[Rspamd] Apply ratelimit against authenticated user instead of envelope from
[PHP-FPM] Create PHP-FPM listeners 9001 (system) and 9002 (web), drop 9000 [Rspamd] Parse quarantine messages as utf8 [Rspamd] Use new schema for Rspamd bayes hashes and expire them in Redis [SOGo] Change default logo [SOGo] Use different keyserver by default in Dockerfile [Rspamd] Add bad ASN list (disabled by default) [Watchdog] Change the way we check PHP-FPM, change SOGo check [Nginx] Change ports according to new PHP-FPM listeners [Update] Fix PHP-FPM ports for existing non-mailcow Nginx sitesmaster
parent
f53006f6ab
commit
7181ee4658
|
@ -1,47 +1,44 @@
|
||||||
FROM php:7.1-fpm-alpine
|
FROM php:7.2-fpm-alpine3.7
|
||||||
LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
|
LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
|
||||||
|
|
||||||
ENV REDIS_PECL 3.1.6
|
ENV APCU_PECL 5.1.10
|
||||||
ENV MEMCACHED_PECL 3.0.4
|
|
||||||
ENV APCU_PECL 5.1.9
|
|
||||||
ENV IMAGICK_PECL 3.4.3
|
ENV IMAGICK_PECL 3.4.3
|
||||||
ENV MAILPARSE_PECL 3.0.2
|
ENV MAILPARSE_PECL 3.0.2
|
||||||
|
ENV MEMCACHED_PECL 3.0.4
|
||||||
|
ENV REDIS_PECL 3.1.6
|
||||||
|
|
||||||
RUN apk add -U --no-cache libxml2-dev \
|
RUN apk add -U --no-cache autoconf \
|
||||||
icu-dev \
|
|
||||||
imap-dev \
|
|
||||||
libmemcached-dev \
|
|
||||||
cyrus-sasl-dev \
|
|
||||||
pcre-dev \
|
|
||||||
icu-libs \
|
|
||||||
redis \
|
|
||||||
mysql-client \
|
|
||||||
bash \
|
bash \
|
||||||
autoconf \
|
|
||||||
g++ \
|
|
||||||
make \
|
|
||||||
openssl \
|
|
||||||
openssl-dev \
|
|
||||||
samba-client \
|
|
||||||
libpng \
|
|
||||||
libpng-dev \
|
|
||||||
libjpeg-turbo-dev \
|
|
||||||
libwebp-dev \
|
|
||||||
zlib-dev \
|
|
||||||
libxpm-dev \
|
|
||||||
c-client \
|
c-client \
|
||||||
imagemagick-dev \
|
cyrus-sasl-dev \
|
||||||
imagemagick \
|
|
||||||
libtool \
|
|
||||||
freetype \
|
freetype \
|
||||||
libpng \
|
|
||||||
libjpeg-turbo \
|
|
||||||
freetype-dev \
|
freetype-dev \
|
||||||
libpng-dev \
|
g++ \
|
||||||
libjpeg-turbo-dev\
|
|
||||||
gettext-dev \
|
gettext-dev \
|
||||||
openldap-dev \
|
icu-dev \
|
||||||
|
icu-libs \
|
||||||
|
imagemagick \
|
||||||
|
imagemagick-dev \
|
||||||
|
imap-dev \
|
||||||
|
libjpeg-turbo \
|
||||||
|
libjpeg-turbo-dev \
|
||||||
|
libmemcached-dev \
|
||||||
|
libpng \
|
||||||
|
libpng-dev \
|
||||||
|
libressl \
|
||||||
|
libressl-dev \
|
||||||
librsvg \
|
librsvg \
|
||||||
|
libtool \
|
||||||
|
libwebp-dev \
|
||||||
|
libxml2-dev \
|
||||||
|
libxpm-dev \
|
||||||
|
make \
|
||||||
|
mysql-client \
|
||||||
|
openldap-dev \
|
||||||
|
pcre-dev \
|
||||||
|
redis \
|
||||||
|
samba-client \
|
||||||
|
zlib-dev \
|
||||||
&& pear install channel://pear.php.net/Net_IDNA2-0.2.0 \
|
&& pear install channel://pear.php.net/Net_IDNA2-0.2.0 \
|
||||||
channel://pear.php.net/Auth_SASL-1.1.0 \
|
channel://pear.php.net/Auth_SASL-1.1.0 \
|
||||||
Net_IMAP \
|
Net_IMAP \
|
||||||
|
@ -49,7 +46,7 @@ RUN apk add -U --no-cache libxml2-dev \
|
||||||
NET_SMTP \
|
NET_SMTP \
|
||||||
Mail_mime \
|
Mail_mime \
|
||||||
&& pecl install redis-${REDIS_PECL} memcached-${MEMCACHED_PECL} APCu-${APCU_PECL} imagick-${IMAGICK_PECL} mailparse-${MAILPARSE_PECL} \
