Re: Update 1.4.1 released

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Re: Update 1.4.1 released

Jorge Bastos

Hi Thomas and Alec,

Thanks for your work.

 

For SSL/TLS connections, either for IMAP or SMTP, with self-signed certificates, does RC accept’s it auto, or does it need any extra configuration?

 

Thanks in advanced,

 

From: [hidden email] <[hidden email]> On Behalf Of Thomas Bruederli
Sent: Friday, November 22, 2019 12:23
To: Roundcube Announce List <[hidden email]>
Cc: Roundcube Users List <[hidden email]>; Roundcube Dev List <[hidden email]>
Subject: [RCU] Update 1.4.1 released

 

Dear subscribers

Short time after the release of the stable version 1.4.0 of Roundcube Webmail we already publish the first service release. With the recent release we missed to mention a few breaking changes since the last stable version 1.3. We apologize for this and are now clarifying and correcting these:

Breaking changes
----------------
(since 1.3.x)

* new defaults for smtp_* config options:

Upon many requests and in order to get closer to the default setup of most SMTP servers, we changed the defaults as follows:

  // SMTP port (default is 587)
  $config[‘smtp_port’] = 587;

  // SMTP username (if required). %u will use the current username for login
  $config[‘smtp_user’] = ‘%u’;

  // SMTP password (if required). %p will use the current user’s password for login
  $config[‘smtp_pass’] = ‘%p’;
 
* changed default password_charset to UTF-8:

Because of many complaints, we decided to choose a more sane default that covers most setups and configurations.

* login page returning 401 Unauthorized status:

The new behavior that Roundcube 1.4 returns a 401 status code if the client is not authenticated apparently was very unexpected and lead to monitoring problems. Despite not having mentioned that change in the release notes, we now partly reverted it so that 401 is only returned on login failures but not on the first request to Roundcube which by definition is unauthorized.

Besides these three major concerns we heard from your much appreciated feedback, we fixed a number of nasty bugs that sneaked into the 1.4.0 release. See the full changelog in the release notes on the Github download page [1].

This release is considered stable and we recommend to update all productive installations of Roundcube with this version. Download it from roundcube.net [2].

Please do backup your data before updating.

We'd also like to thank Phil for his steady efforts to keep our website up-to-date. Your work is much appreciated!

Best,
Thomas & Alec

[1] https://github.com/roundcube/roundcubemail/releases/tag/1.4.1
[2] https://roundcube.net/download


_______________________________________________
Roundcube Users mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: Update 1.4.1 released

Jari Fredriksson


On 22.11.2019 23.31, Jorge Bastos wrote:

Hi Thomas and Alec,

Thanks for your work.

 

For SSL/TLS connections, either for IMAP or SMTP, with self-signed certificates, does RC accept’s it auto, or does it need any extra configuration?

I have SSL terminated by Pound reverse proxy while Roundcube is ran by Apache2 httpd. Roundcube is totally ignorant of SSL as this is a server issue, not an application issue.

br. jarif



 

Thanks in advanced,

 

From: [hidden email] [hidden email] On Behalf Of Thomas Bruederli
Sent: Friday, November 22, 2019 12:23
To: Roundcube Announce List [hidden email]
Cc: Roundcube Users List [hidden email]; Roundcube Dev List [hidden email]
Subject: [RCU] Update 1.4.1 released

 

Dear subscribers

Short time after the release of the stable version 1.4.0 of Roundcube Webmail we already publish the first service release. With the recent release we missed to mention a few breaking changes since the last stable version 1.3. We apologize for this and are now clarifying and correcting these:

Breaking changes
----------------
(since 1.3.x)

* new defaults for smtp_* config options:

Upon many requests and in order to get closer to the default setup of most SMTP servers, we changed the defaults as follows:

  // SMTP port (default is 587)
  $config[‘smtp_port’] = 587;

  // SMTP username (if required). %u will use the current username for login
  $config[‘smtp_user’] = ‘%u’;

  // SMTP password (if required). %p will use the current user’s password for login
  $config[‘smtp_pass’] = ‘%p’;
 
* changed default password_charset to UTF-8:

Because of many complaints, we decided to choose a more sane default that covers most setups and configurations.

* login page returning 401 Unauthorized status:

The new behavior that Roundcube 1.4 returns a 401 status code if the client is not authenticated apparently was very unexpected and lead to monitoring problems. Despite not having mentioned that change in the release notes, we now partly reverted it so that 401 is only returned on login failures but not on the first request to Roundcube which by definition is unauthorized.

Besides these three major concerns we heard from your much appreciated feedback, we fixed a number of nasty bugs that sneaked into the 1.4.0 release. See the full changelog in the release notes on the Github download page [1].

This release is considered stable and we recommend to update all productive installations of Roundcube with this version. Download it from roundcube.net [2].

Please do backup your data before updating.

We'd also like to thank Phil for his steady efforts to keep our website up-to-date. Your work is much appreciated!

