Dada Mail Developers

  • This mailing list is a public mailing list - anyone may join or leave, at any time.
  • This mailing list is a group discussion list (unmoderated)
  • Start a new thread, email: dadadev@dadamailproject.com

This mailing list is to discuss the nerdy programming development of Dada Mail -

If you are just looking for support Dada Mail, consult the message boards at:

http://dadamailproject.com/support/boards

To post to this list, send a message to:

 dadadev@dadamailproject.com

All subscribers of this list may post to the list itself.

Some on topic... topics include:

  • Positive Crits on the program (I like, "x", but, "y" needs some work - here's an idea on how to make this better...)
  • Bug/Error reports
  • Bug fixes
  • Request For Comments on any changes to the program
  • Help customizing Dada Mail for your own internal needs
  • Patches
  • Language Translations
  • Support Documentation/Doc editing, FAQ's, etc.
  • Discussion of any changes that you would like to be committed to the next version of Dada Mail -

At the moment, there aren't many people with CVS access for Dada Mail - if you would like CVS access, please first talk about the changes you propose and how it will affect the program. If the idea is sound and agreed upon, the change will be comitted. A good track record of this will allow you to have CVS access. Some reasons that patches will not be accepted is if the patch breaks compatibility with a previous version of the program, the patch is too centric to your own problem or the patch simply isn't very good.

Please, please please familiarize yourself with the documentation at:

 http://dadamailproject.com/support/documentation/

Since no one wants to answer the same question twice.

Another sneaky reason for this mailing list is to test out the discussion list capabilities of Dada Mail, since Dada Mail is used for the mailing list itself.

NOTE - because of this, there may be times that this list will be somewhat broken. Although we're not planning on breaking the program by using it, we're giving you the heads up that this may well happen anyways.

Privacy Policy:

This Privacy Policy is for this mailing list, and this mailing list only.

Email addresses collection through this mailing list are used explicitly to work within this email discussion list.

We only collect email addresses through our Closed-Loop Opt-In system.

We don't use your email address for any other purpose.

We won't be sharing your email address with any other entity.

Unsubscription can be done at any time. Please contact us at: justin@dadamailproject.com for any help regarding your subscription, including removal from the mailing list.

All mailing list messages sent from us will include a subscription removal link, which will allow you to remove yourself from this mailing list automatically, and permanently.

All consent to use your email address for any other purpose stated at the time of the mailing list subscription will also be revoked upon mailing list removal.

Archived Messages

 

v11.16.3 Released

September 28th 2021 UTC

Hello Everyone, v11.16.3 has been released (as well as v11.16.2 and 11.16.1). These small releases are just fix bugs dealing with the CSRF vulnerability - some of the functionality of Dada Mail broke (which are now fixed). If you’re running v11.16.0 to 11.16.2, you can just use this dada_mail.js file, [1]https://raw.githubusercontent.com/justingit/dada-mail/v11_16_3-stable_2021_09_27/dada/static/javascripts/dada_mail.js This file goes into your dada_mail_support_files directory at, dada_mail_supp ...Continue Reading

Re: v11.16.0 Released - CSRF Security Vulnerabilities Found, upgrading highly suggested

September 21st 2021 UTC

Here’s the CVE report: [1]https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41083 -- Justin J: Lead Dadaist url: [2]dadamailproject.com email: [3]justin@PROTECTEDtwitter: [4]@dadamail Dada Mail Announcements: [5]http://dadamailproject.com/cgi-bin/dada/mail.cgi/list/dada_announce/ On Sep 20, 2021, at 1:56 PM, Justin John [6]justin@PROTECTED [Dada Mail Developers] <[7]dadadev@PROTECTED> wrote: From: [8]justin@PROTECTED Hello everyone, v11 ...Continue Reading

v11.16.0 Released - CSRF Security Vulnerabilities Found, upgrading highly suggested