|
&& pecl install redis-${REDIS_PECL} memcached-${MEMCACHED_PECL} APCu-${APCU_PECL} imagick-${IMAGICK_PECL} mailparse-${MAILPARSE_PECL} \
|
||||||
&& docker-php-ext-enable redis apcu memcached imagick mailparse \
|
&& docker-php-ext-enable apcu imagick mailparse memcached redis \
|
||||||
&& pecl clear-cache \
|
&& pecl clear-cache \
|
||||||
&& docker-php-ext-configure intl \
|
&& docker-php-ext-configure intl \
|
||||||
&& docker-php-ext-configure gd \
|
&& docker-php-ext-configure gd \
|
||||||
|
@ -58,27 +55,24 @@ RUN apk add -U --no-cache libxml2-dev \
|
||||||
--with-freetype-dir=/usr/include/ \
|
--with-freetype-dir=/usr/include/ \
|
||||||
--with-png-dir=/usr/include/ \
|
--with-png-dir=/usr/include/ \
|
||||||
--with-jpeg-dir=/usr/include/ \
|
--with-jpeg-dir=/usr/include/ \
|
||||||
&& docker-php-ext-install -j 4 intl gettext ldap sockets soap pdo pdo_mysql xmlrpc gd zip pcntl opcache \
|
&& docker-php-ext-install -j 4 gd gettext intl ldap opcache pcntl pdo pdo_mysql soap sockets xmlrpc zip \
|
||||||
&& docker-php-ext-configure imap --with-imap --with-imap-ssl \
|
&& docker-php-ext-configure imap --with-imap --with-imap-ssl \
|
||||||
&& docker-php-ext-install -j 4 imap \
|
&& docker-php-ext-install -j 4 imap \
|
||||||
&& apk del --purge autoconf \
|
&& apk del --purge autoconf \
|
||||||
g++ \
|
|
||||||
make \
|
|
||||||
libxml2-dev \
|
|
||||||
icu-dev \
|
|
||||||
imap-dev \
|
|
||||||
openssl-dev \
|
|
||||||
cyrus-sasl-dev \
|
cyrus-sasl-dev \
|
||||||
pcre-dev \
|
|
||||||
libpng-dev \
|
|
||||||
libpng-dev \
|
|
||||||
libjpeg-turbo-dev \
|
|
||||||
libwebp-dev \
|
|
||||||
zlib-dev \
|
|
||||||
imagemagick-dev \
|
|
||||||
freetype-dev \
|
freetype-dev \
|
||||||
|
g++ \
|
||||||
|
icu-dev \
|
||||||
|
imagemagick-dev \
|
||||||
|
imap-dev \
|
||||||
|
libjpeg-turbo-dev \
|
||||||
libpng-dev \
|
libpng-dev \
|
||||||
libjpeg-turbo-dev
|
libressl-dev \
|
||||||
|
libwebp-dev \
|
||||||
|
libxml2-dev \
|
||||||
|
make \
|
||||||
|
pcre-dev \
|
||||||
|
zlib-dev
|
||||||
|
|
||||||
COPY ./docker-entrypoint.sh /
|
COPY ./docker-entrypoint.sh /
|
||||||
|
|
||||||
|
|
|
@ -28,7 +28,7 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
|
||||||
|
|
||||||
RUN mkdir /usr/share/doc/sogo \
|
RUN mkdir /usr/share/doc/sogo \
|
||||||
&& touch /usr/share/doc/sogo/empty.sh \
|
&& touch /usr/share/doc/sogo/empty.sh \
|
||||||
&& apt-key adv --keyserver keys.gnupg.net --recv-key 0x810273C4 \
|
&& apt-key adv --keyserver keyserver.ubuntu.com --recv-key 0x810273C4 \
|
||||||
&& echo "deb http://packages.inverse.ca/SOGo/nightly/4/debian/ stretch stretch" > /etc/apt/sources.list.d/sogo.list \
|
&& echo "deb http://packages.inverse.ca/SOGo/nightly/4/debian/ stretch stretch" > /etc/apt/sources.list.d/sogo.list \
|
||||||
&& apt-get update && apt-get install -y --force-yes \
|
&& apt-get update && apt-get install -y --force-yes \
|
||||||
sogo \
|
sogo \
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
|
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
|
||||||
<!-- Generator: Adobe Illustrator 17.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
