Release v0.9.6

.github/workflows/generic_publish.yml

@@ -24,9 +24,12 @@ jobs:
       - name: 'Prepare tags'
         id: prep
         uses: docker/metadata-action@v6.0.0
+        env:
+          DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
         with:
           images: |
             ghcr.io/${{ github.repository }}
+            ${{ env.DOCKER_USERNAME != '' && 'webyhomelab/docker-mailserver-gui' || '' }}
           tags: |
             type=edge,branch=master
             type=semver,pattern={{major}}

README.md

@@ -69,6 +69,19 @@ flowchart LR
 
 ---
 
+## 📸 Interface Preview
+
+<p align="center">
+  <img src="docker-mailserver-gui-1.png" alt="Docker Mailserver GUI - Webmail Login Screen" width="48%">
+  <img src="docker-mailserver-gui-2.png" alt="Docker Mailserver GUI - Mailbox Inbox Interface" width="48%">
+</p>
+<p align="center">
+  <img src="docker-mailserver-gui-3.png" alt="Docker Mailserver GUI - Email Composition View" width="48%">
+  <img src="docker-mailserver-gui-4.png" alt="Docker Mailserver GUI - Settings and Account Configuration" width="48%">
+</p>
+
+---
+
 ## 🚀 Quick Start
 
 Deploying your secure mail server takes less than 5 minutes.
@@ -113,10 +126,16 @@ docker exec -ti dms-core setup email add user@yourdomain.com <password>
 - **Instant Inbound:** `Postgrey` (greylisting) is disabled by default to allow immediate email delivery without the standard 10-minute delay.
 - **Docker 29+ Compatibility:** Explicitly configured Traefik with `DOCKER_API_VERSION=1.41` to support modern container engines.
 - **No Hardcoded Passwords:** The Supervisor UNIX socket credentials have been removed to prevent local privilege escalation.
-- **Automatic Sync:** SSL certificates are reloaded automatically by the dumper without stopping the mail server.
+- **Automatic SSL Sync:** SSL certificates are monitored and reloaded automatically by the `dms-cert-dumper` sidecar using a highly robust `alpine:3.18`-based image equipped with `docker-cli`.
+- **Persistent Webmail Config:** SnappyMail data is explicitly persisted to `./snappymail-data` on the host, preventing the loss of settings/accounts across restarts.
+- **Dual Registry Publishing:** Automatic package deployment publishes container images to both GitHub Container Registry (GHCR) and Docker Hub (`webyhomelab/docker-mailserver-gui`).
 
 ---
 
+### ⚖️ Legal Disclaimer
+
+*All product names, logos, brands, and trademarks referenced in this repository are the property of their respective owners. All company, product, and service names used in this project are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.*
+
 <br>
 <p align="center">
   Built in Ukraine under air raid sirens & blackouts ⚡<br>

SECURITY.md

@@ -33,6 +33,6 @@ We aim to acknowledge all reports within 48 hours and provide a fix or mitigatio
 
 ## Security Audit Status
 
-- **Static Analysis:** The codebase is regularly scanned with `hadolint`, `shellcheck`, and `eclint`.
-- **Dependency Scanning:** We use `OSV-Scanner` and GitHub dependabot to monitor for vulnerable packages.
-- **Manual Audit:** The `supervisord.conf` and `setup.sh` scripts have been manually audited for credential leaks as of May 2026.
+- **Static Analysis:** The codebase is regularly scanned with `hadolint`, `shellcheck`, and `eclint` to ensure shell scripts and Dockerfiles adhere to security guidelines.
+- **Dependency Scanning:** We use `OSV-Scanner`, GitHub Dependabot, and vulnerability-scan actions to monitor for CVEs in base images and packages.
+- **Manual Audit:** The `supervisord.conf` process manager and `setup-gui.sh` configuration scripts have been manually audited for privilege escalation paths and credential leaks as of the `v0.9.6` release in May 2026.