Added upgrading instructions

README.md

@@ -21,15 +21,19 @@
     <img src="https://img.shields.io/badge/read_the-docs-red?style=flat-square" alt="Documentation">
   </a>
   <br>
-  <a href="https://discord.gg/jtgtCNj66U">
-    <img src="https://img.shields.io/discord/923615863037390889?label=chat&style=flat-square" alt="Discord">
-  </a>
   <a href="https://mastodon.social/@stalwartlabs">
     <img src="https://img.shields.io/mastodon/follow/109929667531941122?style=flat-square&logo=mastodon&color=%236364ff" alt="Mastodon">
   </a>
   <a href="https://twitter.com/stalwartlabs">
     <img src="https://img.shields.io/twitter/follow/stalwartlabs?style=flat-square&logo=twitter" alt="Twitter">
   </a>
+  <br>
+  <a href="https://discord.gg/jtgtCNj66U">
+    <img src="https://img.shields.io/discord/923615863037390889?label=discord&style=flat-square" alt="Discord">
+  </a>
+  <a href="https://matrix.to/#/#stalwart:matrix.org">
+    <img src="https://img.shields.io/matrix/stalwartmail%3Amatrix.org?label=matrix&style=flat-square" alt="Matrix">
+  </a>
 </h4>
 
 
@@ -63,22 +67,20 @@ Key features:
   - Sender **reputation** monitoring by IP address, ASN, domain and email address.
   - **Greylisting** to temporarily defer unknown senders.
   - **Spam traps** to set up decoy email addresses that catch and analyze spam.
-- **Flexible**:
-  - **LDAP** directory and **SQL** database authentication.
+- **Flexible and scalable**:
+  - Pluggable storage backends with **RocksDB**, **FoundationDB**, **PostgreSQL**, **mySQL**, **SQLite**, **S3-Compatible**, **Redis** and **ElasticSearch** support.
+  - Built-in, **LDAP** or **SQL** authentication backend support.
   - Full-text search available in 17 languages.
   - Disk quotas.
   - Sieve scripting language with support for all [registered extensions](https://www.iana.org/assignments/sieve-extensions/sieve-extensions.xhtml).
   - Email aliases, mailing lists, subaddressing and catch-all addresses support.
   - Integration with **OpenTelemetry** to enable monitoring, tracing, and performance analysis.
-- **Secure**:
+- **Secure and robust**:
   - Encryption at rest with **S/MIME** or **OpenPGP**.
   - OAuth 2.0 [authorization code](https://www.rfc-editor.org/rfc/rfc8628) and [device authorization](https://www.rfc-editor.org/rfc/rfc8628) flows.
   - Access Control Lists (ACLs).
   - Rate limiting.
   - Security audited (read the [report](https://stalw.art/blog/security-audit)).
-- **Robust and scalable**:
-  - **FoundationDB** or **SQLite** database backends.
-  - **S3-compatible** blob storage support.
   - Memory safe (thanks to Rust).
 
 ## Get Started
@@ -95,12 +97,12 @@ All documentation is available at [stalw.art/docs/get-started](https://stalw.art
 
 If you are having problems running Stalwart Mail Server, you found a bug or just have a question,
 do not hesitate to reach us on [Github Discussions](https://github.com/stalwartlabs/mail-server/discussions),
-[Reddit](https://www.reddit.com/r/stalwartlabs) or [Discord](https://discord.gg/aVQr3jF8jd).
+[Reddit](https://www.reddit.com/r/stalwartlabs), [Discord](https://discord.gg/aVQr3jF8jd) or [Matrix](https://matrix.to/#/#stalwart:matrix.org).
 Additionally you may become a sponsor to obtain priority support from Stalwart Labs Ltd.
 
 ## Roadmap
 
-- [ ] Performance enhancements
+- [x] Performance enhancements
 - [ ] Web-based admin panel
 - [ ] JMAP Calendar, Contacts and Tasks support
 - [ ] Brand Indicators for Message Identification (BIMI) support
@@ -125,4 +127,4 @@ a commercial license. Please contact licensing@stalw.art for more details.
   
 ## Copyright
 
-Copyright (C) 2023, Stalwart Labs Ltd.
+Copyright (C) 2024, Stalwart Labs Ltd.

