||New Features and Bugs Fixed
||10 May 2007
- Security: Serious security issue fixed, that could allow registered
users to get to the accounts of other registered users
- Fixed: Many minor fixes and feature additions which have been primarily
available through the surgemail webmail distributions. For a changes
list see surgemail
|9th May 2005
|9th March 2005
- Added INI setting: bypass_v_header - When set to true will stop
'v_headers' from being sticky.
- Added INI setting: hide_stop_inline - When set to true , any stoped
attachment the inline link will not appear.
- Added: Setup the CGI and templates to allow users to use teh timezone
of the browser. setting: timezone browser
- Added: The ability for each user to upload each POP folder of their
- Added INI setting: no_sent_attach - When set to true all email stored
in 'sent' folder will NOT include the attachments
- Updated: Uploading large attachments reduce CPU usage.
- Fixed: Issue with HTML text with large lines losing spaces, surge
tpl set only.
- Fixed: emails sent between midnight (12:00am) and 1 o'clock (1:00am)
show up as 0:xx am not 12:xx am
- Fixed: Crash with incorrect user.dat setting: 'email_ips'
|3rd November 2004
- Fixed: Downloading attachments from an the email which starts off
- Fixed: Emails which are missign entires in the index.dat file should
new get updated.
- Added: Any emails which don't have a date field setup will default
to the time it was downloaded.
- Fixed: Uploading draft files to NON-SurgeMail server can fail.
- Added CMD: cmd=no_surgemail&utoken=||utoken||
This will display the no_surgemail.tpl file.
- Updated: Rebuilding of indexes for POP will keep the flags information.
- Fixed: Emails which have invalid RFC headers for each part.
X-MIME-Autoconverted: from 8bit to quoted-printable by smtp-out-2001.amazon.com
- Added: '&confirm_from=user@domain' to 'cmd=send_confirm-xxx'
will use this from address instead.
|3rd November 2004
- Fixed: The cgi was not existing cleaning if the data from the POP
server incorrectly stopped unexpectly.
- Updated: XFLDDATA - To use utf7 encoding as well.
- Updated: POP side of webmail now checked for the response:
-ERR [IN-USE] ....
If it response back with this it will close the connection sleep for
1 second and try again. It will only attempt 3 time before giving
- Updated: Where the 'lang_cgi.dat' file is located. It's not expected
to be in webmail's workarea.
- Added TPL cmds: ||strip_lang||x|| - removes all esc lang characters
||strip_lang_esc||x|| - remove only esc characters.
||java_lang||x|| - incodes using '!xx' encodeding.
(&java_lang=true) required on some links to decode the above.
- Added INI setting: override_list_lang japanese
Smooth tpl setting only.
- Fixed: Folder names that had '...&..-...' cause the CGI to have
- Fixed: Email layout which had not place spaces after the header
- Fixed: The cgi crashed with some address books, in some cases.
- Added: New 'memory.log' file in the workarea any cmd that crashes
or requires 10+Meg memory will log 1 line in this file:
log_memory false -- Disable log file
#log_memory true -- log every cmd that uses 10Meg or more.
log_memory true -- log every cmd
|15th August 2004
- Fixed: new imap command 'XFLDDATA' was not using imap_prefix setting.
- Fixed: Quota percent when over quota can go negative.
- Added INI Settings: ignore_bad_rcpt - When set to true it will attempt
to send to the working rcpt emails anyway.
- Added CMD: firstname.lastname@example.org&fwd_list=list&....
Do to a correct redirect
- Added CMD: cmd=pgp_pub_verify - This will verify the Public PGP
key which is attached against the one on the users public key ring.
- Added CMD: cmd=not_spam and cmd=not_spamsel - This will allow users
to submit real emails to your spam untils. uses ini setting:
for were to send it.
- Added user.dat Setting: _one_digest - When set to true this will
when forwarding emails, send as 1 digest email message, instead of
- Added INI setting: cookie_domain_name - When set to true the name
of the cookie will include the domain as well.
- Added INI setting: dsn_confirm - When set to true and the SMTP supports:
DSN - Delivery Status Notifications
It will request a DNS
|27th July 2004
- Fixed: In somecases address book can cause the CGI to crash when
- Added: href links now have only 80 characters display with '...'
on the end.
This was added to stop large URL's stuffing up the display of the
- Updated: cmd=url - requiring 'xdata=user@domain' as well.
- Updated: '<?' sequence was getting encode if inside japanese
when it should not have been encoded.
- Updated: Emails which wraped japanese characters Were stuffing up
- Updated to remove the line breaks.
- Added New TPL variable: surgemail_disallow - This display the list
of disabled SurgeMail features. ie, SMS
||21st June 2004
- Fixed: xfile - downloading aliases files cause CGI stall.
- Fixed: When viewing an email and click on the 'from' addres causes
- Fixed: URL's in emails were being choped to about 200 bytes.
- Updated: Fixed some email layout issues with some HTML emails.
- Updated: British Daylight goes to GMT and back again.
- Added: WebMail Update Feature
- Added TPL Cmd: ||percent||var1||var2|| - returns 0-100.
- Added INI Settings:
# ip_bypass 22.214.171.124
- Added TPL setting: ||file_ksize|| - for filestore files.
- Added INI Setting: only_fld_surgemail - When set to true bypass
webmail's cache and use surgemail information only
||21st May 2004
- Update: 'email.htm' to now say: 'To_view_full_html_email_click_here'
- Fixed: trusted_sites issue.
|21st May 2004
- Fixed: If an error occurs with the SMTP it will now display the
error to the user.
- Fixed: If a backup has been setup it will use this is the response
from the IMAP/POP/SMTP/POPPASSD is not a successfull response.
