pmg-api (8.2.7) bookworm; urgency=medium * api: apt changelog: check for odd package name and ensure arguments are separated from options. * config: fallback to 8G physical memory if query fails -- Proxmox Support Team Mon, 22 Dec 2025 16:18:08 +0100 pmg-api (8.2.6) bookworm; urgency=medium * 8to9: clarify warning for deprecated legacy-default Who-Object and provide actually actionable steps. -- Proxmox Support Team Mon, 06 Oct 2025 09:45:17 +0200 pmg-api (8.2.5) bookworm; urgency=medium * pmg8to9: improve output format layout slightly * pmg8to9: add context and adapt deprecated who object entry warning. -- Proxmox Support Team Tue, 23 Sep 2025 21:38:51 +0200 pmg-api (8.2.4) bookworm; urgency=medium * add initial version of 8 to 9 upgrade check script. -- Proxmox Support Team Thu, 18 Sep 2025 16:17:51 +0200 pmg-api (8.2.3) bookworm; urgency=medium * dkim: local mail: fix `Date` header formatting under different locales to ensure the date is always RFC2822 conform. -- Proxmox Support Team Wed, 10 Sep 2025 13:25:56 +0200 pmg-api (8.2.2) bookworm; urgency=medium * pmgtunnel: adapt to read_etc_network_interfaces using run_command -- Proxmox Support Team Mon, 18 Aug 2025 16:24:27 +0200 pmg-api (8.2.1) bookworm; urgency=medium * schema: fix verification for transport-domain-or-nexthop type. * trim Message-ID when parsing mail. * report: output tls_inbound_domains setting. * auth: oidc: fix pattern for 'client-id' and 'client-key'. * auth: stop forcing the default realm to be the built-in PMG realm by default, to allow configuring another default realm. * dkim: local mail: add Date header to ensure better compatibibility with some MUAs. * local generated mail: add 'Auto-Submitted' header as recommended per RFC 3834. -- Proxmox Support Team Tue, 29 Jul 2025 22:26:43 +0200 pmg-api (8.2.0) bookworm; urgency=medium * oidc realm: add more flexiple access-role assignment * utils: allow quarantine logins again * oidc realm: only allow auto-creation of users on primary cluster-node -- Proxmox Support Team Thu, 27 Feb 2025 12:10:58 +0100 pmg-api (8.1.9) bookworm; urgency=medium * config: watch admin-mail-from parameter and triggers a pmg-smtp-filter reload on change. * user config: password: unify length constraints and set minimum length to 8 characters, following the change in the installer and other projects to adhere to current NIST 800-63B recommendation. * add plugin system for authentication realms and implement API endpoints to manage them. * add authentication realm implementation for OpenID Connect (OIDC) -- Proxmox Support Team Wed, 26 Feb 2025 22:14:52 +0100 pmg-api (8.1.8) bookworm; urgency=medium * record interest in SpamAssassin updates to ensure all our daemons get reloaded * fix recent regression in the rule database content-type matching for mails that have no body mime-part. * config: add admin-mail-from key to allow admins to configure the From header for mails that originate from the Proxmox Mail Gateway system itself. This includes, among others, spam reports, bounces for block rules or before-queue-filtering, attachment removal notifications and backup notifications. * dkim signer: log info instead of die'ing when missing domain * sign local generated mails with DKIM based on header * sa-custom: move pending shadow config to the same directory in /etc as actual config to avoid issues on applying if /etc and /var are on different file systems. -- Proxmox Support Team Tue, 25 Feb 2025 20:18:16 +0100 pmg-api (8.1.7) bookworm; urgency=medium * fix #5972: ruledb: default ruleset: use the RFC 2606 conform .example as TLD. * pmg7to8: add check for deprecated default entries in ruledb * quarantine: add receiver to delivery/delete log-messages for convenience. * fix #6126: do not allow user to deliver/delete quarantined mails multiple times, which could happen as mails are delivered and then deleted asynchronously from the mail gateway system after being marked for delivery. By checking if a mail is already pending for deletion due to having been handled by the user already we can avoid this confusing edge case. * utils: content-type: don't fallback to header information for magic to ensure file-type detection can never be directly controlled by the sender. * ruledb: content-type: add flag for matching only based on the actual file content, and not metadata like headers or the file ending. This allows users to more definitively match some specific contents while blocking all others as some generic headers like, e.g., "application/octet-stream", which one might want to block, does not influences the actual detection of the file, which could be for example a PDF that one might want to allow. This is related to enhancement request #5618. * fix #2709: ruledb: match-field: add flag to optionally restrict to top mime-part to avoid that, for example, as forwarded mail that is attached as separate part can influence the matching. While that might be often wanted it occasionally is not, so allow the user to configure the behavior for their specific use case. -- Proxmox Support Team Fri, 21 Feb 2025 18:22:19 +0100 pmg-api (8.1.6) bookworm; urgency=medium * fix some typos in user-visible strings * reports: support sending plain and/or html parts. If either html or plain template is empty that part is not added. * fix #4211: convert quarantine link mail to template. -- Proxmox Support Team Sat, 14 Dec 2024 14:56:23 +0100 pmg-api (8.1.5) bookworm; urgency=medium * system report: add ip route information to output. * config: expand description for the `allowhrefs` option to better convey that disabling it will render hyperlinks as plain-text. * utils: custom check: fix error in spamscore regex to cope with negative scores. * removal rules: fix handling odd mails where the first, and potentially only part, consists of an attachment. -- Proxmox Support Team Sat, 07 Dec 2024 15:18:29 +0100 pmg-api (8.1.4) bookworm; urgency=medium * api: add missing schema annotations for download endpoints and adapt existing ones to renaming the respective property to 'download_allowed'. -- Proxmox Support Team Mon, 23 Sep 2024 11:54:30 +0200 pmg-api (8.1.3) bookworm; urgency=medium * config: improve description of dkim-use-domain * dkim: add QID in warnings to allow the log-tracker to pick them up an show them in the tracking center * pmg7to8: allow arbitrary newer running -pve kernels after upgrade -- Proxmox Support Team Mon, 23 Sep 2024 10:37:07 +0200 pmg-api (8.1.2) bookworm; urgency=medium * pmgdb: dump: replace 'active' flag with 'rules' option, which is a enumeration for 'all', 'active', or 'inactive' to avoid confusion about possible combinations. -- Proxmox Support Team Tue, 27 Feb 2024 17:03:21 +0100 pmg-api (8.1.1) bookworm; urgency=medium * api: nodes: fix missing import for PVE::Tools helper package -- Proxmox Support Team Mon, 26 Feb 2024 21:30:30 +0100 pmg-api (8.1.0) bookworm; urgency=medium * fix #5189: cluster: avoid sync errors for statistics and quarantine due to existing data on fresh nodes, which can happen, for example, when restoring a backup. * pmgdb dump: - print the type of an object to better differentiate, e.g., an domain entry from a regex entry with the same value. - better highlight active rules over inactive ones - drop "found" prefixes for each rule and group as that conveyed little information, still clutters the output. - add `active` CLI options to control if only active rules should be printed * quarantine: sort the per-user want- and block-lists entries when saving them to the DB * postfix template: update to current default setting (name) for the SMTP Smuggling vulnerability in postfix version 3.7.10 and newer. * api: tracking center: drop timezone offset as new log-tracker does time calculations directly in UTC * fix #2971: DKIM: Add a setting to specify whether to use the from-header for signing instead of the current default envelope-from-address. * api: node status: return structured info about current kernel * api: node status: return info about current boot mode -- Proxmox Support Team Mon, 26 Feb 2024 20:26:57 +0100 pmg-api (8.0.12) bookworm; urgency=medium * fix #4818: utils: don't require minimum length for username * fix #4811: rule db: test regex validity on submit * system report: add content of /etc/pmg/dkim/domains * rule cache: reorganize how we gather marks and spaminfo and unnecessary copying of marks * smtp-filter: log pre-fork worker settings on start-up * config: rework heurisitic for calculating the maximzm smtp-filter process workers to better reflect modern setups w.r.t. total system memory * add objectgroup and rule attributes for 'and' and 'invert' logical operators * rule cache: implement 'and' and 'invert' for the 'when', 'from', 'to' and what objects * pmg-smtp-filter: rename proxtest.com to pmg.example in demo code paths to avoid potential name squatting * database: use foreign keys for rule and object group attributes * fix #4392: keep empty user blocklist and wantlist in the database to ensure they get synced correctly to other nodes * templates: postfix: set same timeouts for before and after-queue (10 minutes) * config: postfix: make smtp-filter-timeout configurable * fix #2606: ruledb disclaimer: add ability to set position to start or end * fix #2430: ruledb disclaimer: make adding the separator configurable -- Proxmox Support Team Thu, 22 Feb 2024 17:26:12 +0100 pmg-api (8.0.11) bookworm; urgency=medium * fix invalid whitespaces in master.cf template introduced in 8.0.10 -- Proxmox Support Team Tue, 02 Jan 2024 12:53:36 +0100 pmg-api (8.0.10) bookworm; urgency=medium * address smtp-smuggling vulnerability (CVE-2023-51764) with the fix recommended by postfix upstream by disallowing bare linefeeds, except from internal sources, requires postfix version 3.7.9-0+deb12u1 to take effect -- Proxmox Support Team Tue, 02 Jan 2024 11:51:22 +0100 pmg-api (8.0.9) bookworm; urgency=medium * implement "SMTP-smuggling" mitigation for external port - see https://www.postfix.org/smtp-smuggling.html for details -- Proxmox Support Team Fri, 22 Dec 2023 11:16:42 +0100 pmg-api (8.0.8) bookworm; urgency=medium * fix #4944: api/pbs remote: Add a port config * user quarantine: use raw pmail for ticket assembly * reduce the logging level of certain messages * apt: use `apt changelog` for changelog fetching * api/cli: acme: add eab parameters * api: acme: deprecate tos endpoint in favor of new meta endpoint * api: quarantine: include descriptions for KAM rules in the spaminfo * pmg7to8: Add check for dkms modules * pmg7to8: check for proper grub meta-package for bootmode -- Proxmox Support Team Wed, 20 Dec 2023 10:58:29 +0100 pmg-api (8.0.7) bookworm; urgency=medium * handle pve-kernel -> proxmox-kernel rename -- Proxmox Support Team Tue, 01 Aug 2023 11:53:07 +0200 pmg-api (8.0.6) bookworm; urgency=medium * cluster: fingerprint parsing: adapt to changed openssl output -- Proxmox Support Team Tue, 25 Jul 2023 11:32:42 +0200 pmg-api (8.0.5) bookworm; urgency=medium * cluster config: restrict slurp scope to avoid issue parsing network interfaces * pmg7to8: notify about unmodified templates * system report: skip irrelevant files in /etc/pmg/templates -- Proxmox Support Team Tue, 11 Jul 2023 17:53:49 +0200 pmg-api (8.0.4) bookworm; urgency=medium * fix #4815: pmgsh: fix calling the api paths directly * statistics: fix syntax of SQL query for virus info counter update -- Proxmox Support Team Mon, 03 Jul 2023 12:42:23 +0200 pmg-api (8.0.3) bookworm; urgency=medium * pmgpolicy, pmg-smtp-filter: set sensible PATH to ensure that standard system binaries can be executed even if just their base name is used. -- Proxmox Support Team Wed, 28 Jun 2023 17:42:32 +0200 pmg-api (8.0.2) bookworm; urgency=medium * make section match more precise when hard-coding 'use_bayes' & 'use_awl' properties * tell the systemd debhelper to not stop the no-start services on upgrade, avoiding noisy warnings for those with an associated timer and also that any currently running operation of those services gets aborted * enable TFA lockout, for the relatively low-entropy TOTP type after 8 consecutive tries, for all other types after 1000 consecutive tries, as they have much higher entropy * include tfa lock status in user list and add user tfa-unlock endpoint -- Proxmox Support