Dada Mail v9.4.0 Released – Rate Limiting

Dada Mail v9.4.0 has been released – download and install using the instructions here. Changelog is below:

Rate Limiting

We’ve enabled a Rate Limiting in Dada Mail! This is a safeguard against perhaps nefarious attempts at attacking the Dada Mail when there are many requests done in a short space of time. Before v9.4.0, Dada Mail would happily try to serve each request, and sometimes this would cause problems. One scenario:

Say you have a subscrption form, and say that form has been targeted by a bot in an attempt to exploit it. There aren’t any currently known exploits out there in the wild for Dada Mail, but perhaps the bot doesn’t know that, so it just tries to fill out your form multiple times a second. This can cause problems with resources on your hosting account reaching their limit, and cann also cause multiple emails to be sent to bogus addresses, and probably bounce back, which cause much annoyance. If you utilize a third party email service, like Amazon SES (which we highly recommend!), this can work against you, as this service monitors bounce rates closely and will not allow the rate to go too high. If it does, you’re in hot water with Amazon AWS.

Dada Mail’s Rate Limiting now monitors who is requesting what, and how many times. If it notices what could potentially be signs of abuse, it’ll deny the request for a small amount of time. This stops flagrant and out-of-control abuse of the app and does so easily.

Rate Limiting is enabled by default, and its options can be customized in Dada Mail’s included installer. More Information: http://dadamailproject.com/d/install_dada_mail-advanced_configuration.pod.html#Rate-Limiting


Dada Mail v9.3.0 Released

Dada Mail v9.3.0 has been released – download and install using the instructions here. Changelog is below:

Features

Subscriber Delivery Preferences editing on Membership – View screen

For discussion lists that have digest enabled, editing individual delivery preferences can be done on the Membership – View screen, rather than having to visit the individual subscriber’s membership screen to make the edit.

Delivery Preferences are now also exported, when you export Subscriber data via csv.

Changes

No Directory Listing in dada_mail_support_files directory

During installation/upgrade and when using the included Dada Mail Installer, the Installer will now create a .htacess file, with the following directive:

        Options -Indexes

This stops a directory listing to be returned for anyone/anything visiting the root of this directory. Since files/directories of older installs are backed up, and since some of the files in these backed-up directories could have exploits fixed in the more recent versions being installed, this simple removal of the directory index may stop these potential exploits.


Dada Mail v9.2.2 Released!

Dada Mail v9.2.2 has been released – download and install using the instructions here. Changelog is below:

This is mostly a bug-fix release, fixing bugs found in the v9.2.1 release.

Bugfixes

Resetting List Password after incorrect login attempt creates Server Error

https://github.com/justingit/dada-mail/issues/566

Save for Multiple Lists does not work for Sending >> Options

https://github.com/justingit/dada-mail/issues/569


Dada Mail v9.2.1 Released

This is mostly a bug-fix release, fixing bugs found in the v9.2.0 release.

Dada Mail v9.2.1 has been released – download and install using the instructions here. Changelog is below:

9.2.1

This is mostly a bug-fix release, fixing bugs found in the v9.2.0 release.

Bugfixes

Default, “Break” email protection does not work on publically viewed archived messages

https://github.com/justingit/dada-mail/issues/556

Plugin: password_protected_directories: Submission redirects to public Dada page

https://github.com/justingit/dada-mail/issues/558

Amazon SES “Verify” will give false negative if email address belongs to a subdomain, and only domain is verified #559

https://github.com/justingit/dada-mail/issues/559

Plugin: password_protected_directories: .htpasswd/.htaccess file not updated via cron

https://github.com/justingit/dada-mail/issues/560

List Control Panel tablet/mobile view does not show a “log out” button, if there is < 2 mailing lists

https://github.com/justingit/dada-mail/issues/562

Sending messages via the List Control Panel does not look for validity in template tags

https://github.com/justingit/dada-mail/issues/563


Dada Mail 9.1.3 Released!

This is mostly a bug-fix release, fixing bugs found in the v9.1.2 release.

Of note were several minor bugs found in the Installer – some of which are documented below, but other small bugs include:

  • Bounce Handler always being enabled to be installed
  • The, “Hide Administration Link” always set, even if the option is not enabled.

Changes

Mandrill API support dropped

Mandrill has changed their ToS to disallow bulk mailing, so this service is a bad fit for something like Dada Mail. We’ve removed the API to streamline the underlying codebase.

Amazon SES docs expanded

We love Amazon SES! We’ve updated and expanded the docs to help you better set up Amazon SES in Dada Mail. Docs can be found here:

http://dadamailproject.com/d/features-amazon_ses_support.pod.html

Ping Test in Sending Options Test for SMTP

We’ve added a simple ping test to see if the host at the port you’ve specified can be reached. Many times, problems sending via SMTP are because the outgoing port on the server Dada Mail is installed on is blocked, rather than the SMTP credentials being wrong, or there’s a bug in Dada Mail. This small enhancement will help clarify where the problem may be.

Added .htaccess file in, “dada” directory

We’ve added a simple .htaccess file in the main dada directory to set the DirectoryIndex to the mail.cgi script. That way, one can just visit,

        http://example.com/dada
        

and will see Dada Mail’s default screen instead of nothing, or the underlying directory structure.

Bugfixes

Installer: SQL database port value not being read correctly?

https://github.com/justingit/dada-mail/issues/551

Hide Disabled Screens not working with classic side bar

https://github.com/justingit/dada-mail/issues/549

Installer: SQL database port value not being read correctly?

https://github.com/justingit/dada-mail/issues/551


Screencast: Discussion Lists with Bridge

Still using Mailman for your discussion mailing list? Dada Mail makes administrating a mailing list much, much easier. In this screencast, we’ll show you how easy it is to set up a Discussion List with Dada Mail, on a cPanel hosting account in less than 5 minutes.