cdrom.image/sme7/README.txt

SME Server 7.5.1 Release Announcement
===================================

June 27 2010

The SME Server development team is pleased to announce the release of
SME Server 7.5.1 This is a patch release for SME 7.5 to resolve
problems seen by some VPN users, and other minor fixes.

The release should be obtained from your closest mirror, see
http://wiki.contribs.org/SME_Server:Download

Bug reports and reports of potential bugs should be raised in the bug
tracker (and only there, please);

    http://bugs.contribs.org/


Please Note
===========
It may take up to 48 hours for mirrors to finish syncing, during this
time you may experience problems.


About SME Server
================

SME Server is the leading Linux distribution for small and medium
enterprises.

SME Server is freely available under the GNU General Public License and
is only possible through the efforts of the SME Server community.
However, the availability and quality of SME Server is dependent on
meeting our expenses, such as hosting costs, server hardware, etc.

This release is based on CentOS 4.8.


Thanks
======
The development team would like to thank all of those involved in this
release. More people are required to help with bug triage and
verification testing.


Upgrades
========
Upgrades are available by CD, the Software Installer and command line.
- Always perform a backup prior to major system upgrades
- An upgrade will preserve the existing data


Changes in this release
=======================

Backups
-------
- Restoring from a Workstation Backup showed a false failure.
- The Workstation Backup panel now removes leading and trailing spaces
  from the hostname.

Localisation
------------
- Latest translation updates.
- Fix translation of local nic string in console.

Mail Server
-----------
- Implement a database key (TlsBeforeAuth) to allow SMTP
  Authentication without TLS. The default remains to require TLS before
  Auth (introduced in SME 7.5).

Server manager
--------------
- Add option to limit port forwarding by source ip address.
- Enable port forwards to localhost if mode is serveronly.
- Text description added for each Port Forwarding.

Other fixes and updates
-----------------------
- VPN failed for some users due to incorrect kernel module.
- Error in postuninstall script prevented kmod packages from being
  removed during upgrade.
- /etc/cron.daily/freshclam was replaced by a dummy file as freshclam
  does not need to be run daily as it is run as a supervised process.

Changes from SME 7.4 to SME 7.5
===============================

Backups
-------
- The backup service has been made more robust:
  Allow many backups in the same day.
  Prevent launching a restore if all needed backups are not available.
  Do not allow a restore from a partial backup.
- Some valid passwords would fail due to how the backup directory was
  mounted, the use of a credentials file for mount.cifs now avoids this
  limitation.
- The e-mail now correctly identifies incremental and full backups.
- Make Workstation Backup 'full backup allowed on' setting stick across
  revisits of the Configure page when set to 'Sunday'.
- Workstation Backup emails now include a To: header.

File Server
-----------
- A patch was added to support multiple samba roles, the change is
  transparent. However installing smeserver-adv-samba allows the user to
  take advantage of additional server roles as detailed in
  http://wiki.contribs.org/Advanced_Samba

Localisation
------------
- As part of a major update with translations we have added seven new
  languages:
  Thai, Polish, Romanian, Estonian, Chinese, Norwegian (Bokmal),
  Russian.
- Other fixes include updated translations for the existing languages.

Mail Server
-----------
- Transport Layer Security (TLS) authentication capability has been
  added for incoming smtp ehlo requests.
- SMTP Authentication requires TLS before Auth to increase security.
- Implement correctly the subject line SPAM tagging functionality.
- The syntax of the smtproutes and SMTPSmartHost templates have been
  updated to avoid MX lookups
- Incoming mail could be incorrectly rejected by qpsmtpd plugin
  require_resolvable_fromhost.
- Update to qpsmtpd 0.83
- Update to ClamAV 0.96.1
- Increase MemLimit to 600M for clamav-0.96
- Remove spamassassin jobs from cron.daily that are no longer needed.
- HeuristicScanPrecedence is a new option in clamav 0.94.
  See http://wiki.contribs.org/Email#Heuristic_Scan
- Rotate Virus scanning log files
- Remove the external preloaded library, qmail-workaround, which was
  needed for qmail loopback connections if a domain MX resolves to
  0.0.0.0. This has now been replaced by a patch to qmail itself.
- Use HeloHost (if present) for SMTP auth proxy

Server manager
--------------
- The reconfigure warning is displayed in subsequent browser sessions of
  the server-manager when the server is updated from the Command Line,
  or after a reboot, if a full reconfiguration has not been performed.
- Allow to select "check for updates" daily, weekly or monthly in the
  Software Installer. Check for updates can also be disabled.
- Fix yum warnings about "another instance is running" when running a
  second instance of yum from another terminal.
- Improve the HTML formatting of the modify quota panel to work in IE8.

Webmail and Groupware
---------------------
- Horde, imp, turba and ingo have been updated to the latest versions
- Patch to make sure username is always saved in lowercase to horde db's
- Allow FQDN and non-FQDN access to webmail.
- The spell checker in Horde Mail has been enabled for HTML composition.
- Obsolete smeserver-trean < 0.1-8 as it makes the sidebar menu of the
  webmail interface disappear.