Team Wed, 28 Jun 2023 11:12:57 +0200 pmg-api (8.0.1) bookworm; urgency=medium * include version metadata again in statically generated pmgcfg module again -- Proxmox Support Team Wed, 28 Jun 2023 08:04:50 +0200 pmg-api (8.0.0) bookworm; urgency=medium * d/postinst: remove re-generation of unique machine-ID for old ISOs * cluster: adapt invocation of rsync for the version in Debian 12 Bookworm * postgresql compat: cast results explicitly to integer to cope with PostgreSQL 15 changes where UNIX epochs are returned as float * auth: set PAM context to 'proxmox-mailgateway-auth' and set the rhost to the IP address the users connects with, allowing one to limit PAM login to certain networks. -- Proxmox Support Team Tue, 27 Jun 2023 18:20:30 +0200 pmg-api (8.0.0~1) bookworm; urgency=medium * re-build for Proxmox Mail Gateway 8 based on Debian 12 Bookworm * update postgresql dependency to 15 * postgresql.conf template: drop 'stats_temp_directory' config-setting as it was deprecated by upstream PostgreSQL 14 and removed with 15. * explicitly depend on rsyslog for the tracking center, as rsyslog doesn't gets installed by default in Debian 12 Bookworm anymore * config: disable awl and bayes by default * config: disable advanced statistic filters by default * debian/postinst: hard code old default values for 'advfilter', 'use_bayes' & 'use_awl' during upgrade to 8.0.0 * grant 'root' and 'www-data' users respective permissions on public schema for newly created databases -- Proxmox Support Team Mon, 26 Jun 2023 17:43:06 +0200 pmg-api (7.3-4) bullseye; urgency=medium * ruledb: match field: improve validation of regular expressions on addition, warn for existing invalid ones. * d/maintscripts: prevent aborting on errors in some commands -- Proxmox Support Team Fri, 02 Jun 2023 10:30:31 +0200 pmg-api (7.3-3) bullseye; urgency=medium * config schema: document postfix option for smtputf8 flag * quarantine: delete Delivered-To and Return-Path when reinjecting mails, fixing a (unpublished) regression with postfix's forwarding loop detection -- Proxmox Support Team Tue, 28 Mar 2023 07:42:19 +0200 pmg-api (7.3-2) bullseye; urgency=medium * config schema: extend documentation for options * templates: adapt to new path for KAM rules in proxmox-spamassassin * report: add `date -R` to general system info section -- Proxmox Support Team Mon, 27 Mar 2023 12:59:53 +0200 pmg-api (7.3-1) bullseye; urgency=medium * proxy: initialize the theme variable with an empty string * smtputf8: keep smtputf8 from incoming postfix, detect for local mail * config: make smtputf8 configurable through the API * reinject mail: improve error logging * quarantine: reuse the reinject local mail helper to profit from some of it's recent improvements like IPv6 or DSN. * api: quarantine: decode addresses before delivery/userlisting -- Proxmox Support Team Thu, 23 Mar 2023 17:29:01 +0100 pmg-api (7.2-5) bullseye; urgency=medium * fix #4536: parse original filenames from gzip files * proxy: add support for switching themes * ruledb: spam: adapt to spamassassin 4.0.0 * templates: sync spamassassin templates with 4.0.0 upstream * templates: enable DecodeShortUrls for SpamAssassin 4.0.0 * templates: enable DMARC plugin in v400.pre.in * fix #2437: config: Add new tls_inbound_domains postfix map and add API endpoint for managing entries * config: warn on parse errors for tls related config files * fix #4521: api/tasks: replace upid as filename for task log downloads -- Proxmox Support Team Tue, 21 Mar 2023 12:59:25 +0100 pmg-api (7.2-4) bullseye; urgency=medium * fix #4410: Remove non-null host bits from CIDR when writing postfix config * utils: skip checking headers for non-ascii characters as stop gap to avoid breaking mail flow of a few setups that have smtputf8 disabled in their postfix config (e.g., because their downstream servers do not support this) -- Proxmox Support Team Wed, 25 Jan 2023 11:01:14 +0100 pmg-api (7.2-3) bullseye; urgency=medium * keep directories in /etc/pmg for inotify when restoring from backup * rulecache: sort rules additionally by id * fix mailflow if