|
<!-- Generator: Adobe Illustrator 16.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
|
||||||
|
|
||||||
<svg
|
<svg
|
||||||
xmlns:dc="http://purl.org/dc/elements/1.1/"
|
xmlns:dc="http://purl.org/dc/elements/1.1/"
|
||||||
|
@ -13,17 +13,17 @@
|
||||||
id="Layer_1"
|
id="Layer_1"
|
||||||
x="0px"
|
x="0px"
|
||||||
y="0px"
|
y="0px"
|
||||||
width="392.82242"
|
width="640px"
|
||||||
height="201.049"
|
height="350px"
|
||||||
viewBox="0 0 392.82241 201.049"
|
viewBox="78.712 58.488 640 350"
|
||||||
enable-background="new 0 0 1600 1200"
|
style="enable-background:new 78.712 58.488 640 350;"
|
||||||
xml:space="preserve"
|
xml:space="preserve"
|
||||||
inkscape:version="0.91 r13725"
|
inkscape:version="0.91 r13725"
|
||||||
sodipodi:docname="sogo-full.svg"><metadata
|
sodipodi:docname="sogo-full.svg"><metadata
|
||||||
id="metadata144"><rdf:RDF><cc:Work
|
id="metadata9"><rdf:RDF><cc:Work
|
||||||
rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type
|
rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type
|
||||||
rdf:resource="http://purl.org/dc/dcmitype/StillImage" /><dc:title></dc:title></cc:Work></rdf:RDF></metadata><defs
|
rdf:resource="http://purl.org/dc/dcmitype/StillImage" /></cc:Work></rdf:RDF></metadata><defs
|
||||||
id="defs142" /><sodipodi:namedview
|
id="defs7" /><sodipodi:namedview
|
||||||
pagecolor="#ffffff"
|
pagecolor="#ffffff"
|
||||||
bordercolor="#666666"
|
bordercolor="#666666"
|
||||||
borderopacity="1"
|
borderopacity="1"
|
||||||
|
@ -32,129 +32,17 @@
|
||||||
guidetolerance="10"
|
guidetolerance="10"
|
||||||
inkscape:pageopacity="0"
|
inkscape:pageopacity="0"
|
||||||
inkscape:pageshadow="2"
|
inkscape:pageshadow="2"
|
||||||
inkscape:window-width="1097"
|
inkscape:window-width="1721"
|
||||||
inkscape:window-height="1138"
|
inkscape:window-height="1177"
|
||||||
id="namedview140"
|
id="namedview5"
|
||||||
showgrid="false"
|
showgrid="false"
|
||||||
inkscape:zoom="1.1125147"
|
inkscape:zoom="0.59375"
|
||||||
inkscape:cx="206.04418"
|
inkscape:cx="320"
|
||||||
inkscape:cy="194.82483"
|
inkscape:cy="175"
|
||||||
inkscape:window-x="814"
|
inkscape:window-x="-8"
|
||||||
inkscape:window-y="0"
|
inkscape:window-y="-8"
|
||||||
inkscape:window-maximized="0"
|
inkscape:window-maximized="1"
|
||||||
inkscape:current-layer="Layer_1"
|
inkscape:current-layer="Layer_1" /><path
|
||||||
fit-margin-top="0"
|
style="fill:#1976d2;fill-opacity:0.71428573"
|
||||||
fit-margin-left="0"
|
d="M648.541,145.679c-9.947,0-17.009-7.278-17.009-17.048c0-9.777,7.062-17.057,17.009-17.057 c10.024,0,17.086,7.279,17.086,17.057C665.627,138.401,658.565,145.679,648.541,145.679z M648.511,94.893 c-19.693,0-33.679,14.4-33.679,33.738c0,19.33,13.985,33.729,33.679,33.729c19.822,0,33.808-14.4,33.808-33.729 C682.318,109.293,668.333,94.893,648.511,94.893z M648.482,179.843c-29.889,0-51.123-21.868-51.123-51.212 c0-29.353,21.234-51.209,51.123-51.209c30.082,0,51.307,21.856,51.307,51.209C699.789,157.975,678.564,179.843,648.482,179.843z M648.442,58.488c-40.929,0-69.995,29.946-69.995,70.143c0,40.189,29.066,70.125,69.995,70.125c41.194,0,70.27-29.937,70.27-70.125 C718.712,88.434,689.637,58.488,648.442,58.488z