1.2.0 - Release Candidate RC4

@endelwar endelwar released this Jan 2, 2017

This is the Release Candidate 4 of MailWatch 1.2.0.


This RC4 of MailWatch 1.2 adds PHP7 compatibility, migrate to mysqli extension and adds compatibility to LDAP servers other than Active Directory


  • Move to MySQLi PHP extension
  • PHP 7 compatibility
  • Use utf8mb4 on capable systems (MySQL >= 5.5.3)
  • Fix geoip function dereclaration
  • Warn on missing sa-learn binary
  • Add SA_PREFS to list of SpamAssassin rules direcotory
  • Improve session cookie security
  • Upgrade pear packages
  • Filter LDAP username and password before passing them to LDAP server
  • Improve LDAP compatibility with server other than Active Directory
  • Remove password change functionality for LDAP Domain Admin and User
  • Permit LDAP login with password containing special characters
  • Code cleanup
  • Updated translations


1.2.0 - Release Candidate RC3

@endelwar endelwar released this Nov 22, 2016 · 79 commits to master since this release

This is the Release Candidate 3 of MailWatch 1.2.0.


This RC3 of MailWatch 1.2 fixes a lot of bugs and adds autorelease feature in mail reports


  • Update postfix relay documentation (GH #320)
  • Update JpGraph to 4.0.1 (GH #289)
  • Fix Reports.php and Lists.php when used in languages other than English (GH #307, GH #288)
  • Proper expansion multiple %var% references in MailScanner parameters (GH #311)
  • Updated traslation
  • Add HIDE_UNKNOWN config option (GH #240, GH #254)
  • Add Autorelease feature (one click release of quarantined emails) (GH #260)
  • Fix per user spam score defaults (GH #263)


1.2.0 - Release Candidate RC2

@endelwar endelwar released this May 23, 2016 · 155 commits to master since this release

This is the Release Candidate 2 of MailWatch 1.2.0.


This RC2 of MailWatch 1.2 fixes some misbehaviours of RC1 and improve "total mail by date" report


  • Fix name collision in queries (GH #243)
  • Fix loading of SpamAssassin rule description if it starts with a space (GH #242)
  • Fix login bypass on LDAP introduced in RC1 (GH #246, GH #248)
  • Improve rep_total_mail_by_date report (GH #249, GH #250, GH #251)
  • Fix LDAP search for 'mail' prefix (GH #252)
  • Try to not encode multiple times a string that is already UTF8 (GH #225)


1.2.0 - Release Candidate 1

@endelwar endelwar released this Mar 23, 2016 · 170 commits to master since this release

This is the Release Candidate 1 of MailWatch 1.2.0.


This RC1 of MailWatch 1.2 implements translation of user interface, secure user's password hashing and some layout fix


  • Display load average if /proc/loadavg doesn't exists but /usr/bin/uptime does
  • Improve loggings for connections not coming from
  • Add hide High Spam and High MCP options
  • Update geoip.inc to v1.15
  • Fix path in the install manual
  • Add Microsoft Active Directory compatibility support
  • Fix timezone warning on sf_version and viewmail
  • Check GeoIP data file size before using GeoIP functions
  • Add hide Non Spam option
  • Quick hack on fixing duplicate header issue (#154)
  • Fix reports graph color management
  • A better sendmail_relay init file
  • Fix GeoIP extension and php libary conflict on constants definition
  • get_conf_truefalse returns true if value is a string
  • Enable LDAP over SSL
  • Fix virus count sorting on "Virus Report"
  • Remove additional slashes in "SpamAssassin Rule Description Update"
  • Adding translation to user interface
  • Add LOGO path in conf.php.example and changes done in corresponding files.
  • layout changes in quarantine.php, other.php, sf_version.php
  • Removed duplicate PHP function in tools/Cron_jobs/quarantine_report.php (is in functions.php)
  • Changes in tools/Sendmail_relay/INSTALL (to be accurate with Debian/Ubuntu)
  • Changes in tools/Sendmail_relay/sendmail_relay.init (change maillog to mail.log)
  • Background color change in login.php
  • Add clamav and spamassassin version in sf_version.php
  • Changes in INSTALL and UPGRADING (to be accurate with Debian/Ubuntu)
  • Modified footer function in functions.php (page footer and DEBUG for page_creation_timer)
  • Add a check for 'subtests=' to add space after comma (to fit the screen) in sa_lint.php
  • Upgrade password hash function from MD5 to a crypt() compatible one
  • Add option to enable/disable IP address resolution on status page
  • Improving upgrade.php script
  • Sanitize user input on reports
  • Rewrite of GeoIP file download procedure
  • Decline login as LDAP group
  • Move luser add-on to another git repository
  • Better logging of UTF8 subjects


1.2.0 - Beta 8 (Security Fix)

@endelwar endelwar released this Apr 30, 2015 · 296 commits to master since this release

This is the Beta 8 release of Mailwatch 1.2.0.