smtputf8 is disabled * pmgdb dump: encode ruledata before printing -- Proxmox Support Team Tue, 27 Dec 2022 11:17:13 +0100 pmg-api (7.2-2) bullseye; urgency=medium * d/control: depend directly on libproxmox-acme-plugins -- Proxmox Support Team Wed, 30 Nov 2022 10:46:04 +0100 pmg-api (7.2-1) bullseye; urgency=medium * queue administration: try to decode utf8 * make tasklog downloadable in the PMG backend * user accesslists: reword logging and hits for newer SA rule sets * user-bl: use custom description of USER_IN_BLOCKLIST consistently -- Proxmox Support Team Tue, 29 Nov 2022 15:48:26 +0100 pmg-api (7.1-11) bullseye; urgency=medium * fix #3287: add `pmail` parameter to virus and attachment quarantine list to allow one to filter for a specific mail * fix #2541 ruledb: encode relevant values as utf-8 in database * fix #2465: handle smtputf8 addresses in all but who-objects of the rule-system -- Proxmox Support Team Thu, 24 Nov 2022 16:43:19 +0100 pmg-api (7.1-10) bullseye; urgency=medium * fix #4006: do not split from header on ', ' for spamreport mails * ruledb: modfield: properly handle fields spanning multiple lines * ruledb: add deprecation warnings for unused `ReportSpam`, `Attach` and `Counter` actions -- Proxmox Support Team Wed, 16 Nov 2022 09:03:52 +0100 pmg-api (7.1-9) bullseye; urgency=medium * api: quarantine: allow 'list attachments' endpoint for quarantine users, they can see them in the raw email display already anyway * api: quarantine: add 'content-disposition' field to response of 'list attachments' API * ruledb: modfield: properly encode field after variable substitution -- Proxmox Support Team Fri, 11 Nov 2022 13:48:23 +0100 pmg-api (7.1-8) bullseye; urgency=medium * api: apt versions: track proxmox-offline-mirror-helper * fix #4269: rule cache: from match: cope with undefined IP * rule database: notify: properly en-/decode the mail subject to avoid issues with non-ascii characters, like for example, the reported chinese characters. -- Proxmox Support Team Fri, 28 Oct 2022 11:42:15 +0200 pmg-api (7.1-7) bullseye; urgency=medium * d/control: recommend proxmox-offline-mirror-helper * d/postinst: migrate/update APT auth config -- Proxmox Support Team Wed, 14 Sep 2022 13:17:58 +0200 pmg-api (7.1-6) bullseye; urgency=medium * subscription: handle missing subscription info * fix #3915: remove obsolete /etc/apt/apt.conf.d/75pmgconf -- Proxmox Support Team Thu, 08 Sep 2022 15:04:49 +0200 pmg-api (7.1-5) bullseye; urgency=medium * add 'allow-subdomains' to webauthn schema * subscription: switch to rust, add offline key support -- Proxmox Support Team Tue, 6 Sep 2022 10:35:09 +0200 pmg-api (7.1-4) bullseye; urgency=medium * rulesystem: matchfield: match all headers not only the first * config: avoid adding a specific IPs or networks multiple times to the template variables * api: quarantine: load custom rules description so that they show up in the GUI too * pmg-daily: avoid short-circuting update of local channels * api: apt: switch to common Proxmox::RS::APT::Repositories package -- Proxmox Support Team Wed, 13 Jul 2022 11:15:00 +0200 pmg-api (7.1-3) bullseye; urgency=medium * fix duplicate 'x-ms-dos-executable' in default 'Dangerous Content' object * daily update timer: start already on 01:00 to avoid dst change issue * fix #3924: ldap: accept only valid email-address * Proxmox Backup Server integration: namespace support -- Proxmox Support Team Mon, 16 May 2022 12:20:42 +0200 pmg-api (7.1-2) bullseye; urgency=medium * fix #3758: allow empty `to` in noqueue case * postfix queue: add 'decode-headers' option for read endpoint * http server: pass TLS 1.3 ciphersuites and disable-TLS-1.2/1.3 options if set * utils: change working directory to root before executing postgres admin commands, to avoid that restrictions of the current CWD from the user doesn't cause failing the command. -- Proxmox Support Team Thu, 03 Feb 2022 11:37:51 +0100 pmg-api (7.1-1) bullseye; urgency=medium * rulesystem: limit linelength of disclaimer to 998 bytes * fix #3734: scrub CSS 'url' from style tags/attributes if view-images is disabled