[SECURITY] maddy 0.7.1

[foxcpp]

This release, among other fixes, includes the fix for the zero-day "SMTP smuggling" vulnerability. Detailed analysis: https://www.postfix.org/smtp-smuggling.html Until 0.7.1 maddy was a "email service B".

Fixes

• cfgparser: Do not interpet absolute paths relatively to the config dir (Fails to import config from file using absolute path #592).
• target/remote: Fix isVerifyError not working correctly on Go 1.20 (Certificate subject names checked when min_tls_level is encrypted #612).
• smtpconn/pool: Fix idle connections almost never cleaned up (Lots of open sockets #596).
• target/remote: Fix wrong DNS query type in DANE lookups for IPv6-only hosts (No usable MXs when sending to IPv6-only domain #631).
• [SECURITY] go-smtp: Mitigate SMTP smuggling issue (Strict CRLF check in SMTP protocol #661).
• endpoint/smtp: Detect cancelled rDNS lookup correctly (fix(session): detect canceled lookup correctly #626).
• check/spf: Handle empty MAIL FROM in accordance with RFC 7208.

Misc

• storage/imapsql: Add support for transpiled SQLite driver

Tests

• Fix cover_test.go deadlock on Go 1.20.

Distribution & packaging

• build.sh: Allow to run ./build.sh install without go command available (Permission issues when installing from source. #569).
• dist/systemd: Ease umask restrictions, making files RW for maddy group (Permission issues when installing from source. #569).
• dist/systemd: Depend on network-online.target (Update systemd services to depend on network-online.target #617).

Documentation

• Improve Markdown formatting and grammar (Improve Markdown formatting #600, Fix md formating and small grammar issues #614, Fix escape on authorization page #662).
• Fix a bunch of links being broken (Update setting-up.md #601, Update docker.md #602, Update remote.md #667).
• email_with_domains -> email_with_domain (Documentation Typo in 'Multiple domains configuration' #609, Replace email_with_domains -> email_with_domain in docs #613).
• Fix wrong SPF record suggestion (Correct spf dns record #640).
• Fix number of sigs for modifiers.dkim sign_fields (docs/reference/modifiers/dkim: fix number of sigs for sign_fields #643).
• Explicitly mention that referencing config block from global directive won't work.

---

This discussion was created from the release [SECURITY] maddy 0.7.1.