current configuration and databases before proceeding with the update to ensure a seamless transition.

Get Support

For any questions or support related to this release, please visit our support forum or consult the Froxlor community (discord).

Join the froxlor community

We encourage you to join our discord community of users and developers. Share your feedback, report issues, and contribute to the ongoing improvement of froxlor.

Thank you for using froxlor! We hope you enjoy the new features and improvements in version 2.2.0.

 

Thank you,
the froxlor team

Update: froxlor 2.2.0-rc2

Additions:

• show email-only domains in customers list
• implement 2fa remember browser, fixes #1259
• add column '2fa status' for customers and admins listings

Fixes: 

• fix correctly handling catchall-flag when updating email-address, fixes #1260

Update: froxlor 2.2.0-rc3

Additions:

• allow null-mx entry in dns-editor, fixes #1263

Fixes: 

• add missing use-statement for opcacheinfo page
• ease ClientConnectRate ban-filter for proftpd
• fixed reports being sent daily under specific conditions

Update: Stable release froxlor 2.2.0

Fixes:

• Add new missing strings + fix typo, #1264
• allow 60sec discrepancy for email based 2fa
• fix dbms version compare issue when removing mysql user
• adjust pure-ftpd mysql.conf file permissions (see #GHSA-34qg-65m4-f23m)
• correctly get target filename for jqSpeciallogfileNote action call via ajax, fixes #1267

 

Update: froxlor 2.2.1

Fixes:

• add condition to the remember-me checkbox for updaters when the token-table does not exist yet
• dont generate dhparam file as fallback but use defined FFDHE4096 group; fixes #1270
• fix missing proftpd-mod-wrap installation (#1272)
• show antispam options for email-editing only if enabled
• fix storing multiple-choice-select values, thx to 21MILEX on Discord, fixes #1269
• correctly display messages with markup in updater (#1268)

Update: froxlor 2.2.2 - 2.2.4

New:

• [config-services] add validation for empty or non-existing configuration template xml files
• [antispam] add rewrite-subject flag to email-edit form; hide spam-related settings if 'bypass_spam' is activated; add possibility to disable rejection of spam-mails, refs #1282
• [updater] add possibility to ask for potential update question in CLI updater and also pass them as options to override them

Fixes:

• fix timestamp matching regex, add lmtp to receving service regex and skip lines not including the main target service name in maillog parser
• fix successful login when using email 2fa
• fix language replacement and fix 'sending messages' after successfully sending prior, thx to Davidd
• [php-fpm] remove 'date.timezone' from php_admin_values (superfluous as it is in php_values)
• [antispam] set rewrite_subject to a slighty higher score then used for add_header, fixes #1275
• exchange toggler-links with checkboxes in email edit form to be able to adjust all parameters at once, fixes #1277
• store IDN email-usernames in ACE, as dovecot/postfix need them this way
• do not issue let's encrypt for email_only domains (in case they were web-enabled prior, we do not unset former settings to ease reverting back when disabling email_only)
• fix incorrect width of APCu Hit/Miss bar (#1283)
• check whether mysql-user exists prior to DROP USER for mysql < 5.7
• fix wrong fieldname in email-domain-overview 

Update: froxlor 2.2.5

Fixes:

• fixed editing email-address catchall-flag not working - #1288
• fixed wrong settings-index-name for apache-2.4 flag - #1290

Update: froxlor 2.2.5 - 2.2.6

New:

• [settings] add new settings to set default values for customer antispam options for new email addresses (settings advanced-mode)
• [cron] add new task to (re)configure mail/ftp services with let's encrypt; refs #1297
• [system] allow admins without change-serversettings to adjust dkim flag of domains
• [ui] hide webserver-ssl-options for new domains if no default ssl-ip-addresses are selected in the settings
• [languages] added Hungarian translation (#1310)

Security:

• force admin email addresses to be unique and not be used for customers, fixes GHSA-7j6w-p859-464f
• do not output potentially unsafe content, fixes GHSA-26xq-m8xw-6373

Fixes:

• show necessary dns entries for mail/antispan also in admin-view of domain
• fix empty firstname/name but set company when editing a customer via API
• allow cidr (forward slash) in spf settings-regex; fixes #1295
• correctly create ssl-redirect if let's encrypt is already activated; fixes #1294
• set sender-address of emails which were sent using an admin/a reseller to the global settings email so sending it using provided smtp settings will not fail antispam checks; fixes #1289
• fix permissions of global mysql-user for customers; fixes #1286
• can-edit-domain is not required to create subdomains of that domain if subdomains are allowed
• set cookie SameSite option to 'Lax' for loginlinks to work as intended; fixes #1299
• corrected regex for dns CAA entries; fixes #1300
• add safety when unsetting isemaildomain flag in domain, fixes #1305
• fix deletion of webserver-logfiles when customer gets deleted, thx to irisdina
• fix plaintext-mail content, thx to AlexL
• fix 'show necessary dns entries for mail/antispan also in admin-view of domain' if bind is enabled but domain is not using nameserver

Update: froxlor 2.2.7

Security:

• Bump vite from 6.2.0 to 6.2.4 (#1320)
• Bump axios from 1.8.1 to 1.8.2 (#1321)
• Bump vite from 6.2.4 to 6.2.5 (#1322)
• Bump vite from 6.2.5 to 6.2.6 (#1323)
• Bump vite from 6.2.6 to 6.3.4 (#1327)

Fixes:

• PHP-8.4 compatibility (#1313)
• issues with creating databases in certain cases, #1312 #1324 #1326
• unable to set url with umlaut domain as path for (sub) domain redirection #1325

Update: froxlor 2.2.8

Security:

• Bump league/commonmark from 2.6.2 to 2.7.0 (#1329)

Fixes:

• set correct field name for 'rewrite subject' in edit-email form, #1328
• validate username for webserver/fcgid/php-fpm in global settings to ensure it exists and is not a froxlor-managed user, #1332
• do not add ssl_stapling in nginx vhost automatically for let's encrypt certificates as they have removed support for it
• Relax dkim_entry visibilty for admins in domain editor like it is for customers, #1336