Dada Mail Developers Archives

v11.17.0 Released

October 27th 2021 UTC

Hello everyone, v11.17.0 has been released! Download and install: https://dadamailproject.com/d/install_dada_mail.pod.html Changelog (and below): https://dadamailproject.com/d/changes_11_x.pod.html#pod11.17.0 Focus This version of Dada Mail has been released with some new features and a few small bug fixes. Features Only one mailing list? The default screen is now that list screen Dada Mail supports an arbitrary number of lists, but many people just run one mailing list. If this is the case, Dada Mail will show what i ...Continue Reading

v11.16.3 Released

September 28th 2021 UTC

Hello Everyone, v11.16.3 has been released (as well as v11.16.2 and 11.16.1). These small releases are just fix bugs dealing with the CSRF vulnerability - some of the functionality of Dada Mail broke (which are now fixed). If you’re running v11.16.0 to 11.16.2, you can just use this dada_mail.js file, https://raw.githubusercontent.com/justingit/dada-mail/v11_16_3-stable_2021_09_27/dada/static/javascripts/dada_mail.jsThis file goes into your dada_mail_support_files directory at, dada_mail_support_files/static/ ...Continue Reading

Re: v11.16.0 Released - CSRF Security Vulnerabilities Found, upgrading highly suggested

September 21st 2021 UTC

Here’s the CVE report: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41083-- Justin J: Lead Dadaist*url: dadamailproject.comemail: justin@PROTECTEDtwitter: @dadamailDada Mail Announcements: http://dadamailproject.com/cgi-bin/dada/mail.cgi/list/dada_announce/ On Sep 20, 2021, at 1:56 PM, Justin John justin@PROTECTED [Dada Mail Developers] <dadadev@PROTECTED> wrote: From: justin@PROTECTEDHello everyone, v11.16.0 h ...Continue Reading

v11.16.0 Released - CSRF Security Vulnerabilities Found, upgrading highly suggested

September 20th 2021 UTC

Hello everyone, v11.16.0 has been released! Download and install: https://dadamailproject.com/d/install_dada_mail.pod.html A CSRF Vulnerability has been found in Dada Mail and this release is primarily put out to fix it. All versions of Dada Mail below v11.16.0 are vulnerable and it’s another upgrade that I would suggest for absolutely everyone. Changelog (and below): https://dadamailproject.com/d/changes_11_x.pod.html#pod11.16.0 Focus This version of Dada Mail has been released primarily to fix a security vulnerabil ...Continue Reading

11.15.1 Released

September 13th 2021 UTC

Hello everyone, v11.15.1 has been released! Download and install: https://dadamailproject.com/d/install_dada_mail.pod.html This release includes a few bug fixes dealing with potential security issues. The biggest one is the reCAPTCHA v2 problem - it’s very easy to circumvent its protection completely, so if you’re relying on reCAPTCHA v2, upgrade. Changelog (and below): https://dadamailproject.com/d/changes_11_x.pod.html#pod11.15.1 Focus This is a bugfix release, with changes to close up some potential security hole ...Continue Reading

Several more security issues opened

September 6th 2021 UTC

Howdy everyone, how’s v11.15.0 working for everyone? While finishing up work on getting the GET requests found in email messages - things like confirming your subscriptions, it dawned on me that Dada Mail has no checks for other GET requests, that should be POSTs. Here’s a scenario: you want to log into your mailing list, so you fill out the password in the login form. Works a peach. The login form uses a POST request, as it’s sending pretty sensitive information through the pipes (your password), but there’s ...Continue Reading

Re[2]: v11.15.0 Released!

August 31st 2021 UTC

It is working now Richard Mourino ------ Original Message ------ From: "Mourino richard.mourino@PROTECTED [Dada Mail Developers]" <dadadev@PROTECTED> To: "Dada Mail Developers Subscriber" <richard.mourino@PROTECTED> Sent: 8/31/2021 6:03:15 PM Subject: Re: [dadadev] v11.15.0 Released! From: richard.mourino@PROTECTED Check the link for the uncompress file got a 404 Richard Mourino ...Continue Reading

Re: v11.15.0 Released!

August 31st 2021 UTC

Thanks - Fixed, https://raw.githubusercontent.com/justingit/dada-mail/v11_15_0-stable_2021_08_30/uncompress_dada.cgi -- Justin J: Lead Dadaist*url: dadamailproject.comemail: justin@PROTECTEDtwitter: @dadamailDada Mail Announcements: http://dadamailproject.com/cgi-bin/dada/mail.cgi/list/dada_announce/ On Aug 31, 2021, at 4:02 PM, Mourino richard.mourino@PROTECTED [Dada Mail Developers] <dadadev@PROTECTED> wrote: From: richard.m ...Continue Reading

Re: v11.15.0 Released!

August 31st 2021 UTC

Check the link for the uncompress file got a 404 Richard Mourino ...Continue Reading

v11.15.0 Released!

August 31st 2021 UTC

Hello everyone, v11.15.0 has been released! Download and install: https://dadamailproject.com/d/install_dada_mail.pod.html This version has protection from link prefetching, which can cause havoc on a mailing list’s functions. I’m not even kidding. Here’s a blog post showing an example of how this can happen in something as widely used as Apple’s Mail app: https://blog.dadamailproject.com/2021/08/31/link-prefetching-protection-in-dada-mail-v11-15-0-and-other-security-enhancements/ I’m suggesting this is one of those, ...Continue Reading

Email Address

You're OK with using your email address as your primary contact for this email discussion list; messages will be sent on your behalf

Unsubscribe at Anytime | Privacy Policy

This mailing list is a public mailing list - anyone may join or leave, at any time.
This mailing list is a group discussion list (unmoderated)
Start a new thread, email: dadadev@dadamailproject.com

This is the developer discussion mailing list for Dada Mail.

If you are just looking for support Dada Mail, consult the message boards at:

https://forum.dadamailproject.com

Documentation for Dada Mail:

https://dadamailproject.com/d

Specifically, see the Error FAQ:

https://dadamailproject.com/d/FAQ-errors.pod.html

To post to this list, send a message to:

mailto:dadadev@dadamailproject.com

All subscribers of this list may post to the list itself.

Topics that are welcome:

Constructive critiques on the program (I like, "x", but, "y" needs some work - here's an idea on how to make this better...)
Bug/Error reports
Bug fixes
Request For Comments on any changes to the program
Help customizing Dada Mail for your own needs
Patches
Language Translations
Support Documentation/Doc editing, FAQ's, etc.
Discussion of any changes that you would like to be committed to the next version of Dada Mail -

Dada Mail is on Github:

https://github.com/justingit/dada-mail/

If you would like to fork, branch, send over PRs, open up issues, etc.

Privacy Policy:

This Privacy Policy is for this mailing list, and this mailing list only.

Email addresses collection through this mailing list are used explicitly to work within this email discussion list.

We only collect email addresses through our Closed-Loop Opt-In system.

We don't use your email address for any other purpose.

We won't be sharing your email address with any other entity.

Unsubscription can be done at any time. Please contact us at: justin@dadamailproject.com for any help regarding your subscription, including removal from the mailing list.

All mailing list messages sent from us will include a subscription removal link, which will allow you to remove yourself from this mailing list automatically, and permanently.

All consent to use your email address for any other purpose stated at the time of the mailing list subscription will also be revoked upon mailing list removal.