Web Server
----------
- Implement a database key (SSLv2) which allows to disable certificates
  signed with SSLv2, enabled by default to keep current behaviour.
- Add support for more MIME Types to Apache:
     Openoffice 1.x, Openoffice 2.x
     Microsoft Office 2007
     XML
- SSL Certificates will now use a SHA1
- SSL Certificates will now use a 2048 bits key size

Other fixes and updates
-----------------------
- From June 2009 smeserver-rkhunter was removed from smeos and made a
  contrib.
- Do not allow re-allocation of deleted Windows user profiles.
- Template sshd login grace time
- Correct the configuration of smartd to monitor hard disk status, but
  default to disabled.
- Display the boot time menu by default by removing the hiddenmenu entry
  from the default grub.conf to be in line with the documentation.
- Enable error logging for MySQL.
- When user or group names with a "." in the names exist,
  running /sbin/e-smith/audittools/aliases will show more than the
  expected list.
- Improve the quality of the mirrors by using a network mirror-list. The
  list is automatically generated hourly based on the status of the
  current mirrors. By using these mirror-lists it is ensured that people
  are directed to an updated mirror. When a mirror is added or removed
  the change will be available quickly and automatically. It also
  centralizes control of the mirror lists.
- Add yum-protect-packages support to prevent removal of needed
  packages. This stops accidental removal of core SME Server packages.
- Introduced (weak) kernel modules which are independent of kernel
  version. This means there is no need to update/rebuild kmods for each
  kernel update.
- Fix for VPN access failed with buffer too small errors.
- Require /sbin/mdassemble so mkinitrd works correctly.
- Reduce drive size requirements from 5G to 1.5G

