NEW FEATURES:
Added Nginx HTTP Server in lieu of Apache.
Added Lets Encrypt (Acme) Certificates support for HTTP and SMTP TLS (future).
Added Wildcard CSR generation capability.
Added Authelia Authentication Server for authentication into Admin Console.
Added 2FA (Two Factor Authentication) for Admin Console.
Added ability to add multiple System User accounts in addition to the default “admin” user. Will be expanded in the future to include permissions.
Added Basic API for internal system functions. Will be expanded in the future for more functionality.
Added support for checking System User passwords against haveibeenpwned.com.
Re-worked Admin Console Firewall to work through Nginx. It now includes the ability to allow IPs to Hermes and/or Ciphermail Admin consoles.
Enabled Uncomplicated Firewall (UFW) with the following allowed incoming ports by default:
22/tcp (SSH)
25/tcp (SMTP)
9080/tcp (Hermes Old Web GUI HTTPS)
80/tcp (Hermes New Web GUI HTTP)
443/tcp (Hermes New Web GUI HTTPS)
3306/tcp (MySQL)
THE FOLLOWING PAGES HAVE BEEN ADDED:
System –> System Certificates (Pro Only)
System –> Admin Authentication
THE FOLLOWING PAGES HAVE BEEN UPGRADED TO VERSION 2.0:
System –> Network Settings
System –> Admin Console Firewall (Pro Only)
System –> AD Integration (Pro Only)
System –> Console SSL Settings RENAMED/MOVED TO System –> Console Settings (Pro Only)
System –> Change Password –> RENAMED/MOVED TO System –> System Users
Gateway –> Certificate Signing Request RENAMED/MOVED TO System –> System Certificates (Pro Only)
Gateway –> Internal Recipients
Content Checks –> Message History & Archive RENAMED/MOVED TO Content Checks –> Message History
Encryption –> Internal Recipients Encryption RENAMED/MOVED TO Gateway –> Internal Recipients
FIXES:
Improved error handling in System –> System Backup for permission related errors in SMB Share
Added functions to disable firewall and reset all MySQL username/passwords in System –> System Settings when running System Restore
Fixed bugs in system_restore.sh script