M158.166,183.902l-21.018-5.008c-19.131-4.396-28.849-9.413-28.849-23.21 c0-15.684,15.99-21.965,30.419-21.965c14.667,0,25.382,7.329,31.693,18.737c0.02,0.048,0.051,0.097,0.09,0.157 c0.127,0.247,0.276,0.484,0.403,0.731l0.03-0.02c1.985,3.002,5.323,5.008,8.919,5.008c6.122,0,10.558-4.425,10.558-10.547 c0-2.341-0.504-4.82-1.601-6.688c-10.764-18.302-28.513-26.192-48.838-26.192c-27.594,0-54.262,13.797-54.262,44.218 c0,27.921,27.605,36.079,37.64,38.578l20.069,4.71c15.368,3.763,27.912,8.791,27.912,23.517c0,16.938-17.561,23.943-34.499,23.943 c-17.245,0-30.015-9.37-38.814-22.37h-0.01c-1.956-3-4.988-4.328-8.702-4.328c-5.984,0-10.805,5.185-10.587,11.162 c0.098,2.438,0.909,4.637,2.153,6.405c13.787,20.633,33.728,28.41,55.96,28.41c28.543,0,57.085-13.143,57.085-45.132 C193.918,203.325,178.551,188.613,158.166,183.902z M298.479,250.312c-33.866,0-55.199-25.403-55.199-58.331 c0-32.939,21.333-58.343,55.199-58.343c34.192,0,55.516,25.403,55.516,58.343C353.996,224.91,332.672,250.312,298.479,250.312z M298.479,114.823c-45.471,0-77.777,32.93-77.777,77.158c0,44.217,32.306,77.146,77.777,77.146 c45.786,0,78.093-32.929,78.093-77.146C376.572,147.753,344.266,114.823,298.479,114.823z M518.715,234.312 c-0.771,0.74-1.549,1.472-2.399,2.175c-1.106,1.014-2.391,2.112-3.854,3.208c-8.829,6.391-19.979,10.094-33.017,10.094 c-33.876,0-55.198-25.402-55.198-58.332c0-32.939,21.322-58.342,55.198-58.342c34.183,0,55.506,25.403,55.506,58.342 C534.951,208.653,529.135,223.774,518.715,234.312z M468.097,317.938c2.528,0,5.146-0.168,7.863-0.504 c5.018-0.631,9.588-0.909,13.729-0.909c19.24,0.109,29.036,5.7,34.943,12.158c5.895,6.499,8.168,15.311,8.158,22.796 c0.01,3.586-0.555,6.795-1.177,8.721c-2.944,8.93-8.888,15.002-17.996,19.576c-9.035,4.484-21.095,6.777-33.707,6.757 c-4.514,0-9.105-0.288-13.639-0.831c-8.573-0.987-19.911-4.671-28.13-11.093c-4.138-3.199-6.458-6.991-8.858-11.485 c-2.379-4.514-2.783-9.748-2.783-16.442v-0.742c0-12.346,4.84-20.544,11.051-26.5c3.07-2.904,5.69-5.064,7.99-6.438 c0.366-0.218,0.438-0.416,0.755-0.593C452.39,316.014,459.684,317.968,468.097,317.938z M479.445,114.301 c-45.471,0-77.786,32.929-77.786,77.157c0,29.887,14.765,54.598,38.378,67.489c-0.314,0.314-0.621,0.641-0.916,0.966 c-6.104,6.687-9.226,15.25-9.236,23.913c-0.008,3.821,0.624,7.741,1.977,11.494c-3.062,1.956-6.717,4.634-10.46,8.147 c-9.026,8.408-18.734,22.541-19.021,42.097c-0.01,0.454-0.01,0.829-0.01,1.118c-0.01,10.071,2.379,19.157,6.459,26.774 c6.133,11.466,15.683,19.445,25.539,24.77c9.917,5.334,20.257,8.166,29.273,9.274c5.373,0.643,10.826,0.988,16.268,0.988 c15.151-0.02,30.261-2.578,43.409-9.019c13.085-6.34,24.333-17.253,29.192-32.562c1.443-4.553,2.212-9.719,2.231-15.428 c-0.02-11.595-3.349-25.759-13.767-37.452c-10.421-11.734-27.654-19.566-51.288-19.459c-5.138,0-10.606,0.356-16.426,1.078 c-1.877,0.227-3.596,0.334-5.166,0.334c-7.239-0.048-10.872-2.053-13.036-4.098c-2.133-2.084-3.2-4.839-3.229-8.058 c-0.01-3.28,1.284-6.727,3.467-9.078c2.231-2.332,5.008-3.91,9.846-3.97c0.436,0,0.9,0.01,1.374,0.05 c3.101,0.216,6.112,0.325,9.037,0.325c24.188,0.047,42.38-7.448,54.756-17.759c12.415-10.312,18.971-22.854,22.071-32.76l-0.04-0.01 c3.37-8.899,5.197-18.715,5.197-29.166C557.539,147.229,525.234,114.301,479.445,114.301z"