for the quarantine * fix #2795: add support for Delivery Status Notification (DSN) * add support for two factor authentication with TOTP, recovery codes and WebAuthn to the admin interface -- Proxmox Support Team Sun, 28 Nov 2021 21:04:58 +0100 pmg-api (7.0-9) bullseye; urgency=medium * fix #2071: RuleDB: ignore duplicate entries for Who objects * api: ldap config: sync with the complete config * fix #3712: strip any trailing dot from the search-domain when passing it to postifx * api: journal: stream the journal data to the client * api-daemons: make systemd restart them on-failure * api-dameons: set oom-policy to `continue` so that a single (replacable) worker getting OOM-killed does not bring down the whole service -- Proxmox Support Team Wed, 24 Nov 2021 19:13:29 +0100 pmg-api (7.0-8) bullseye; urgency=medium * api: apt: repos: avoid creating implicit default for enabled * api: apt: use pmg-style permission for endpoint schema to allow access to admins that aren't root@pam * prefer more flexible get_local_ip where possible, it still prefers the resolved hostname but falls back to configured or active IPs. Especially useful for evaluation and initial (CT template) setups. * pmgbanner: retry getting local IP for a bit in case of failure, this should be only relevant for evaluation and initial setups where the hostname may not yet resolve to the primary IP address. -- Proxmox Support Team Mon, 20 Sep 2021 08:17:18 +0200 pmg-api (7.0-7) bullseye; urgency=medium * pmgversion: do not show packages with residual config as being in an error installation state * api: apt versions: add ifupdown(2), libproxmox-acme-* and pmg-i18n to packages included in the version report. * api: implement live network reload with ifupdown2 -- Proxmox Support Team Mon, 19 Jul 2021 09:04:25 +0200 pmg-api (7.0-6) bullseye; urgency=medium * fix cluster join when large ssh-rsa keys are setup -- Proxmox Support Team Wed, 14 Jul 2021 17:54:03 +0200 pmg-api (7.0-5) bullseye; urgency=medium * d/control: recommend ifupdown2 and suggest zfsutils-linux * switch enterprise repository over to bullseye -- Proxmox Support Team Wed, 14 Jul 2021 11:58:48 +0200 pmg-api (7.0-3) bullseye; urgency=medium * acme: handle wildcard dns validation * api: apt: add calls for repositories status and basic manegement * api: services: return active- and unit-state infos * api: services: track chrony service -- Proxmox Support Team Tue, 13 Jul 2021 18:42:07 +0200 pmg-api (7.0-2) bullseye; urgency=medium * d/postinst: handle static machine-id from ISO 5.0 <= x <= 6.0 * cluster: fix missing import of helper module * config: freshclam: default to incremental downloads * utils: fix service alias lookup for service commands and status query -- Proxmox Support Team Sat, 03 Jul 2021 22:51:12 +0200 pmg-api (7.0-1) bullseye; urgency=medium * re-build for Proxmox Mail Gateway 7 based on Debian 11 Bullseye * pmgproxy: allow setting LISTEN_IP parameter * clamav: remove deprecated SafeBrowsing * api: nodes: drop deprecated 'upgrade' option of termproxy * TLSPolicy: drop deprecated 'domain' parameter * api: quarantine: drop deprecated b/w-list methods, and drop detail statistic methods (replaced by more flexible endpoints in 6.x) * update postgresql dependency to version 13 * greylisting: drop unneeded Host column form cgreylist table * api: nodeconfig: validate acme config before writing * fix #2013 spamreport: remove ticket if authmode is ldap * api: tasks: add 'since', 'until', task-type and 'status' filters -- Proxmox Support Team Mon, 28 Jun 2021 15:57:10 +0200 pmg-api (6.4-4) pmg; urgency=medium * fix #2228: spam quarantine: automatically deliver on whitelisting and delete on blacklisting a mail * acme: allow wildcard domain entries -- Proxmox Support Team Thu, 15 Apr 2021 15:19:00 +0200 pmg-api (6.4-3) pmg; urgency=medium * fix creating mailqueue spooldirs * rephrase backup notification template -- Proxmox Support Team Fri, 26 Mar 2021 19:09:41 +0100 pmg-api (6.4-2) pmg; urgency=medium * fix #3164: api: quarantine: allow to return spam from all users * ensure '/etc/pmg/acme/accounts' directory