$Id: README.txt,v 1.9 2010/05/24 21:17:17 wellsi Exp $
1	wellsi	1.10	SME Server 7.5.1 Release Announcement
2	wellsi	1.9	===================================
3	slords	1.1
4	wellsi	1.10	June 27 2010
5	slords	1.1
6			The SME Server development team is pleased to announce the release of
7	wellsi	1.10	SME Server 7.5.1 This is a patch release for SME 7.5 to resolve
8			problems seen by some VPN users, and other minor fixes.
9	slords	1.1
10			The release should be obtained from your closest mirror, see
11			http://wiki.contribs.org/SME_Server:Download
12
13	wellsi	1.5	Bug reports and reports of potential bugs should be raised in the bug
14			tracker (and only there, please);
15	slords	1.1
16			http://bugs.contribs.org/
17
18
19			Please Note
20			===========
21	wellsi	1.5	It may take up to 48 hours for mirrors to finish syncing, during this
22			time you may experience problems.
23	slords	1.1
24	wellsi	1.10
25	slords	1.1	About SME Server
26			================
27
28			SME Server is the leading Linux distribution for small and medium
29			enterprises.
30
31	wellsi	1.5	SME Server is freely available under the GNU General Public License and
32			is only possible through the efforts of the SME Server community.
33	slords	1.1	However, the availability and quality of SME Server is dependent on
34			meeting our expenses, such as hosting costs, server hardware, etc.
35
36	wellsi	1.10	This release is based on CentOS 4.8.
37
38	slords	1.1
39			Thanks
40			======
41	wellsi	1.5	The development team would like to thank all of those involved in this
42			release. More people are required to help with bug triage and
43			verification testing.
44
45	slords	1.1
46			Upgrades
47			========
48	wellsi	1.10	Upgrades are available by CD, the Software Installer and command line.
49	slords	1.1	- Always perform a backup prior to major system upgrades
50			- An upgrade will preserve the existing data
51
52
53	wellsi	1.9	Changes in this release
54			=======================
55	slords	1.1
56	wellsi	1.5	Backups
57			-------
58	wellsi	1.10	- Restoring from a Workstation Backup showed a false failure.
59			- The Workstation Backup panel now removes leading and trailing spaces
60			from the hostname.
61
62			Localisation
63			------------
64			- Latest translation updates.
65			- Fix translation of local nic string in console.
66
67			Mail Server
68			-----------
69			- Implement a database key (TlsBeforeAuth) to allow SMTP
70			Authentication without TLS. The default remains to require TLS before
71			Auth (introduced in SME 7.5).
72
73			Server manager
74			--------------
75			- Add option to limit port forwarding by source ip address.
76			- Enable port forwards to localhost if mode is serveronly.
77			- Text description added for each Port Forwarding.
78
79			Other fixes and updates
80			-----------------------
81			- VPN failed for some users due to incorrect kernel module.
82			- Error in postuninstall script prevented kmod packages from being
83			removed during upgrade.
84			- /etc/cron.daily/freshclam was replaced by a dummy file as freshclam
85			does not need to be run daily as it is run as a supervised process.
86
87			Changes from SME 7.4 to SME 7.5
88			===============================
89
90			Backups
91			-------
92	wellsi	1.5	- The backup service has been made more robust:
93			Allow many backups in the same day.
94			Prevent launching a restore if all needed backups are not available.
95			Do not allow a restore from a partial backup.
96			- Some valid passwords would fail due to how the backup directory was
97			mounted, the use of a credentials file for mount.cifs now avoids this
98			limitation.
99			- The e-mail now correctly identifies incremental and full backups.
100	wellsi	1.9	- Make Workstation Backup 'full backup allowed on' setting stick across
101			revisits of the Configure page when set to 'Sunday'.
102			- Workstation Backup emails now include a To: header.
103	wellsi	1.5
104			File Server
105			-----------
106			- A patch was added to support multiple samba roles, the change is
107			transparent. However installing smeserver-adv-samba allows the user to
108			take advantage of additional server roles as detailed in
109			http://wiki.contribs.org/Advanced_Samba
110
111			Localisation
112			------------
113			- As part of a major update with translations we have added seven new
114			languages:
115			Thai, Polish, Romanian, Estonian, Chinese, Norwegian (Bokmal),
116			Russian.
117			- Other fixes include updated translations for the existing languages.
118
119			Mail Server
120			-----------
121			- Transport Layer Security (TLS) authentication capability has been
122			added for incoming smtp ehlo requests.
123	wellsi	1.10	- SMTP Authentication requires TLS before Auth to increase security.
124	wellsi	1.5	- Implement correctly the subject line SPAM tagging functionality.
125			- The syntax of the smtproutes and SMTPSmartHost templates have been
126			updated to avoid MX lookups
127			- Incoming mail could be incorrectly rejected by qpsmtpd plugin
128			require_resolvable_fromhost.
129			- Update to qpsmtpd 0.83
130	wellsi	1.9	- Update to ClamAV 0.96.1
131	wellsi	1.6	- Increase MemLimit to 600M for clamav-0.96
132			- Remove spamassassin jobs from cron.daily that are no longer needed.
133	wellsi	1.5	- HeuristicScanPrecedence is a new option in clamav 0.94.
134			See http://wiki.contribs.org/Email#Heuristic_Scan
135			- Rotate Virus scanning log files
136			- Remove the external preloaded library, qmail-workaround, which was
137			needed for qmail loopback connections if a domain MX resolves to
138			0.0.0.0. This has now been replaced by a patch to qmail itself.
139	wellsi	1.8	- Use HeloHost (if present) for SMTP auth proxy
140	wellsi	1.5
141			Server manager
142			--------------
143			- The reconfigure warning is displayed in subsequent browser sessions of
144			the server-manager when the server is updated from the Command Line,
145			or after a reboot, if a full reconfiguration has not been performed.
146			- Allow to select "check for updates" daily, weekly or monthly in the
147			Software Installer. Check for updates can also be disabled.
148			- Fix yum warnings about "another instance is running" when running a
149			second instance of yum from another terminal.
150	wellsi	1.8	- Improve the HTML formatting of the modify quota panel to work in IE8.
151	wellsi	1.5
152			Webmail and Groupware
153			---------------------
154			- Horde, imp, turba and ingo have been updated to the latest versions
155			- Patch to make sure username is always saved in lowercase to horde db's
156			- Allow FQDN and non-FQDN access to webmail.
157			- The spell checker in Horde Mail has been enabled for HTML composition.
158			- Obsolete smeserver-trean < 0.1-8 as it makes the sidebar menu of the
159			webmail interface disappear.
160
161			Web Server
162			----------
163			- Implement a database key (SSLv2) which allows to disable certificates
164			signed with SSLv2, enabled by default to keep current behaviour.
165			- Add support for more MIME Types to Apache:
166			Openoffice 1.x, Openoffice 2.x
167			Microsoft Office 2007
168			XML
169			- SSL Certificates will now use a SHA1
170			- SSL Certificates will now use a 2048 bits key size
171
172			Other fixes and updates
173			-----------------------
174			- From June 2009 smeserver-rkhunter was removed from smeos and made a
175			contrib.
176			- Do not allow re-allocation of deleted Windows user profiles.
177			- Template sshd login grace time
178			- Correct the configuration of smartd to monitor hard disk status, but
179			default to disabled.
180			- Display the boot time menu by default by removing the hiddenmenu entry
181			from the default grub.conf to be in line with the documentation.
182			- Enable error logging for MySQL.
183			- When user or group names with a "." in the names exist,
184			running /sbin/e-smith/audittools/aliases will show more than the
185			expected list.
186			- Improve the quality of the mirrors by using a network mirror-list. The
187			list is automatically generated hourly based on the status of the
188			current mirrors. By using these mirror-lists it is ensured that people
189			are directed to an updated mirror. When a mirror is added or removed
190			the change will be available quickly and automatically. It also
191			centralizes control of the mirror lists.
192			- Add yum-protect-packages support to prevent removal of needed
193			packages. This stops accidental removal of core SME Server packages.
194			- Introduced (weak) kernel modules which are independent of kernel
195			version. This means there is no need to update/rebuild kmods for each
196			kernel update.
197			- Fix for VPN access failed with buffer too small errors.
198	wellsi	1.6	- Require /sbin/mdassemble so mkinitrd works correctly.
199	wellsi	1.9	- Reduce drive size requirements from 5G to 1.5G
200	wellsi	1.5
201	wellsi	1.10	$Id: README.txt,v 1.9 2010/05/24 21:17:17 wellsi Exp $