|
||||||
fit-margin-right="0"
|
id="path3" /></svg>
|
||||||
fit-margin-bottom="0"
|
|
||||||
borderlayer="true" /><g
|
|
||||||
id="g3"
|
|
||||||
transform="translate(-630.29057,-557.81)"
|
|
||||||
style="opacity:0.108"><g
|
|
||||||
id="g5"
|
|
||||||
style=""><g
|
|
||||||
id="g7"
|
|
||||||
style=""><g
|
|
||||||
id="email"
|
|
||||||
style=""><path
|
|
||||||
d="m 890.306,557.81 29.26,11.373 0,172.027 c 0,9.753 -7.895,17.649 -17.638,17.649 l -235.998,0 c -9.743,0 -17.638,-7.896 -17.638,-17.649 l 0,-172.026 29.259,-8.937"
|
|
||||||
id="path10"
|
|
||||||
inkscape:connector-curvature="0"
|
|
||||||
style="fill:#4d4d4d" /><path
|
|
||||||
d="M 758.871,656.221 649.49,747.45 c 2.507,6.648 8.901,11.409 16.44,11.409 l 235.998,0 c 7.536,0 13.933,-4.761 16.444,-11.409 l -107.402,-91.229 -52.099,0 z"
|
|
||||||
id="path12"
|
|
||||||
inkscape:connector-curvature="0"
|
|
||||||
style="fill:#999999;fill-opacity:0.89499996" /><g
|
|
||||||
id="g14"
|
|
||||||
style=""><path
|
|
||||||
d="m 810.391,656.686 107.981,90.764 c -0.331,0.881 -0.744,1.726 -1.205,2.536 l 0.028,0.035 c 1.501,-2.596 2.371,-5.594 2.371,-8.81 l 0,-172.004 -109.175,87.479 z"
|
|
||||||
id="path16"
|
|
||||||
inkscape:connector-curvature="0"
|
|
||||||
style="fill:#b3b3b3;fill-opacity:1" /><path
|
|
||||||
d="m 649.49,747.45 108.864,-90.764 -110.061,-87.479 0,172.003 c 0,3.216 0.876,6.214 2.367,8.81 l 0.039,-0.035 c -0.466,-0.809 -0.877,-1.654 -1.209,-2.535 z"
|
|
||||||
id="path18"
|
|
||||||
inkscape:connector-curvature="0"
|
|
||||||
style="fill:#b3b3b3;fill-opacity:1" /></g></g><path
|
|
||||||
d="m 961.81,681.214 c 0,0 -15.232,16.783 -42.244,14.73 l 0,28.14 c 13.328,-5.185 47.061,-20.036 56.854,-40.809 l -14.61,-2.061 z"
|
|
||||||
id="path20"
|
|
||||||
inkscape:connector-curvature="0"
|
|
||||||
style="fill:#666666" /><path
|
|
||||||
d="m 984.594,658.413 c 3.59,-9.156 7.701,-11 9.346,-11.346 -49.276,4.542 -32.99,38.693 -32.99,38.693 0,0 6.229,14.728 26.532,13.892 27.063,0.461 35.631,-50.166 35.631,-50.166 -6.654,11.655 -26.404,9.876 -38.519,8.927 z"
|
|
||||||
id="path22"
|
|
||||||
inkscape:connector-curvature="0"
|
|
||||||
style="fill:#666666" /><path
|
|
||||||
d="m 663.708,566.47 c -57.88068,154.362 -28.94034,77.181 0,0 z"
|
|
||||||
id="path26"
|
|
||||||
inkscape:connector-curvature="0"
|
|
||||||
style="opacity:0.1;fill:#3d5263"
|
|
||||||
sodipodi:nodetypes="cc" /><g
|
|
||||||
id="g28"
|
|
||||||
style=""><g
|
|
||||||
id="g30"
|
|
||||||
style=""><g
|
|
||||||
id="g34"
|
|
||||||
style=""><g
|
|
||||||
id="g36"
|
|
||||||
style=""><g
|
|
||||||
id="g40"
|
|
||||||
style="" /></g><g
|
|
||||||
id="g52"
|
|
||||||
style=""><g
|
|
||||||
id="g54"
|
|
||||||
style="" /></g><g
|
|
||||||
id="g58"
|
|
||||||
style=""><g
|
|
||||||
id="g60"
|
|
||||||
style=""><g
|
|
||||||
id="g62"
|
|
||||||
style="" /></g><g
|
|
||||||
id="g66"
|
|
||||||
style=""><g
|
|
||||||
id="g68"
|
|
||||||
style="" /></g></g><g
|
|
||||||
id="g72"
|
|
||||||
style=""><path
|
|
||||||
d="m 867.815,563.83 c -193.95201,156.122 -96.97601,78.061 0,0 z"
|
|
||||||
id="path74"
|
|
||||||
inkscape:connector-curvature="0"
