Merge branch 'master' into refactor/setup-cli-opendkim

2025-03-23 01:34:00 +01:00 · 2025-03-23 01:34:00 +01:00 · c6b6fff540
parent 9a30d6b726 70d645d863
commit c6b6fff540
5 changed files with 17 additions and 4 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -2,10 +2,12 @@

 All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

-## [Unreleased](https://github.com/docker-mailserver/docker-mailserver/compare/v15.0.0...HEAD)
+## [Unreleased](https://github.com/docker-mailserver/docker-mailserver/compare/v15.0.1...HEAD)

 > **Note**: Changes and additions listed here are contained in the `:edge` image tag. These changes may not be as stable as released changes.

+## [v15.0.1](https://github.com/docker-mailserver/docker-mailserver/releases/tag/v15.0.1)
+
 ### Added

 - **Internal:**
@ -13,10 +15,16 @@ All notable changes to this project will be documented in this file. The format

 ### Fixes

+- **Docs**
+  - Gender-neutral language
 - **Postfix:**
  - `setup email restrict` generated configs now only prepend to `dms_smtpd_sender_restrictions` ([#4379](https://github.com/docker-mailserver/docker-mailserver/pull/4379))
+- **Rspamd:**
+  - Change detection support now monitors all files found within the DMS _Config Volume_ Rspamd directory ([#4418](https://github.com/docker-mailserver/docker-mailserver/pull/4418))
 - **Internal:**
  - A permissions fix for `/var/log/mail` that was [added in DMS v15]((https://github.com/docker-mailserver/docker-mailserver/pull/4374)) no longer encounters an error when no log files are present during a container restart, such as with a `tmpfs` volume mount ([#4391](https://github.com/docker-mailserver/docker-mailserver/pull/4391))
+  - The DMS _State Volume_ (`/var/mail-state`) will now ensure it's file tree is accessible for services when the volume was created with missing executable bit ([#4420](https://github.com/docker-mailserver/docker-mailserver/pull/4420))
+  - The DMS _Config Volume_ (`/tmp/docker-mailserver`) now correctly updates permissions on container restarts ([#4417](https://github.com/docker-mailserver/docker-mailserver/pull/4417))

 ### Updates

--- a/docs/content/config/environment.md
+++ b/docs/content/config/environment.md
@ -202,7 +202,7 @@ Please read [the SSL page in the documentation][docs-tls] for more information.
 Configures the handling of creating mails with forged sender addresses.

 - **0** => (not recommended) Mail address spoofing allowed. Any logged in user may create email messages with a [forged sender address](https://en.wikipedia.org/wiki/Email_spoofing).
- 1 => Mail spoofing denied. Each user may only send with his own or his alias addresses. Addresses with [extension delimiters](http://www.postfix.org/postconf.5.html#recipient_delimiter) are not able to send messages.
+- 1 => Mail spoofing denied. Each user may only send with their own or their alias addresses. Addresses with [extension delimiters](http://www.postfix.org/postconf.5.html#recipient_delimiter) are not able to send messages.

 ##### ENABLE_SRS

--- a/mailserver.env
+++ b/mailserver.env
@ -89,7 +89,7 @@ TLS_LEVEL=
 # Configures the handling of creating mails with forged sender addresses.
 #
 # **0** => (not recommended) Mail address spoofing allowed. Any logged in user may create email messages with a forged sender address (see also https://en.wikipedia.org/wiki/Email_spoofing).
-# 1 => Mail spoofing denied. Each user may only send with his own or his alias addresses. Addresses with extension delimiters(http://www.postfix.org/postconf.5.html#recipient_delimiter) are not able to send messages.
+# 1 => Mail spoofing denied. Each user may only send with their own or their alias addresses. Addresses with extension delimiters(http://www.postfix.org/postconf.5.html#recipient_delimiter) are not able to send messages.
 SPOOF_PROTECTION=

 # Enables the Sender Rewriting Scheme. SRS is needed if your mail server acts as forwarder. See [postsrsd](https://github.com/roehling/postsrsd/blob/master/README.md#sender-rewriting-scheme-crash-course) for further explanation.
--- a/target/scripts/helpers/change-detection.sh
+++ b/target/scripts/helpers/change-detection.sh
@ -43,7 +43,7 @@ function _monitored_files_checksums() {

    # Check whether Rspamd is used and if so, monitor it's changes as well
    if [[ ${ENABLE_RSPAMD} -eq 1 ]] && [[ -d ${RSPAMD_DMS_D} ]]; then
-      readarray -d '' STAGING_FILES_RSPAMD < <(find "${RSPAMD_DMS_D}" -type f -name "*.sh" -print0)
+      readarray -d '' STAGING_FILES_RSPAMD < <(find "${RSPAMD_DMS_D}" -type f -print0)
      STAGING_FILES+=("${STAGING_FILES_RSPAMD[@]}")
    fi
  fi
--- a/target/scripts/startup/setup.d/mail_state.sh
+++ b/target/scripts/startup/setup.d/mail_state.sh
@ -95,6 +95,11 @@ function _setup_save_states() {
 function _setup_adjust_state_permissions() {
  [[ ! -d ${DMS_STATE_DIR} ]] && return 0

+  # Parent directories must have executable bit set to descend the file tree for access,
+  # as each service running as a non-root user requires this to access their state directory,
+  # `/var/mail-state` must allow all users `+x`:
+  chmod +x "${DMS_STATE_DIR}"
+
  # This ensures the user and group of the files from the external mount have their
  # numeric ID values in sync. New releases where the installed packages order changes
  # can change the values in the Docker image, causing an ownership mismatch.