Version 1.680
Released: 2025-07-17
new custombuild
Sender address spoofing protectionThe Exim mail server configuration is extended to block user attempts to spoof the sender address. This is implemented as an additional Exim ACL for email submitted over SMTP. The ACL checks the username from the SMTP authentication against the sender address provided in the SMTP MAIL FROM
command (also known as the envelope sender).
The general idea of sender address validation is to allow an email account to be able to send from any address as long as an email reply to the sender address would be routed back to the same email account.
Valid sender address examples:
- Main mailbox address is always allowed to be used as the sender address.
- Same address (local part) but a different domain is allowed to be used if the domain is an alias of the main address domain.
- Any forwarder email address can be used as a sender address if the forwarding rule is configured to deliver emails to the main address.
- Any unused email address in the same domain can be used by the mailboxes that are configured to be a catch-all mailbox for that particular domain.
The sender address spoofing protection is enabled by default. However, it can be explicitly disabled to stay backwards compatible with the old Exim configuration by setting the AUTH_BLOCK_SENDER_SPOOFING = no
variable in the /etc/exim.variables.conf.custom
file.
Examples:
# Disable sender address validation (insecure):
sed -i '/^AUTH_BLOCK_SENDER_SPOOFING /d' /etc/exim.variables.conf.custom
echo 'AUTH_BLOCK_SENDER_SPOOFING = no' >> /etc/exim.variables.conf.custom
da build exim_conf
# Restore sender address validation:
sed -i '/^AUTH_BLOCK_SENDER_SPOOFING /d' /etc/exim.variables.conf.custom
da build exim_conf
evolution improved
New File Manager's files and folders table designThe File Manager's files and folders table has been redesigned with a new design and optimized rendering logic, resulting in improved performance and a more streamlined user experience when browsing and managing files.
The layout is kept the same, ensuring that users can continue to navigate and interact with the File Manager as before.
evolution improved
Improved drag and drop functionality in File ManagerThe drag and drop functionality in the File Manager has been reworked for greater reliability and usability. Files and folders can now only be dropped onto the main files and folders table area, which immediately triggers the upload dialog for the dropped items. This change eliminates previous bugs and ensures a more consistent and predictable upload experience.
custombuild improved
Software version changesapache2.4
updated from2.4.63
to2.4.65
composer
updated from2.8.9
to2.8.10
litespeed
updated from6.3.3-1
to6.3.3-2
lz4 (PHP extension)
updated from0.4.4
to0.5.0
modsecurity_owasp_rules
updated from4.15.0
to4.16.0
modsecurity
updated from2.9.10
to2.9.11
nginx
updated from1.28.0
to1.29.0
PHP 8.1
updated from8.1.32
to8.1.33
PHP 8.2
updated from8.2.28
to8.2.29
PHP 8.3
updated from8.3.22
to8.3.23
PHP 8.4
updated from8.4.8
to8.4.10
redis
updated from8.0.2
to8.0.3
Note:
Using apache2.4.64
together with nginx
may require to enable passing of the server name through TLS Server Name Indication extension in nginx config when using ssl reverse proxy.
# Example for nginx_apache webserver
# When overriding Host header for SSL reverse proxy
proxy_pass https://example.com;
proxy_set_header Host $host;
proxy_ssl_name $host;
proxy_ssl_server_name on;
See proxy_ssl_server_name
and proxy_ssl_name
.
evolution fixed
Wildcard options are not preselectedTicking the "Wildcard" option (found within admin level -> Account Manager -> SSL Certificates -> Get automatic certificate from ACME Provider) previously did not preselect the required certificate entry options.
cakey
, cacert
, carootcert
configuration options from directadmin.conf
removed
Removed The location of server host name TLS certificate files can no longer be customised. The files will always be stored in the default locations:
/usr/local/directadmin/conf/cakey.pem
- server host name TLS key./usr/local/directadmin/conf/cacert.pem
- server host name TLS certificate./usr/local/directadmin/conf/carootcert.pem
- intermediate CA certificates.
On the servers where these options were set to non-default values, the certificate files will be automatically copied to the default location.
removed
Removed surplus data from filemanager files searchSimplified files search in filemanager.
/CMD_FILE_MANAGER?action=recursive_search
changes:
- Removed
type
filter - Returned files size is always zero
removed
Removed leftover Userdir configuration from apache templatesThe default IP apache vhost template is cleaned up by removing UserDir directives, previously used when userdir_access
CB option, was enabled.
HAVE_USERDIR_ACCESS
token is always 0
evolution removed
Removed column size menu customization optionIt is no longer possible to select how much space a menu category could take up.
evolution removed
Removed filtering from files and folders tableThe filtering feature of files and folders in the File Manager was removed.