SECURITY.md

@@ -6,8 +6,9 @@ We provide security updates for the following versions of Stalwart Mail Server:
 
 | Version | Supported          |
 | ------- | ------------------ |
-| 0.3.x   | :white_check_mark: |
-| < 0.2   | :x:                |
+| 0.5.x   | :white_check_mark: |
+| 0.4.x   | :white_check_mark: |
+| < 0.3   | :x:                |
 
 ## Reporting a Vulnerability
 

UPGRADING.md

@@ -1,3 +1,37 @@
+Upgrading from `v0.4.x` to `v0.5.0`
+-----------------------------------
+
+## What's changed
+
+- **Database Layout**: Version 0.5.0 utilizes a different database layout which is more efficient and allows multiple backends to be supported. For this reason, the database must be migrated to the new layout.
+- **Configuration file changes**: The configuration file has been updated to support multiple stores, most configuration attributes starting with `store.*` and `directory.*` need to be reviewed.
+- **SPAM filter**: Sieve scripts that interact with databases need to be updated. The functions `lookup` and `lookup_map` has been renamed to `key_exists` and `key_get`. It is recommended to replace all scripts with the new versions rather than updating them manually. Additionally, the SPAM database no longer requires an SQL server, it can now be stored in Redis or any of the supported databases.
+- **Directory superusers**: Due to problems and confusion with the `superuser-group` attribute, the concept of a superuser group has been removed. Instead, a new attribute `type` has been added to external directories. The value of this attribute can be `individual`, `group` or `admin`. The `admin` type is equivalent to the old superuser group. The `type` attribute is required for all principals in the directory, it defaults to `individual` if not specified.
+- **Purge schedules**: The attributes `jmap.purge.schedule.db` and `jmap.purge.schedule.blobs` have been removed. Instead, the purge frequency is now specified per store in `store.<name>.purge.frequency`. The attribute `jmap.purge.schedule.sessions` has been renamed to `jmap.purge.sessions.frequency`.
+
+## What's been added
+
+- **Multiple stores**: The server now supports multiple stores to be defined in the configuration file under `store.<name>`. Which store to use is defined in the `jmap.store.data`, `jmap.store.fts` and `jmap.store.blob` settings.
+- **More backend options**: It is now possible to use `RocksDB`, `PostgreSQL` and `MySQL` as data stores. It is also now possible to store blobs in any of the supported databases instead of being limited to the filesystem or an S3-compatible storage. Full-text indexing can now be done using `Elasticsearch` and the Spam database stored in `Redis`.
+- **Internal Directory**: The server now has an internal directory that can be used to store user accounts, passwords and group membership. This directory can be used instead of an external directory such as LDAP or SQL.
+- **New settings**: When running Stalwart in a cluster, `jmap.cluster.node-id` allows to specify a unique identifier for each node. Messages containing the SPAM headers defined in `jmap.spam.header` are moved automatically to the user's Junk Mail folder.
+- **Default Sieve stores**: For Sieve scripts such as the Spam filter that require access to a directory and a lookup store, it is now possible to configure the default lookup store and directory using the `sieve.trusted.default.directory` and `sieve.trusted.default.store` settings.
+
+## Migration Steps
+
+Rather than manually updating the configuration file, it is recommended to start with a fresh configuration file and update it with the necessary settings:
+
+- Install `v0.5.0` in a distinct directory. You now have the option to use an [internal directory](https://stalw.art/docs/directory/types/internal), which will allow you to manage users and groups directly from Stalwart Mail server. Alternatively, you can continue to use an external directory such as LDAP or SQL.
+- Update the configuration files with your previous settings. All configuration attributes are backward compatible, except those starting with `store.*`, `directory.*` and `jmap.purge.*`.
+- Export each account following the procedure described in the [migration guide](https://stalw.art/docs/management/database/migrate).
+- Stop the old `v0.4.x` server.
+- If there are messages pending to be delivered in the SMTP queue, move the `queue` directory to the new installation.
+- Start the new `v0.5.0` server.
+- Import each account following the procedure described in the [migration guide](https://stalw.art/docs/management/database/migrate).
+
+
+Once again, we apologize for the lack of an automated migration tool for this upgrade. However, we are planning on introducing an automated migration tool once the web-admin is released in Q1 2024. Thank you for your understanding and patience.
+
 Upgrading from `v0.4.0` to `v0.4.2`
 -----------------------------------
 
@@ -8,7 +42,7 @@ Upgrading from `v0.4.0` to `v0.4.2`
 Upgrading from `v0.3.x` to `v0.4.0`
 -----------------------------------
 
-## What's Changed
+## What's changed
 
 - **Configuration File Split:** While the `config.toml` configuration file format hasn't changed much, the new version has divided it into multiple sub-files. These sub-files are now included from the new `config.toml`. This division was implemented because the config file had grown significantly, and splitting it improves organization.
 
@@ -16,7 +50,7 @@ Upgrading from `v0.3.x` to `v0.4.0`
   - The configuration key prefix `jmap.sieve` (JMAP Sieve Interpreter) has been renamed to `sieve.untrusted`.
   - The configuration key prefix `sieve` (SMTP Sieve Interpreter) has been renamed to `sieve.trusted`.
 
-## New Additions
+## What's been added
 
 - **SPAM Filter Module:** The most notable addition in this version is the SPAM filter module. It comprises:
   - A TOML configuration file located at `etc/smtp/spamfilter.toml`.