--- cdrom.image/sme7/README.txt 2009/06/06 23:51:54 1.1 +++ cdrom.image/sme7/README.txt 2010/03/30 15:37:53 1.5 @@ -1,30 +1,24 @@ -SME Server 7.4 Release Announcement +SME Server 7.5 Release Announcement =================================== -November 21 2008 +March xx 2010 The SME Server development team is pleased to announce the release of -SME Server 7.4. This release is based on CentOS 4.7. Other major changes -in this release are the use dar for backups and the change to UTF-8 -along with translation into 6 additional languages. - - -All SME Server users should upgrade to this release. +SME Server 7.5. This release is based on CentOS 4.8. The release should be obtained from your closest mirror, see http://wiki.contribs.org/SME_Server:Download -Bug reports and reports of potential bugs should be raised -in the bug tracker (and only there, please); +Bug reports and reports of potential bugs should be raised in the bug +tracker (and only there, please); http://bugs.contribs.org/ Please Note =========== -It may take up to 48 hours for mirrors to finish syncing, -during this time you may experience problems. - +It may take up to 48 hours for mirrors to finish syncing, during this +time you may experience problems. About SME Server ================ @@ -32,23 +26,21 @@ About SME Server SME Server is the leading Linux distribution for small and medium enterprises. -SME Server is freely available under the GNU General Public License -and is only possible through the efforts of the SME Server community. +SME Server is freely available under the GNU General Public License and +is only possible through the efforts of the SME Server community. However, the availability and quality of SME Server is dependent on meeting our expenses, such as hosting costs, server hardware, etc. Thanks ====== -The development team would like to thank all of those involved in -this release. However, this distribution cannot continue with the -current level of support. More people are required to help with -bug triage and verification testing. - - -This release contains many new features, all released updates for -SME Server 7.3 and fixes for many reported problems. Upgrades -will be available by CD, the Software Installer and command line. +The development team would like to thank all of those involved in this +release. More people are required to help with bug triage and +verification testing. + +This release contains many new features, all released updates for SME +Server 7.4 and fixes for many reported problems. Upgrades will be +available by CD, the Software Installer and command line. Upgrades @@ -60,194 +52,115 @@ Upgrades Changes in this release ======================= -Installer ---------- -- Fix grub label to keep consistent with the SME Server brand. - -Mail system changes -------------------- -- Introduce a web interface to configure the pseudonym "visible" property - (internal|external) -- New feature now allows a "catch all" situation where you have the ability - to redirect "@virtualdomain1.com" to user "joe". -- Fix the "Ugly" log messages (Use of uninitialized value) when spam checking - results in 0 hits. -- Emails sent to a null address like ""@domain without the username part - are now rejected. -- qplogsumm is a optional feature that should be disabled by default. -- A request that the log information is reduced with the default loglevel - setting of 6 in qpsmtpd. -- Support for sending mail to ISP via Secure SMTP -- Enable the auth plugin for local lan connections -- Migrate (remove) "ordb.net" from the RBL lists to prevent mail bouncing. -- Remove blackhole.securitysage.com as service no longer in use. -- Remove sbl-xbl.spamhaus.org from default lists and use a more improved - list in zen.spamhaus.org. - -Console -------- -- Improved validation will check password on first enter password screen - before verifying if too simple then asking to verify and proceed to - configuration of server. -- Passwords should be validated for strength on first entry rather than - waiting for the second confirmation entry. -- The console should validate passwords using the common method, - using esmith::util::validatePassword -- The last item in the server console, "Exit from server console", is removed - as it is redundant. -- Display frames in console server-manager. - When browsing server-manager through console pressing 'H' goes to - http://localhost/server-manager - Backups ------- -- Backups now use dar which enables a backup to consist of more than 2GB - of data to a workstation in any of the following supported methods: - cifs, nfs or local usb disk. It also gives the option to set how many - rotating backups are required and allows to split size of backup - to DVD size. -- Removed 'restore from desktop' functionality -- The error codes from tar are now logged, in line with flexbackup, and do not - cause a backup to fail. -- A Iomeage USB REV-drive was by default mounted in /media as a cdrom device. - It is now automagically mounted as an usbdisk so it can be used as a backup - device without manual intervention. -- Set dar compression to default to gzip -- dar backup to be less verbose in panel -- Correct mounting for usb disks -- no compression for ogg media files -- Make dar use defined list of directories to backup -- Remove obsolete smbfs backup method - +- The backup service has been made more robust: + Allow many backups in the same