|
|
||||||
style="fill:#87654a"
|
|
||||||
sodipodi:nodetypes="cc" /></g><g
|
|
||||||
id="g76"
|
|
||||||
style=""><g
|
|
||||||
id="g78"
|
|
||||||
style=""><g
|
|
||||||
id="g80"
|
|
||||||
style=""><g
|
|
||||||
id="g82"
|
|
||||||
style="" /></g></g><g
|
|
||||||
id="g86"
|
|
||||||
style=""><g
|
|
||||||
id="g88"
|
|
||||||
style=""><g
|
|
||||||
id="g90"
|
|
||||||
style="" /></g></g><g
|
|
||||||
id="g94"
|
|
||||||
style=""><g
|
|
||||||
id="g96"
|
|
||||||
style="" /></g><g
|
|
||||||
id="g100"
|
|
||||||
style=""><g
|
|
||||||
id="g102"
|
|
||||||
style="" /></g></g></g><path
|
|
||||||
d="m 786.264,672.409 c -139.58468,83.736 -69.79234,41.868 0,0 z"
|
|
||||||
id="path110"
|
|
||||||
inkscape:connector-curvature="0"
|
|
||||||
style="fill:#f1f2f2"
|
|
||||||
sodipodi:nodetypes="cc" /></g><g
|
|
||||||
id="g112"
|
|
||||||
style="" /></g><path
|
|
||||||
d="m 919.566,695.944 c 0,0 7.562,0.712 13.317,-0.502 l 13.013,16.12 c 0,0 -17.639,9.525 -26.33,12.523 l 0,-28.141 z"
|
|
||||||
id="path116"
|
|
||||||
inkscape:connector-curvature="0"
|
|
||||||
style="opacity:0.1;fill:#3d5263" /></g><path
|
|
||||||
d="m 648.292,659.614 0,81.645 c 0,9.72 7.88,17.6 17.6,17.6 l 236.073,0 c 9.72,0 17.6,-7.88 17.6,-17.6 l 0,-24.902 c 10e-4,0 -175.814,35.524 -271.273,-56.743 z"
|
|
||||||
id="path124"
|
|
||||||
inkscape:connector-curvature="0"
|
|
||||||
style="opacity:0.1;fill:#666666" /></g><g
|
|
||||||
id="g126"
|
|
||||||
style="" /></g></svg>
|
|
Before Width: | Height: | Size: 6.5 KiB After Width: | Height: | Size: 5.5 KiB |
|
@ -16,16 +16,16 @@
|
||||||
* Define the Alternative theme
|
* Define the Alternative theme
|
||||||
*/
|
*/
|
||||||
$mdThemingProvider.theme('mailcow')
|
$mdThemingProvider.theme('mailcow')
|
||||||
.primaryPalette('indigo', {
|
.primaryPalette('blue', {
|
||||||
'default': '700', // top toolbar
|
'default': '700', // top toolbar
|
||||||
'hue-1': '400',
|
'hue-1': '500',
|
||||||
'hue-2': '600', // sidebar toolbar
|
'hue-2': '700', // sidebar toolbar
|
||||||
'hue-3': 'A700'
|
'hue-3': 'A700'
|
||||||
})
|
})
|
||||||
.accentPalette('indigo', {
|
.accentPalette('blue', {
|
||||||
'default': '500', // fab buttons
|
'default': '700', // fab buttons
|
||||||
'hue-1': '50', // center list toolbar
|
'hue-1': '50', // center list toolbar
|
||||||
'hue-2': '400',
|
'hue-2': '600',
|
||||||
'hue-3': 'A700'
|
'hue-3': 'A700'
|
||||||
})
|
})
|
||||||
.backgroundPalette('grey', {
|
.backgroundPalette('grey', {
|
||||||
|
@ -35,16 +35,16 @@
|
||||||
'hue-3': '300'
|
'hue-3': '300'
|
||||||
});
|
});
|
||||||
$mdThemingProvider.theme('default')
|
$mdThemingProvider.theme('default')
|
||||||
.primaryPalette('indigo', {
|
.primaryPalette('blue', {
|
||||||
'default': '700', // top toolbar
|
'default': '700', // top toolbar
|
||||||
'hue-1': '400',
|
'hue-1': '500',
|
||||||
'hue-2': '600', // sidebar toolbar
|
'hue-2': '700', // sidebar toolbar
|
||||||
'hue-3': 'A700'
|
'hue-3': 'A700'
|
||||||
})
|
})
|
||||||
.accentPalette('indigo', {
|
.accentPalette('blue', {
|
||||||
'default': '500', // fab buttons
|
'default': '700', // fab buttons
|
||||||
'hue-1': '50', // center list toolbar
|
