![\"Account](\"https://modoboa.org/media/filer_public/40/29/402950a7-b6b5-42f4-ba07-1f4a57c4211a/account_random_password.png\")
Creating an account with Modoboa is pretty easy but choosing a good password can be tricky. Additionaly, you might not want to choose a password at all when you create an account for someone else.
\r\n\r\nIn such cases, a generator, which creates strong enough and random passwords, is a nice feature to have. Unfortunately, Modoboa does not provide one yet but it can be fixed pretty quickly, thanks to your contribution!
\r\n\r\nThis feature will be integrated to two different workflows.
\r\n\r\nInside the account creation wizard, a new option will be added to allow administrators to choose if they want a random or a manual password.
\r\n\r\n
When a new domain is populated with a predefined administrator, the generated password defaults to password and it can't be set to another value. To enhance this behaviour, a new option will be added to allow the generation of a random password.
\r\n\r\n![\"\"](\"https://modoboa.org/media/filer_public/51/1c/511ce10b-1517-49bc-9685-bfad1378f6ed/admin_random_password.png\")
Do not panic, we have a PDF file for you!
\r\n\r\n![\"\"](\"https://modoboa.org/media/filer_public/45/da/45da748e-cef7-49cb-85ef-cf7700358d33/pdf_content.png\")
You might have noticed that user passwords are never displayed by the web interface and it will stay as is even with random passwords. The only place to find them will be inside the PDF document generated at account creation.
\r\n\r\nIf you need/want/like this feature, it is time to sponsor it :-)
","goal":"250.00","contributor_count":6,"current":250.0,"slogan":"Generate strong and random passwords when you create a new account","full_url":"http://modoboa.org/en/projects/1/"},{"name":"Password reset service","description":"At the moment, when someone forgot his Modoboa password, the only way he can retrieve it is to ask an administrator to reset it. It is clearly not the best workflow ever and it is far from instant. As for many web applications today, the idea is to integrate a password reset service to the login page, allowing users to retrieve access to their account themselves.
\r\n\r\nA link will be added to the login screen, something like "I forgot my password". When a user will click on it, an email, containing a unique link to define a new password, will be sent to his secondary email.
\r\n\r\n![\"Password](\"https://modoboa.org/media/filer_public/ac/07/ac07f78d-68df-40f6-ae8d-4a4c3a833d3e/password_reset_service.png\")
If you need/want/like this feature, it is time to sponsor it :-)
","goal":"250.00","contributor_count":1,"current":250.0,"slogan":"Allow Modoboa users to retrieve their password when necessary","full_url":"http://modoboa.org/en/projects/2/"},{"name":"Sender address selection","description":"Modoboa offers the possibility to create aliases and to define additional sender addresses at account level. Unfortunately, it is not currently possible to use them from the webmail. The idea here is to allow end users to choose the sender address they want to use when sending a new email.
\r\n\r\nA new field, containing the list of all valid sender address of the connected user, will be added to the message composing form.
\r\n\r\n![\"\"](\"https://modoboa.org/media/filer_public/1f/af/1faf94d9-faf2-4fa4-936e-9f3ed2c350d6/sender_address_selection.png\")
Valid addresses for a given account are:
\r\n\r\nIf you need/want/like this feature, it is time to sponsor it ;-)
","goal":"125.00","contributor_count":1,"current":125.0,"slogan":"Allow users composing an email to select a different sender address","full_url":"http://modoboa.org/en/projects/3/"},{"name":"Forward and keep local copies","description":"Modoboa already lets you define a forward and choose if you want to keep local copies in your inbox but it is a global setting which applies to all emails. Using a message filter will let you select only a subset of the emails you receive and/or run additional action.
\r\n\r\nThe existing redirect to action will be updated to add a Keep local copies option:
\r\n\r\n![\"redirect](\"https://modoboa.org/media/filer_public/4d/64/4d6480ab-c92e-4219-9140-f0dec800b8e0/forward_and_keep_copies.png\")
This change will also require to modify the sievelib module which currently does not support the :copy extension.
\r\n\r\nIf you need/want/like this feature, it is time to sponsor it ;-)
","goal":"125.00","contributor_count":3,"current":125.0,"slogan":"Allow users to keep local copies when forwarding emails using a filter","full_url":"http://modoboa.org/en/projects/4/"},{"name":"Per domain DKIM signing using OpenDKIM","description":"DKIM is one of the most important authentication mechanism used nowadays to protect your domain's reputation on the Internet. Main email providers are very restrictive against domains not using it.
\r\n\r\nThe principle is easy: every email you send is automatically signed by your server using a private key and receiving servers can check the validity of this signature using a public key available within the DNS zone of your domain.
\r\n\r\nThus if the verification fails, it is easier to detect phishing attacks for example.
\r\n\r\nModoboa won't sign messages but OpenDKIM will. This software is designed for this purpose and integrates well with Postfix. The installer will be updated to integrate a working setup which will communicate with Modoboa.