day. + Prevent launching a restore if all needed backups are not available. + Do not allow a restore from a partial backup. +- Some valid passwords would fail due to how the backup directory was + mounted, the use of a credentials file for mount.cifs now avoids this + limitation. +- The e-mail now correctly identifies incremental and full backups. +- Make workstation-backup 'full backup allowed on'-setting stick across + revisits of the Configure-page when set to: 'Sunday' + +File Server +----------- +- A patch was added to support multiple samba roles, the change is + transparent. However installing smeserver-adv-samba allows the user to + take advantage of additional server roles as detailed in + http://wiki.contribs.org/Advanced_Samba Localisation ------------ -As part of a major update with translations we have added six new -languages and made it much easier to add other languages in the -future. - -We now support the following languages in the server-manager: Danish, -Dutch, English, French, Greek, German, Hungarian, Indonesian, Italian, -Portuguese, Slovenian, Spanish and Swedish. - -We have made major strides to assist the non-English community by -using a tool called pootle. This is a web based translation tool that -will allow new languages to be added and existing languages to be more -easily maintained. - -We have cleaned up a lot of the packages as a part of getting them to -work with pootle. Another big change as part of this upgrade is the -switch from ISO-8859-1 (Latin) charset to UTF-8 (Universal) charset, -this will allow us to support languages that don't use latin -characters (like Greek). - -Other fixes include updated translations for the existing languages. - -Software Installer ------------------- -- smeextras repository added, it is used for building the installer and ISO -- The yum-update event now includes the yum-import-keys action to allow - users to update yum packages and configuration without rebooting, - which enables updating when there is a compatibility problem. -- Correct yum-update-dbs action to adjust yum service properly. -- The BaseURL property has been removed for repos with mirrorlists. -- The message "This system is up to date." is displayed if no updates are - available. - -Webmail -------- -- Horde, imp, turbo and ingo have been updated to the latest versions -- Support the ability to save user kronolith free/busy information to the LDAP - database. -- Servers with a custom template for 110AppRegistryHorde found webmail no - longer worked. -- The name of the webmail installation is now configurable. - To use - config setprop horde Name xxxx ; signal-event email-update. +- As part of a major update with translations we have added seven new + languages: + Thai, Polish, Romanian, Estonian, Chinese, Norwegian (Bokmal), + Russian. +- Other fixes include updated translations for the existing languages. + +Mail Server +----------- +- Transport Layer Security (TLS) authentication capability has been + added for incoming smtp ehlo requests. +- Implement correctly the subject line SPAM tagging functionality. +- The syntax of the smtproutes and SMTPSmartHost templates have been + updated to avoid MX lookups +- Incoming mail could be incorrectly rejected by qpsmtpd plugin + require_resolvable_fromhost. +- Update to qpsmtpd 0.83 +- HeuristicScanPrecedence is a new option in clamav 0.94. + See http://wiki.contribs.org/Email#Heuristic_Scan +- Rotate Virus scanning log files +- Remove the external preloaded library, qmail-workaround, which was + needed for qmail loopback connections if a domain MX resolves to + 0.0.0.0. This has now been replaced by a patch to qmail itself. Server manager -------------- -- The name of the log file being viewed via the Server Manager 'View log - files' is now displayed as the first line. -- Disabling the daily update check in the server-manager did not stop the - check4updates task sending mail to the server administrator. -- Server-manager > printers > add printer - now advises users to avoid - certain names and descriptions as this causes printer state to be incorrect. -- Fix the Unknown heading in server-manager after an update. -- Fix inconsistency within the navigation.xx files which no longer adds extra - spaces and newlines in panel headers. -- The Anti-virus (ClamAV) panel text was updated to remove the word 'entire' - as this could be misleading. -- Allow server-manager to successfully create a one character user account. -- After adding a user and trying to set password via server-manager or - user-password using the ";" sign you encountered a "white screen of - death". This was due to the version of perl-Object-Persistence being used. -- Remove the last 'pleasewait' message as it is no longer needed. -- The button to add a new user in the server-manager was missing due to a - problem with the free/busy code in usermanager causing the panel to exit. +- The reconfigure warning is displayed in subsequent browser sessions of + the server-manager when the server is updated from the Command Line, + or after a reboot, if a full reconfiguration has not been performed. +- Allow to select "check for updates" daily, weekly or monthly in the + Software Installer. Check for updates can also be disabled. +- Fix yum warnings about "another instance is running" when running a + second instance of yum from another terminal. + +Webmail and Groupware +--------------------- +- Horde, imp, turba and ingo have been updated to the latest versions +- Patch to make sure username is always saved in lowercase to horde db's +- Allow FQDN and non-FQDN access to webmail. +- The spell checker in Horde Mail has been enabled for HTML composition. +- Obsolete smeserver-trean < 0.1-8 as it makes the sidebar menu of the + webmail interface disappear. + +Web Server +---------- +- Implement a database key (SSLv2) which allows to disable certificates + signed with SSLv2, enabled by default to keep current behaviour. +- Add support for more MIME Types to Apache: + Openoffice 1.x, Openoffice 2.x + Microsoft Office 2007 + XML +- SSL Certificates will now use a SHA1 +- SSL Certificates will now use a 2048 bits key size Other fixes and updates ----------------------- -- Updated Samba resolves various file sharing problems -- The length of an Ibay name is now configurable via maxIbayNameLength -- The Samba "unix extensions" are turned off for Mac compatibility -- radiusd.conf allows support for additional authentication methods -- Ability to modify pseudonyms with special characters -- Prevent NameServer being set to current IP of SME Server -- Allow support for server side includes for ibays when a directory is - browsed. -- Made mtu/mru settings configurable. -- Increased the templating in php.ini -- Fixed timezone detection issues for certain timezones during certificate - generation -- Added support for cciss RAID controller -- Enable a new feature to allow admin to have own password not shared with - root. -- nut is now started after the network to avoid mails to the admin mailbox - about lost communication. -- e-smith-openssh contained unused template fragments were removed. -- ibays can now be set as non-browsable (hidden), but accessible via their - UNC. An ibay can be hidden by setting the Browsable property to disabled. -- Suspicious string scanning (supscan) has been disabled due - to being CPU and I/O intensive and prone to producing false positives.. -- The audittool script has been updated to also identify modified events. -- If a custom motd was used this could have been sent with the smolt data, now - only the version from e-smith-release is sent. -- The wrong URL was shown for the smolt profile, it has been updated to - http://smolt.contribs.org/ -- Patch djbdns around TCP bug: http://alkemio.org/dns_transmit-bug.html -- Change license of djbdns to "Public Domain' - - http://cr.yp.to/distributors.html -- Do not display symlinks via ftp. -- New LPRng where both inbuilt filters as well as smbprint filters work. -- Resolved false positives that were being reported by rkhunter. -- Move the clamav scan schedule to the correct crontab file for ease of use. -- Use yum installonlyn plugin to keep only the last 5 kernels. -- Change Wpad URL to match system domain to enable the Wpad feature. -- dnscache will now ignore referrals when in forwardonly mode. -- On servers with no ibays and less than two users the shadow-copy-rotate - script would fail. -- Correct the step-ticker to pool.ntp.org hosts. -- Hide normally hidden files from view when using roaming profiles. -- The dungog yum repository has been obsoleted as the packages are in - smecontribs. -- When a user is deleted from the server-manager his/her pseudonyms should not - appear in any configuration file. +- From June 2009 smeserver-rkhunter was removed from smeos and made a + contrib. +- Do not allow re-allocation of deleted Windows user profiles. +- Template sshd login grace time +- Correct the configuration of smartd to monitor hard disk status, but + default to disabled. +- Display the boot time menu by default by removing the hiddenmenu entry + from the default grub.conf to be in line with the documentation. +- Enable error logging for MySQL. +- When user or group names with a "." in the names exist, + running /sbin/e-smith/audittools/aliases will show more than the + expected list. +- Improve the quality of the mirrors by using a network mirror-list. The + list is automatically generated hourly based on the status of the + current mirrors. By using these mirror-lists it is ensured that people + are directed to an updated mirror. When a mirror is added or removed + the change will be available quickly and automatically. It also + centralizes control of the mirror lists. +- Add yum-protect-packages support to prevent removal of needed + packages. This stops accidental removal of core SME Server packages. +- Introduced (weak) kernel modules which are independent of kernel + version. This means there is no need to update/rebuild kmods for each + kernel update. +- Fix for VPN access failed with buffer too small errors. + +$Id: README.txt,v 1.4 2010/03/01 19:30:11 wellsi Exp $ + + + -General features -================ -- Based on CentOS 4.7 and all available updates -There are a few differences from previous releases <=7.2 -======================================================== -After installing for the very first time: ------------------------------------------ -- First night you may receive an email from cron about sa_updates. -- First night you should receive a large email saying a bunch of - groups/users were removed/added (rkhunter email notification). -- Any time you change users/groups you will receive an email the next day - about those changes (rkhunter email notification). -$Id: README.txt,v 1.27 2008/11/17 23:15:15 slords Exp $