How can we help?


Update 6.3.6

Stewart -

March 12, 2012

And so we introduce Atmail 6.3.6 - our biggest release of the year so far. Containing more than 100 fixes and improvements to the Atmail system, this is a recommended update for anyone with an Atmail install. Highlights include Advanced Search, Password Encryption, and LDAP Support for Calendar Server.


  • Added encrypted logins for Calendar Server logins
  • Added IMAP Auth fallback for CalDAV authentication
  • Added LDAP authentication for Calendar Server
  • Calendar server moved provisioned detection to provisioning system from DAV auth plugin
  • Calendar migration updates
  • Removed redundant fetching of user data
  • Calendar server now correctly calls LDAP bind with bind DN
  • Change in height for calendar list items
  • Corrected Calendar Server processing of config.ini sections
  • Corrected Darwin-to-Sabre migration issue (New server starts before old calendar server is turned off)
  • Corrected XSS in calendar event fields
  • DAV authentication now attempts to cache authorisations for multiple calls
  • Fixed encoding issue with error output from Calendar Server
  • Fixed jQuery DND for Safari/Chrome/IE
  • Updated Calendar Server to leverage Bind DNs


  • Implemented Message Flagging
  • Added password length check in Change Password module
  • Delete Trash on Logout is now the user default setting
  • Improved LDAP Change Password feature
  • Improved LDAP system integration
  • Redirect removed folder contents to Trash


  • Advanced Search added
  • Added some extra ids to html tags for better Plugin support
  • Can now use umlauts when searching contacts
  • Improved Upgrade popup box in Webadmin
  • Corrected filtering for the WebAdmin User Manager
  • Corrected Dashboard controller issues with graph calculation
  • Corrected description for subfolder tool tip
  • Corrected folder Add and Remove behaviour for subfolders
  • Corrected folder view not expanding if inside a subfolder
  • Corrected id tag issue in Webmail Settings pane
  • Corrected XSS issues with Log Search
  • Corrected notification display in Webadmin > Settings
  • Corrected simpleFlash for Webadmin
  • Corrected simpletreeview jQuery plugin issue (Previously reset all subfolders expand status even when already set. Caused large performance issues)
  • Disabled setTimeout for scrollTo current folder during first load
  • Fixed Internet Explorer 7 issues with Advanced Search
  • Fixed JS error case handling in Webadmin > Settings > Global Settings
  • Fixed Add Folder button being marked as disabled
  • Fixed browser issues with i18n
  • Fixed CSS mistakes (space in pixel value)
  • Fixed invalid data issue when viewing contacts
  • Fixed slide animation issue that caused vast performance issues
  • Improved User Manager for username validation
  • More verbose timeout message, if running session timeout on iOS
  • Atmail now validates folders for illegal characters
  • Removed translator website from Italian translation
  • Updated simpleFlash to be more context-aware and avoid multiple binds


  • Added Atmail_Enum for application wide constants
  • Added external user password encryption (two way)
  • Added input filter system to admin user controller
  • Added master key setting to configuration file
  • Added missing php-dom for Redhat
  • Added optional deps for mcrypt to installers
  • Added sanitizer to sieve filter
  • Consolidated all password crypt functions
  • Consolidated Atmail LDAP functions
  • Correct search multiple binds
  • Corrected admins being able to accidentally double hash user passwords
  • Corrected cli.version clear on database update
  • Corrected index for abookGroups
  • Corrected issue where _md5 for custom session savehandler not being set correctly
  • Corrected issue where session backend not available during some static calls to its class
  • Corrected LDAP bindauthdn variable usage
  • Corrected local codebase version string not being used to load new versions of CSS/JS on update in admin interface
  • Corrected master key and external users / session encryption unavailable for webmail client installations
  • Corrected migration A5 -> A6 halts due to timeout from old database connection
  • Corrected migration script including settings from users not included in the UserSession? (removed users)
  • Corrected password not being updated due to variable mismatch
  • Corrected remoteServer behaviour
  • Corrected session handler not being able to programatically save sessions for other users while admin
  • Corrected session handler producing error if user has no session data
  • Corrected session handler saving blank sessions (no username provided yet)
  • Corrected session handler searches for blank session id's
  • Corrected session issue where sometimes a valid session ID would be overwritten
  • Corrected upgrade sets cli when not needed
  • Corrected user password encryption hosing already hashed passwords on save
  • Corrected username renaming admin function and re-enabled
  • Corrected zend input filter to match rules on embedded objects during filtering
  • Correct syntext error in digest library
  • Db updater will now still continuing on failure
  • Fixed broken admin Plugin interface controller
  • Fixed creating root folder will add more plus sign issue
  • Fixed folder deletion bug. When deleting a user defined folder, there is a race condition where a default 'inbox' would be passed to recursive delete
  • Fixed search SQL was failing on COOERCIBLE
  • Implemented session encryption
  • Modified auth controller to set auth creds only when crypt type known
  • Modified LDAP add user to be able to handle usernames without domains (domain check for unique username)
  • Modified update code to be more directory aware
  • Now disables unusable password crypt types in admin > global panel
  • Now doesn't store plaintext CalDAV password
  • Replace deprecated function split with explode in General.php
  • Resolved LDAP_add_user missing pear lib
  • Tidy up of global config usage
  • Update iOS profile to handle encrypted external user passwords
  • Updated code to use enums for password types to correct inconsistencies in hardcoded strings
  • Updated Exim_Config to use atmail_enum
  • Updated LDAP-add-user to throw exit codes and updated dovecot create-scripts to honour those exit codes and pass on to dovecot
  • Updated loadTestUrls to not include external accounts during tests
  • Updated settings for external user password encryption


Contact our support team

+61 (7) 5357 6605