'hue-1': '50', // center list toolbar
|
||||||
'hue-2': '400',
|
'hue-2': '600',
|
||||||
'hue-3': 'A700'
|
'hue-3': 'A700'
|
||||||
})
|
})
|
||||||
.backgroundPalette('grey', {
|
.backgroundPalette('grey', {
|
||||||
|
|
|
@ -128,7 +128,7 @@ sogo_checks() {
|
||||||
host_ip=$(get_container_ip sogo-mailcow)
|
host_ip=$(get_container_ip sogo-mailcow)
|
||||||
err_c_cur=${err_count}
|
err_c_cur=${err_count}
|
||||||
/usr/lib/nagios/plugins/check_http -4 -H ${host_ip} -u /WebServerResources/css/theme-default.css -p 9192 -R md-default-theme 1>&2; err_count=$(( ${err_count} + $? ))
|
/usr/lib/nagios/plugins/check_http -4 -H ${host_ip} -u /WebServerResources/css/theme-default.css -p 9192 -R md-default-theme 1>&2; err_count=$(( ${err_count} + $? ))
|
||||||
/usr/lib/nagios/plugins/check_http -4 -H ${host_ip} -u /SOGo.index/ -p 20000 -R "SOGo\sGroupware" 1>&2; err_count=$(( ${err_count} + $? ))
|
/usr/lib/nagios/plugins/check_http -4 -H ${host_ip} -u /SOGo.index/ -p 20000 -R "SOGo\.MainUI" 1>&2; err_count=$(( ${err_count} + $? ))
|
||||||
[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
|
[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
|
||||||
[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
|
[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
|
||||||
progress "SOGo" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
|
progress "SOGo" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
|
||||||
|
@ -190,8 +190,8 @@ phpfpm_checks() {
|
||||||
while [ ${err_count} -lt ${THRESHOLD} ]; do
|
while [ ${err_count} -lt ${THRESHOLD} ]; do
|
||||||
host_ip=$(get_container_ip php-fpm-mailcow)
|
host_ip=$(get_container_ip php-fpm-mailcow)
|
||||||
err_c_cur=${err_count}
|
err_c_cur=${err_count}
|
||||||
cgi-fcgi -bind -connect ${host_ip}:9000 | grep "Content-type" 1>&2; err_count=$(( ${err_count} + ($? * 2)))
|
nc -z ${host_ip} 9001 ; err_count=$(( ${err_count} + ($? * 2)))
|
||||||
cgi-fcgi -bind -connect ${host_ip}:9001 | grep "Content-type" 1>&2; err_count=$(( ${err_count} + ($? * 2)))
|
nc -z ${host_ip} 9002 ; err_count=$(( ${err_count} + ($? * 2)))
|
||||||
/usr/lib/nagios/plugins/check_ping -4 -H ${host_ip} -w 2000,10% -c 4000,100% -p2 1>&2; err_count=$(( ${err_count} + $? ))
|
/usr/lib/nagios/plugins/check_ping -4 -H ${host_ip} -w 2000,10% -c 4000,100% -p2 1>&2; err_count=$(( ${err_count} + $? ))
|
||||||
[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
|
[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
|
||||||
[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
|
[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
|
||||||
|
|
|
@ -82,10 +82,13 @@ server {
|
||||||
#Avoid sending the security headers twice
|
#Avoid sending the security headers twice
|
||||||
fastcgi_param modHeadersAvailable true;
|
fastcgi_param modHeadersAvailable true;
|
||||||
fastcgi_param front_controller_active true;
|
fastcgi_param front_controller_active true;
|
||||||
fastcgi_pass phpfpm:9000;
|
fastcgi_pass phpfpm:9002;
|
||||||
fastcgi_intercept_errors on;
|
fastcgi_intercept_errors on;
|
||||||
fastcgi_request_buffering off;
|
fastcgi_request_buffering off;
|
||||||
client_max_body_size 10G;