\r\n\r\nWhat Modoboa will provide is the ability to generate signing key pairs per domain in a easy way:
\r\n\r\n![\"domain](\"https://modoboa.org/media/filer_public/38/5b/385bfda9-8596-4ff3-a191-2e749d3163d8/dkim_option_in_domain_form.png\")
And a quick way to display the public key to let you configure your DNS zone:
\r\n\r\n![\"domain](\"https://modoboa.org/media/filer_public/d7/bd/d7bd6845-b51a-4f80-8ab6-cbe47809e607/dkim_key_in_domain_detail.png\")
If you need/want/like this feature, it is time to sponsor it ;-)
","goal":"600.00","contributor_count":17,"current":600.99,"slogan":"Enable DKIM signing of outgoing messages for every domain managed by Modoboa using OpenDKIM","full_url":"http://modoboa.org/en/projects/5/"},{"name":"Email notification when update is available","description":"Modoboa is an active project and new versions (core and/or plugins) are released often. Today, the only ways to be informed about new releases are:
\r\n\r\nSending an email to postmaster@ listing all available updates would make the process easier and would avoid too complex upgrades, for example when you have to install several major versions which require manual changes.
\r\n\r\nThe cron script already in charge of checking for new versions will be completed to make it send email notifications. Additionally, a new global setting will be added to let you customize the recipient email address of notifications.
\r\n\r\nIf you need/want/like this feature, it is time to sponsor it :-)
","goal":"125.00","contributor_count":8,"current":125.0,"slogan":"Automatically send an email notification to postmaster@ when a new version is available","full_url":"http://modoboa.org/en/projects/6/"},{"name":"New DNS checks","description":"Modoboa already runs DNS queries on domains to check if MX records are well declared and well configured and if associated IP addresses are not listed by DNSBL providers. It is useful but it can be better! The idea of this feature is to add new queries to:
\r\n\r\nOnce all those checks will be implemented, Modoboa will offer a complete and automatic healthcheck of every defined domain and that's priceless!
\r\n\r\n![\"Better](\"https://modoboa.org/media/filer_public/50/04/50040936-1e49-42f7-9ea6-319cbd248342/selection_001.png\")
The existing cron task will be completed to integrate those new checks and, as you can see in the picture above, new labels will be added to display the result in both domain list and domain detail views. We will also add new settings to control which checks must be run or not.
\r\n\r\nIf you need/want/like this feature, it is time to sponsor it :-)
","goal":"500.00","contributor_count":5,"current":500.0,"slogan":"Complete existing checks by adding support for SPF, DKIM and DMARC","full_url":"http://modoboa.org/en/projects/7/"},{"name":"Installer upgrade mode","description":"Upgrading a modoboa installation can be difficult.
\r\n\r\nA regular upgrade does not require a lot of work but sometimes, additional and manual operations are needed. The online documentation always provides the required instructions per version but we can all make mistakes or forgot to apply one instruction.
\r\n\r\nThe installer was already an answer to the very same problem regarding manual installation so improving it to let it upgrade a previous installation does make sense.
\r\n\r\nA new --upgrade option will be added to make the distinction between a fresh install and an upgrade. Upgrading an installation using the installer will be as simple as:
\r\n$ sudo ./run.py --upgrade <your domain>\r\n\r\n
Please note that this mode will require you to keep the original configuration file (ie. the one generated during the first installation).
\r\n\r\nIf you need/want/like this feature, it is time to sponsor it :-)
","goal":"500.00","contributor_count":22,"current":500.84,"slogan":"Allow the installer to upgrade an existing installation","full_url":"http://modoboa.org/en/projects/8/"},{"name":"Messages log","description":"The main purpose of a mail server is to relay messages in and out. Sometimes (often?), you need to know if a given message has been handled by your server and if the delivery was succesful. If you're an expert, you'll check server log files and search for the message, easy! But, for the others, it requires some system administration knowledge and the format used by postfix is not so easy to read...
\r\n\r\nWhat we propose here is a simple page listing all sent and received messages, with a search bar to filter by domain or address.
\r\n\r\nMessage list will be fetched from the main log file and stored into the database using a new management command (scheduled to run periodically). A new menu will be added to the domains section, super administrators will be able to browse all messages and domain administrators only the ones associated to the domains they manage.
\r\n\r\nIf you need/want/like this feature, it is time to sponsor it :-)
","goal":"550.00","contributor_count":12,"current":557.0,"slogan":"Track sent and receive messages from the admin panel","full_url":"http://modoboa.org/en/projects/9/"},{"name":"Two-Factor authentication","description":"Currently, access to the Modoboa web interface is only protected by a username / password combination. We've seen a lot of examples in the past, more or less recent, proving that this is not enough to ensure system's security. To improve this, more and more software add another layer of authentication by requesting a One Time Password after a succesful login. It's the mechanism we propose to implement in Modoboa, starting with HOTP and TOTP algorithms.
\r\n\r\nThe activation of two-factor authentication will be optional and on a per-user basis. A new section will be added to the user settings section in order to control this:
\r\n\r\n![\"\"](\"https://modoboa.org/media/filer_public/9c/af/9cafb8d2-38aa-4740-a62b-e88afc2afbba/tfa_settings.png\")
Once enabled for a user, he will be asked for a unique password after each succesful authentication:
\r\n\r\n![\"\"](\"https://modoboa.org/media/filer_public/7c/34/7c344942-b1d1-4ef3-9943-4b5d64be5518/login_tfa_step.png\")
If you need/want/like this feature, it is time to sponsor it :-)
","goal":"700.00","contributor_count":18,"current":700.0,"slogan":"Improved security with two-factor authentication","full_url":"http://modoboa.org/en/projects/10/"}]