- Fixed: Command managers updating user.dat settings has been fixed.
- Fixed: Updating a miss-spelt words would cause long lines to be
choped to 512 characters.
- Fixed: Checkmail and page 1 not matching - Caused by index.dat lines
being to large for emails which had heaps of to entries. Now limited
to only 1k
- Fixed: Unable to create a folder that doesn't exists if folder was
deleted with 3rd party mail clients and has been cached in webmail.
- Fixed: Languages Support issues with Japanese characters
- Fixed: WebMail crash on replying to emails which are just HTML emails.
- Updated: HTML emails that are display their 'src' if referencing
an offsite image
are replaced with a local setting.
ie. blank_image /nwimg/imap/offsite.gif
If no blank_image has been setup then no image is displayed.
- Update: update interface to surgemail filestore system to reduce
- Added TPL Fields: Now have the following available:
- Added INI setting: remove_user_char - The character setup the username
will be snipped on this when generating a default reply address.
ie. remove_user_char %
- Added INI setting: max_html_line - When webmail converts an HTML
email to Plain text this setting is the number of sequence blank lines
(for reply/forward only)
- Added INI Setting: trusted_sites - This are global trusted sites.
- Added New Feature: Trusted Sites - Emails which display images from
site that are trusted are displayed. Otherwise they are removed.
New CMD: cmd=add_trust&trust=domain.name
New TPL: ||begin_trust|| ||trust|| ||trust_count|| ||end_trust|
|5th February 2004
- Fixed: with the ini setting 'use_x_uidl true' enable and filter
rules setup which
remove emails from the inbox did cause the wrong email to be displayed.
- Fixed: 'Mailman' long Filename over mutiple lines issue.
- Updated: IE does not correctly support ' character in filenames.
- Added: Sort Subject on Thread: sort_on=subject&sort_method=thread
- Added: user.dat settings:
This overrides: '_default_profile'
- Added INI Setting: cwmail_no_dist_list - Used only when converting
cwmail users when true this will place all dist list in the address
- Fixed: Bug with smtp connection being dropped by the SMTP server.
- Added INI Setting: ignore_surghost_ini - when set to true it will
ignore the surgehost.ini file.
- Added INI Setting: keep_attach_remote - when set to true and xfile
is being used then it will not store the xfile locally.
- Added TPL CMD: cmd=save_status&status=....&utoken=||utoken|||
Only valid bulliten users are allowed.
on any tpl you can have: ||status_file||
||15th December 2003
- Added INI setting: domain_select - When setup this will display
a pulldown list on
the login page of all the domains setup by surgemail. Allowing the
user to select the domains to use.
- New TPL Variables: is_mac - set to true if the user is on a mac.
safari_version - if the users are using safari which is the mac this
will have the version number
- New INI settings:
This will create and pre folders needed and the delete will remove
any sub folders.
- Fixed: An issue with POP servers which use '!' character as part
of the UIDL.
- New INI setting: override_prefix - This will override the imap prefix
setting within the user.dat file.
- Templates: Fixed issue with manual fetch check when preview on and
no messages in inbox
|12st December 2003
- Added INI Setting: spam_email_address - This is the email address
that any spam is sent. The new command 'cmd=spam_remove-||uidl||'
Is used on the item.tpl to allow users to send the email to the spam
- Added TPL Command:
||num|| - 1,2,3,4,...
||alias|| - Full alias address
||alias_email|| - (email address only)
||alias_personal|| - (personal name only)
This is generated from the file called: 'aliases.txt' in the users
directroy. Which is retreived from SurgeMail.
- Update: The user Filters page has been completely redone.
- Update: skip any trailing fullstops on an email address in the body
of a message.
- Added: New Import address book format: LDIF
- Added INI setting: enable_cmd_log - When set to true this will allow
this to work:
./webmail.cgi -enable_cmdlog c:\webimap\hawk.log
./webmail.cgi -disable_cmdlog c:\webimap\hawk.log
Allowing you to start the 'cmd_log' file to be turned on and off as
|12th October 2003
- Added INI setting: stop_attach_download - This setting will stop
wild card files from being downloaded.
- Added INI setting: hide_stop_attach - This will not display the
link to the user of any attachment that has been stoped.
- Fixed: Some EMails which are display in BIG5 can have large lines.
They are not chopped which caused characters to be invalid.
- Fixed: Possible crash on Filtering.
- Fixed: Any time WebMail is going to output <scripts> unencoded
it will replace with:
It will also be logged in the webmail.log file.
- Fixed: Bulletin Directory is now created if setup.
- Fixed: Some attachments are getting lost on a forward command.
- Fixed: Memory allocation fails on LARGE pop accounts when display
all the folders.
- Added INI Setting: use_imap_local_search - When set to true teh
IMAP searches will be done locally just like the POP account.
- Added CMD: do_create_addr - This will create an empty address book
- Added INI Settings: cwmail_allow_dash, cwmail_allow_dot, cwmail_allow_slash
used only when converting CWMail users.
- Added CMD: ./webmail.cgi -password xpass This override the managers
password in the ini file.
- Added: '&save_file=true' when added to the link to download
a file it will always prompt the user for a location to save the file.
- Fixed: A UID issue on some POP server, some commands were incorrectly
|1st September 2003
- Security Updates
- Updated: Temp files are place in a seperate folder called '../webmail/tmp/'
- Added: accept list to Webmail:
New TPL vars: ||accept_no_filter|| ||accept||
New TPL CMD: ||begin_acceptlist||..||end_acceptlist||
- Added: Attachment sizes to be displayed when using ||begin_attachments||..||end_attachments||
- Added: Searching on stated charset
- Updtaed: error.tpl - was one situation where a link to the login
page was not supplied.