exists * certs: reload postfix to activate new certificate even if TLS config stayed the same * cluster: trust both, old and new certificate fingerprint of master during update -- Proxmox Support Team Tue, 23 Mar 2021 08:30:22 +0100 pmg-api (6.3-7) pmg; urgency=medium * implement Automatic Certificate Management Environment (ACME) for API and SMTP TLS certificates. Allowing one to use providers like Let's Encrypt for deployment and automatic renewal of trusted certificates. * cluster: automatically trigger an update of the pinned certificate fingerprint for a node in the cluster configuration on certificate change -- Proxmox Support Team Thu, 18 Mar 2021 11:05:17 +0100 pmg-api (6.3-6) pmg; urgency=medium * api: spamassassin: read local channels and include them in daily SA update * api: statistics: add central API enpoint for details, avoiding issues with certain characters in mail addresses * utils: allow / inside email address localpart * fix #3154: backup: add include-statistics to Proxmox Backup Server * fix #3146: backup: add email notifications -- Proxmox Support Team Fri, 05 Mar 2021 22:48:07 +0100 pmg-api (6.3-5) pmg; urgency=medium * utils: ignore leading whitespace in SpamAssassin rule description * api: termproxy: adapt to newer Proxmox VE and Proxmox Backup Server 'cmd' interface, to stay compatible -- Proxmox Support Team Wed, 25 Nov 2020 10:21:49 +0100 pmg-api (6.3-4) pmg; urgency=medium * integrate Proxmox Backup Server for automatic configuration backups * fix #3098: DKIM: sort domains by length first * backup: add Spam Assassin custom score file to backup * reinject email: fix connecting for ipv6-only hosts * fix #3141: do not split on ', ' for returning the from header * allow to enable a user self-service login for the user spam quarantine as opt-in config option -- Proxmox Support Team Wed, 18 Nov 2020 19:52:58 +0100 pmg-api (6.2-6) pmg; urgency=medium * fix #2785: prefix message-id in attachment-quarantine * add logging to disclaimer action -- Proxmox Support Team Wed, 23 Sep 2020 09:03:45 +0200 pmg-api (6.2-5) pmg; urgency=medium * fix #1976: optionally sort postfix queue result * allow to remove subscription * make regex test-match case-insensitive, like the real tests -- Proxmox Support Team Thu, 04 Jun 2020 16:48:26 +0200 pmg-api (6.2-4) pmg; urgency=medium * Mail Tracker: handle before queue status -- Proxmox Support Team Thu, 14 May 2020 17:51:25 +0200 pmg-api (6.2-3) pmg; urgency=medium * enable policy checking also if only IPv6 greylisting is enabled * improve ordering of system services * add logrotate config to monthly-rotate pmgproxy.log * api tracker: always check that specified 'endtime' is newer than 'starttime' * improve pmg-system-report with more relevant information -- Proxmox Support Team Fri, 24 Apr 2020 19:31:15 +0200 pmg-api (6.1-9) pmg; urgency=medium * add new 'Match Archive Filename' What Object * use postgres inet functions for greylist matching * pmgpolicy: add IPv6 support for greylisting * greylist: make netmasks configurable -- Proxmox Support Team Mon, 20 Apr 2020 17:37:09 +0200 pmg-api (6.1-8) pmg; urgency=medium * pmgqm: warn and exit if running on slave node * pmgspamreport: purge before sending reports * fix rendering of ipv(4|6) literal lmtp transports * fix #1948: allow setting TLS policy for transports * add TLS options for lmtp to main.cf template * fix #2661: reintroduce LDAPCache->ldap_connect * skip writing default ports in spamreports * use ucf to handle template overrides * freshclam.conf.in: make ScriptedUpdates a variable * freshclam.conf.in: remove ReceiveTimeout option -- Proxmox Support Team Tue, 14 Apr 2020 10:10:59 +0200 pmg-api (6.1-7) pmg; urgency=medium * fix #2622: include all spam levels from the ">= 10 score" bucket in total spam statistic * fix #2525: encode notifications in UTF-8 * check if img tag has actually a 'src' attribute to avoid warnings * pmgsh: fix 'help' command * api/quarantine: add new white/blacklist deletion API endpoints to allow one to avoid passing addresses in the API path. -- Proxmox Support Team Mon, 09 Mar 2020 