This beta release of MailWatch 1.2 implement tons of security fixes


Primarily a security fix release, also hides MCP-related fields if MCP is not enabled


  • Correct unexpected behaviour in viewpart.php if one or more headers are not set
  • Refactor message part viewer
  • Sanitize user input
  • Hide MCP-related fields if MCP is not enabled in MailScanner


1.2.0 - Beta 7 (Last Beta Ever? Nope!)

@endelwar endelwar released this Apr 27, 2015 · 332 commits to master since this release

This is the Beta 7 release of Mailwatch 1.2.0.

This will not be the last beta release of MailWatch 1.2, some security fixes are needed


This release separates Release action in Message Operations from Spam/Ham/Forget radio button, repair Quarantine Report behaviour and fix a long standing license issue


  • Fix documentation regarding magic_quotes_gpc
  • Redirect to original link after login (e.g. from quarantine report)
  • Fix to GPL v2 licensing problems
  • Updated MailScanner default path to comply with version 4.85.2-1
  • Add --max-size support to sa-learn if spamassassin >= 3.4.0
  • Separate release action in Message Operations from Spam/Ham/Forget radio button
  • Domain Administrator get all domain emails if their username is either an email address or a domain name


1.2.0 - Beta 6

@endelwar endelwar released this Feb 9, 2015 · 365 commits to master since this release

This is the Beta 6 release of Mailwatch 1.2.0.


This release enables (finally) UTF-8 support and enhances SQL Black/Whitelist matching


  • Enhanced MailScanner.conf parser to catch variable's value even if there is no space before and/or after = sign
  • Added DISPLAY_IP option to show sender's IP Address in Quarantine listings and message lists
  • Enhanced SQL Black/Whitelist to allow matching 1, 2, or 3 IP address octets
  • Enhanced SQL Black/Whitelist to allow matching of subdomains
  • Upgraded PEAR packages to last stable versions (some trunk commit was used)
  • Enable UTF-8 subject encoding
  • Fix conflict with GeoIP PHP extension


1.2.0 - Beta 5

@endelwar endelwar released this May 26, 2014 · 453 commits to master since this release

This is the Beta 5 release of Mailwatch 1.2.0.


  • MSRE integrated in MailWatch
  • GeoIP moved to binary files
  • Removed useless code and fixed a lot of not working things

BC Break

  • In conf.php all boolean values are true boolean now. Check that there is no quotation marks around true or false values.
  • GeoIP lookup needs binary database to work, download them from tools menu


  • Reorganized all libraries to lib directory, removed fpdf (which was not used) and removed lib's symlinks

  • Moved to GeoIP binary data file, dropped CSV import to database

  • Added a layer of security to cronjob, which don't execute if needed variables aren't set

  • Improved compatibility with PHP 5.5

  • New login form design

  • Added LDAP mail field variable to be compatible with more systems

  • Corrected free disk space calculation

  • Fixed Domain User operation on white/black lists

  • Added the ability to show/hide the software version page

  • Added MailScanner Rule Editor functionality from http://msre.sourceforge.net

    Fixes over original MSRE:

    • Requires authenticated MailWatch Admin user
    • Rules with 'action' of 0 are now correctly handled (as in size rules).
    • Rule descriptions start immediately after the # character. This stops MSRE from chopping off 1st character of comments which weren't generated by MSRE.
    • Treat blank lines in rules as comments
    • Sort rule file names into alphabetical order before listing
    • Allow "FromAndTo:" keyword in rule files
    • Allow "Virus:" keyword in rule files
    • Fix very broken 'and' handling
    • Ensure that the 'default' rule stays the default rule forever
    • Fix handling of escape characters in posted form
    • Strip spaces from entered Target and AndTarget fields
    • Fix case-sensitivity in keywords like "FromOrTo:"
    • Use MailScanner's rule keyword matching algorithm
    • Tighten up input validation based on fixes in the original MSRE 0.2.3 CVS
    • Tighten up rule parsing to ensure that generated rules are complete
  • Fixed AutoCommit error on MailWatch.pm

  • Better logout process

  • Hiding chroot mounts from drives list

  • Better directory traversal prevention

  • Fixed CVE-2008-5991

  • Corrected html and javascript errors

  • Removed W3C and SourceForge logos from footer

  • Fixed spelling mistakes/typos

  • Code cleanup


1.2.0 - Beta 4 patch 4

@endelwar endelwar released this May 26, 2014 · 691 commits to master since this release

  • Fixed create.sql for some incorrect parts
  • Fixed incorrect word in INSTALL file
  • Fixed deprecated mysql_escape_string for users with newer php versions, files: sa_rules_update.php,mcp_rules_update.php, rpcserver.php,postfix_relay.php,quarantine.php,filter.inc,user_manager.php,viewpart.php,viewmail.php,functions.php, lists.php
  • Updated functions.php