Best,
Thomas & Alec

[1] https://github.com/roundcube/roundcubemail/releases/tag/1.4.1
[2] https://roundcube.net/download


_______________________________________________
Roundcube Users mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/users

_______________________________________________
Roundcube Users mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: Update 1.4.1 released

Jari Fredriksson

If you need help in configuring SSL into your server, you need to read howtos of said server, be it Apache http or Nginx.

br. jarif

On 25.11.2019 12.42, Jari Fredriksson wrote:


On 22.11.2019 23.31, Jorge Bastos wrote:

Hi Thomas and Alec,

Thanks for your work.

 

For SSL/TLS connections, either for IMAP or SMTP, with self-signed certificates, does RC accept’s it auto, or does it need any extra configuration?

I have SSL terminated by Pound reverse proxy while Roundcube is ran by Apache2 httpd. Roundcube is totally ignorant of SSL as this is a server issue, not an application issue.

br. jarif



 

Thanks in advanced,

 

From: [hidden email] [hidden email] On Behalf Of Thomas Bruederli
Sent: Friday, November 22, 2019 12:23
To: Roundcube Announce List [hidden email]
Cc: Roundcube Users List [hidden email]; Roundcube Dev List [hidden email]
Subject: [RCU] Update 1.4.1 released

 

Dear subscribers

Short time after the release of the stable version 1.4.0 of Roundcube Webmail we already publish the first service release. With the recent release we missed to mention a few breaking changes since the last stable version 1.3. We apologize for this and are now clarifying and correcting these:

Breaking changes
----------------
(since 1.3.x)

* new defaults for smtp_* config options:

Upon many requests and in order to get closer to the default setup of most SMTP servers, we changed the defaults as follows:

  // SMTP port (default is 587)
  $config[‘smtp_port’] = 587;

  // SMTP username (if required). %u will use the current username for login
  $config[‘smtp_user’] = ‘%u’;

  // SMTP password (if required). %p will use the current user’s password for login
  $config[‘smtp_pass’] = ‘%p’;
 
* changed default password_charset to UTF-8:

Because of many complaints, we decided to choose a more sane default that covers most setups and configurations.

* login page returning 401 Unauthorized status:

The new behavior that Roundcube 1.4 returns a 401 status code if the client is not authenticated apparently was very unexpected and lead to monitoring problems. Despite not having mentioned that change in the release notes, we now partly reverted it so that 401 is only returned on login failures but not on the first request to Roundcube which by definition is unauthorized.

Besides these three major concerns we heard from your much appreciated feedback, we fixed a number of nasty bugs that sneaked into the 1.4.0 release. See the full changelog in the release notes on the Github download page [1].

This release is considered stable and we recommend to update all productive installations of Roundcube with this version. Download it from roundcube.net [2].

Please do backup your data before updating.

We'd also like to thank Phil for his steady efforts to keep our website up-to-date. Your work is much appreciated!

Best,
Thomas & Alec

[1] https://github.com/roundcube/roundcubemail/releases/tag/1.4.1
[2] https://roundcube.net/download


_______________________________________________
Roundcube Users mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/users

_______________________________________________
Roundcube Users mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/users

_______________________________________________
Roundcube Users mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: Update 1.4.1 released

Giles Coochey

On 25/11/2019 10:54, Jari Fredriksson wrote:
>
> If you need help in configuring SSL into your server, you need to read
> howtos of said server, be it Apache http or Nginx.
>

I think the OP was talking about SSL/TLS for IMAPS / STARTTLS for SMTP,
not SSL / TLS for HTTPS.
_______________________________________________
Roundcube Users mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: Update 1.4.1 released

A.L.E.C
In reply to this post by Jari Fredriksson
On 11/25/19 11:54 AM, Jari Fredriksson wrote:
> If you need help in configuring SSL into your server, you need to read howtos of said
> server, be it Apache http or Nginx.

Please, read the question again.

Answer: Since PHP 5.6 self-signed certs aren't accepted by default. You need to use
imap_conn_options/smtp_conn_options in Roundcube config. See defaults.inc.php for some
examples.

--
Aleksander 'A.L.E.C' Machniak
Kolab Groupware Developer         [http://kolab.org]
Roundcube Webmail Developer   [http://roundcube.net]
----------------------------------------------------
PGP: 19359DC1 # Blog: https://kolabian.wordpress.com
_______________________________________________
Roundcube Users mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: Update 1.4.1 released

Jorge Bastos
Alec,

That's what I wanted to know,

Thanks!

-----Original Message-----
From: [hidden email] <[hidden email]>
On Behalf Of A.L.E.C
Sent: 25 de novembro de 2019 11:28
To: [hidden email]
Subject: Re: [RCU] Update 1.4.1 released

On 11/25/19 11:54 AM, Jari Fredriksson wrote:
> If you need help in configuring SSL into your server, you need to read
> howtos of said server, be it Apache http or Nginx.

Please, read the question again.

Answer: Since PHP 5.6 self-signed certs aren't accepted by default. You need
to use imap_conn_options/smtp_conn_options in Roundcube config. See
defaults.inc.php for some examples.

--
Aleksander 'A.L.E.C' Machniak
Kolab Groupware Developer         [http://kolab.org]
Roundcube Webmail Developer   [http://roundcube.net]
----------------------------------------------------
PGP: 19359DC1 # Blog: https://kolabian.wordpress.com
_______________________________________________
Roundcube Users mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/users
_______________________________________________
Roundcube Users mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/users