18:21:55 +0100 pmg-api (6.1-6) pmg; urgency=medium * track clamav and postgres package version in versions api call * add queue id to pmg-smtp-filter replies for tracking in pmg-log-tracker * code cleanup -- Proxmox Support Team Fri, 28 Feb 2020 11:30:17 +0100 pmg-api (6.1-5) pmg; urgency=medium * fix postfix template for before-queue filtering * api2: Network: add vlan-raw-device and vlan-id options * ensure compatibility with libpve-http-server-perl -- Proxmox Support Team Wed, 29 Jan 2020 21:33:55 +0100 pmg-api (6.1-4) pmg; urgency=medium * fix #2438: add support for lmtp delivery to downstream servers * api2: network: add bond-primary and MTU option * fix #2504: do not overwrite existing DKIM selector key * dkim: add selector list api endpoint * fix disclaimer encoding for html entities * fix #1653: parse ipv6 xforward correctly -- Proxmox Support Team Thu, 23 Jan 2020 13:20:15 +0100 pmg-api (6.1-3) pmg; urgency=medium * improve browser-cache behavior for updates -- Proxmox Support Team Thu, 28 Nov 2019 11:35:53 +0100 pmg-api (6.1-2) pmg; urgency=medium * don not add DKIM signature if the DKIMSign module fails to determine the domain for signing -- Proxmox Support Team Fri, 22 Nov 2019 12:38:48 +0100 pmg-api (6.1-1) pmg; urgency=medium * create pmg-scores.cf unconditionally * bump version for Proxmox Mailgateway 6.1 -- Proxmox Support Team Tue, 19 Nov 2019 11:46:11 +0100 pmg-api (6.0-10) pmg; urgency=medium * add support for sending NDRs on Block * add support for before queue filtering * implement force_restart for cluster sync * add SACustom Package and API Calls for custom SpamAssassin scores * sync custom spamassassin scores to the cluster slaves -- Proxmox Support Team Fri, 15 Nov 2019 13:09:57 +0100 pmg-api (6.0-9) pmg; urgency=medium * DKIM-sign outbound mail if configured * add DKIM related API endpoints * fix #2371: reload pmg-smtp-filter on config change * add /etc/pmg/dkim to cluster-sync * Quarantine API: extend download call to download whole mails -- Proxmox Support Team Wed, 30 Oct 2019 18:31:14 +0100 pmg-api (6.0-8) pmg; urgency=medium * add attachment quarantine with API integration * fix API result verification for invalid mails -- Proxmox Support Team Tue, 22 Oct 2019 07:37:00 +0200 pmg-api (6.0-6) pmg; urgency=medium * fix #2224: override reference to openspf.org * fix #2360: cluster: reload pmg-smtp-filter on rulechange -- Proxmox Support Team Mon, 09 Sep 2019 08:05:52 +0200 pmg-api (6.0-5) pmg; urgency=medium * fix mimetypes API -- Proxmox Support Team Wed, 28 Aug 2019 14:31:38 +0200 pmg-api (6.0-4) pmg; urgency=medium * fix #2324 - improve docs on encrypted archives -- Proxmox Support Team Fri, 23 Aug 2019 10:50:42 +0200 pmg-api (6.0-3) pmg; urgency=medium * use hmac_sha_256 alogrithm for improved CSRF token security * pmgproxy: add link to extjs for pmg-docs' api-viewer -- Proxmox Support Team Sat, 17 Aug 2019 13:04:52 +0200 pmg-api (6.0-2) pmg; urgency=medium * adapt journalctl invocation to changed behavior with new systemd version of Debian Buster and make journal parsing more robust -- Proxmox Support Team Tue, 13 Aug 2019 15:48:59 +0200 pmg-api (6.0-1+2) pmg; urgency=medium * update PMG sources.list to buster * replace deprecated /var/run with /run * improve restart on upgrade behaviour * Who: Domain: improve speed * What: Spam: add uri hits to rule description * adapt postgresql.conf template to include current postgres version * adapt clamav.conf.in to new upstream version -- Proxmox Support Team Fri, 9 Aug 2019 08:58:05 +0200 pmg-api (6.0-1+1) pmg; urgency=medium * improve packaging compatibillity with postgres 11 slightly -- Proxmox Support Team Wed, 24 Jul 2019 21:11:24 +0200 pmg-api (6.0-1) pmg; urgency=medium * bump for Proxmox Mailgateway 6 based on Debian Buster -- Proxmox Support Team Wed, 24 Jul 2019 20:48:06 +0200 pmg-api (5.2-6) unstable; urgency=medium * fix #2276: restore line format for pmg-log-tracker -- Proxmox Support Team Fri, 12 Jul 2019 17:04:59 +0200 # Older entries have been removed from this changelog. # To read the complete changelog use `apt changelog pmg-api`.