September 20th 2021 UTC

Hello everyone, v11.16.0 has been released! Download and install: https://dadamailproject.com/d/install_dada_mail.pod.html A CSRF Vulnerability has been found in Dada Mail and this release is primarily put out to fix it. All versions of Dada Mail below v11.16.0 are vulnerable and it’s another upgrade that I would suggest for absolutely everyone. Changelog (and below): https://dadamailproject.com/d/changes_11_x.pod.html#pod11.16.0 Focus ----- This version of Dada Mail has be ...Continue Reading

11.15.1 Released

September 13th 2021 UTC

Hello everyone, v11.15.1 has been released! Download and install: https://dadamailproject.com/d/install_dada_mail.pod.html This release includes a few bug fixes dealing with potential security issues. The biggest one is the reCAPTCHA v2 problem - it’s very easy to circumvent its protection completely, so if you’re relying on reCAPTCHA v2, upgrade. Changelog (and below): https://dadamailproject.com/d/changes_11_x.pod.html#pod11.15.1 Focus ----- This is a bugfix release, wit ...Continue Reading

Several more security issues opened

September 6th 2021 UTC

Howdy everyone, how’s v11.15.0 working for everyone? While finishing up work on getting the GET requests found in email messages - things like confirming your subscriptions, it dawned on me that Dada Mail has no checks for other GET requests, that should be POSTs. Here’s a scenario: you want to log into your mailing list, so you fill out the password in the login form. Works a peach. The login form uses a POST request, as it’s sending pretty sensitive information through the pipes (your passwo ...Continue Reading

Re[2]: v11.15.0 Released!

August 31st 2021 UTC

It is working now Richard Mourino ------ Original Message ------From: "Mourino [1]richard.mourino@PROTECTED [Dada Mail Developers]" <[2]dadadev@PROTECTED>To: "Dada Mail Developers Subscriber" <[3]richard.mourino@PROTECTED>Sent: 8/31/2021 6:03:15 PMSubject: Re: [dadadev] v11.15.0 Released! From: [4]richard.mourino@PROTECTED Check the link for the uncompress file got a 404 Richard Mourino [1] mailto:richard.mourino@PROTECTED [2] ...Continue Reading

Re: v11.15.0 Released!

August 31st 2021 UTC

Thanks - Fixed, [1]https://raw.githubusercontent.com/justingit/dada-mail/v11_15_0-stable_2021_08_30/uncompress_dada.cgi -- Justin J: Lead Dadaist url: [2]dadamailproject.com email: [3]justin@PROTECTEDtwitter: [4]@dadamail Dada Mail Announcements: [5]http://dadamailproject.com/cgi-bin/dada/mail.cgi/list/dada_announce/ On Aug 31, 2021, at 4:02 PM, Mourino [6]richard.mourino@PROTECTED [Dada Mail Developers] <[7]dadadev@PROTECTED> wrote: From: [8]richard.mo ...Continue Reading

Re: v11.15.0 Released!

August 31st 2021 UTC

Check the link for the uncompress file got a 404 Richard Mourino ...Continue Reading

v11.15.0 Released!

August 31st 2021 UTC

Hello everyone, v11.15.0 has been released! Download and install: https://dadamailproject.com/d/install_dada_mail.pod.html This version has protection from link prefetching, which can cause havoc on a mailing list’s functions. I’m not even kidding. Here’s a blog post showing an example of how this can happen in something as widely used as Apple’s Mail app: https://blog.dadamailproject.com/2021/08/31/link-prefetching-protection-in-dada-mail-v11-15-0-and-other-security-enhancements/ I’m ...Continue Reading

Re: Message Link Prefetching Issue

August 24th 2021 UTC

Hi Justin! Always nice to hear from you and seeing you take care great of your baby. Hope you are doing well out there in the West. Nothing else. Just hi. 😃 Cheers,Bruce Scherzinger On August 24, 2021 5:18:17 PM "Justin John justin@PROTECTED [Dada Mail Developers]" <dadadev@PROTECTED> wrote: From: [1]justin@PROTECTED Howdy everyone, I’m working on the problem of email services/readers (Gmail) visiting links within the message to do whatever they do when th ...Continue Reading