feat(container): update image ghcr.io/foxcpp/maddy ( 0.8.2 ➔ 0.9.3 )

[not-hydaz]

This PR contains the following updates:

Package	Update	Change
ghcr.io/foxcpp/maddy (source)	minor	0.8.2 → 0.9.3

---

Release Notes

foxcpp/maddy (ghcr.io/foxcpp/maddy)

v0.9.3: [SECURITY] maddy 0.9.3

Compare Source

This release includes the fix for the LDAP injection vulnerability
in auth.ldap module (advisory GHSA-5835-4gvc-32pc, CVE-2026-40193).
All users using auth.ldap are advised to upgrade, as this vulnerability
can be used to extract LDAP directory information, including password
hashes and other authorization information.

Thanks @​ RealHurrison and @​Ghost1032 for detailed report!

Fixes

• auth/ldap: Fix GHSA-5835-4gvc-32pc
• module: Break dependency cycles when loading config correctly (Thanks @​balejk)

v0.9.2: maddy 0.9.2

Compare Source

Fixes

• rspamd: fix panic on unspecified tls_client by @​oidq in #​830

Full Changelog: foxcpp/maddy@v0.9.1...v0.9.2

v0.9.1: maddy 0.9.1

Compare Source

⚠️ rspamd integration is broken in 0.9.1, use 0.9.2.

Important changes

• libdns: Deprecate libdns providers not updated for libdns 1.x

0.9.1 is (probably) the last release to support the following libdns
providers for ACME DNS challenge:

• vultr
• namedotcom
• leaseweb

0.9.1 is also the last release to supprt libdns.gandi with API
tokens, 0.10.0 will require using new Bearer-type tokens
for authentication.

See #​807 for details.

Fixes

• openmetrics: Fix initialization code (thanks @​cxvqo!)
• auth/ldap, check/rspamd: Fix tls_client directive definition.
• endpoint/imap: Unbreak proxy_protocol

v0.9.0: maddy 0.9.0

Compare Source

New features

• Implement no-downtime config reloading

maddy now can reload configuration on SIGUSR2. This is
done by internally restarting the server - starting the new
one with new configuration while gracefully shutting down the
old one while preserving all listener sockets. Therefore
there is no moment when the server is not ready to accept
connections.

• check/dnsbl: Implement per-response code scoring

Now you can adjust DNSBL scores based on response (IP address)
returned. See check.dnsbl documentation for example.

Minor improvements

• auth/dovecot_sasl: Update protocol to be compatible with Dovecot 2.4 (#​808).
• sql_query/sql_table: Transparently support transpiled SQLite driver (fixes default config
  compatibility while transpiling).
• check/rspamd: Make "reject" and "soft reject" have configurable actions (thanks @​cxvqo!).

---

Configuration

📅 Schedule: (in timezone Australia/Melbourne)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[not-hydaz]

--- kubernetes/apps/self-hosted/maddy/app Kustomization: self-hosted/maddy HelmRelease: self-hosted/maddy

+++ kubernetes/apps/self-hosted/maddy/app Kustomization: self-hosted/maddy HelmRelease: self-hosted/maddy

@@ -38,13 +38,13 @@

               MADDY_HOSTNAME: mail.hyde.services
               SMTP_PORT: 25
               SUBMISSION_PORT: 587
               SUBMISSIONS_PORT: 465
             image:
               repository: ghcr.io/foxcpp/maddy
-              tag: 0.8.2@sha256:eeb5813fc4d101ec5d8f7b08b7255fd76ced2a06884ea94450c8a9a22fd6a08d
+              tag: 0.9.3@sha256:2ce7ce6343816c8c96056776dd06660987d97ada96d31163cdd968d62e496a12
             probes:
               liveness:
                 custom: true
                 enabled: true
                 spec:
                   failureThreshold: 3

[not-hydaz]

--- HelmRelease: self-hosted/maddy Deployment: self-hosted/maddy

+++ HelmRelease: self-hosted/maddy Deployment: self-hosted/maddy

@@ -54,13 +54,13 @@

         - name: SMTP_PORT
           value: '25'
         - name: SUBMISSIONS_PORT
           value: '465'
         - name: SUBMISSION_PORT
           value: '587'
-        image: ghcr.io/foxcpp/maddy:0.8.2@sha256:eeb5813fc4d101ec5d8f7b08b7255fd76ced2a06884ea94450c8a9a22fd6a08d
+        image: ghcr.io/foxcpp/maddy:0.9.3@sha256:2ce7ce6343816c8c96056776dd06660987d97ada96d31163cdd968d62e496a12
         livenessProbe:
           failureThreshold: 3
           initialDelaySeconds: 0
           periodSeconds: 10
           tcpSocket:
             port: 587