|
client_max_body_size 0;
|
||||||
|
fastcgi_param PHP_VALUE "max_execution_time = 1200
|
||||||
|
max_input_time = 1200";
|
||||||
|
fastcgi_read_timeout 1200;
|
||||||
}
|
}
|
||||||
|
|
||||||
location ~ ^/(?:updater|ocs-provider)(?:$|/) {
|
location ~ ^/(?:updater|ocs-provider)(?:$|/) {
|
||||||
|
|
|
@ -16,10 +16,13 @@
|
||||||
fastcgi_param HTTPS on;
|
fastcgi_param HTTPS on;
|
||||||
fastcgi_param modHeadersAvailable true;
|
fastcgi_param modHeadersAvailable true;
|
||||||
fastcgi_param front_controller_active true;
|
fastcgi_param front_controller_active true;
|
||||||
fastcgi_pass phpfpm:9000;
|
fastcgi_pass phpfpm:9002;
|
||||||
fastcgi_intercept_errors on;
|
fastcgi_intercept_errors on;
|
||||||
fastcgi_request_buffering off;
|
fastcgi_request_buffering off;
|
||||||
client_max_body_size 10G;
|
client_max_body_size 0;
|
||||||
|
fastcgi_param PHP_VALUE "max_execution_time = 1200
|
||||||
|
max_input_time = 1200";
|
||||||
|
fastcgi_read_timeout 1200;
|
||||||
}
|
}
|
||||||
location ~ ^/nextcloud/(?:updater|ocs-provider)(?:$|/) {
|
location ~ ^/nextcloud/(?:updater|ocs-provider)(?:$|/) {
|
||||||
try_files $uri/ =404;
|
try_files $uri/ =404;
|
||||||
|
|
|
@ -10,7 +10,7 @@ server {
|
||||||
client_max_body_size 10M;
|
client_max_body_size 10M;
|
||||||
try_files $uri =404;
|
try_files $uri =404;
|
||||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||||
fastcgi_pass phpfpm:9000;
|
fastcgi_pass phpfpm:9001;
|
||||||
fastcgi_index pipe.php;
|
fastcgi_index pipe.php;
|
||||||
include fastcgi_params;
|
include fastcgi_params;
|
||||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||||
|
|
|
@ -35,7 +35,6 @@ server {
|
||||||
add_header X-XSS-Protection "1; mode=block";
|
add_header X-XSS-Protection "1; mode=block";
|
||||||
add_header X-Robots-Tag none;
|
add_header X-Robots-Tag none;
|
||||||
add_header X-Download-Options noopen;
|
add_header X-Download-Options noopen;
|
||||||
add_header X-Frame-Options "SAMEORIGIN";
|
|
||||||
add_header X-Permitted-Cross-Domain-Policies none;
|
add_header X-Permitted-Cross-Domain-Policies none;
|
||||||
|
|
||||||
index index.php index.html;
|
index index.php index.html;
|
||||||
|
@ -76,7 +75,7 @@ server {
|
||||||
location ~ \.php$ {
|
location ~ \.php$ {
|
||||||
try_files $uri =404;
|
try_files $uri =404;
|
||||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||||
fastcgi_pass phpfpm:9000;
|
fastcgi_pass phpfpm:9002;
|
||||||
fastcgi_index index.php;
|
fastcgi_index index.php;
|
||||||
include /etc/nginx/fastcgi_params;
|
include /etc/nginx/fastcgi_params;
|
||||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||||
|
@ -96,9 +95,22 @@ server {
|
||||||
expires $expires;
|
expires $expires;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
location /lists/ {
|
||||||
|
proxy_pass http://mm-web:8000/;
|
||||||
|
proxy_set_header Host $http_host;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_redirect off;
|
||||||
|
expires $expires;
|
||||||
|
}
|
||||||
|
|
||||||
|
location /mm_static {
|
||||||
|
alias /opt/mm_web-data/static;
|
||||||
|
}
|
||||||
|
|
||||||
location ~* ^/Autodiscover/Autodiscover.xml {
|
location ~* ^/Autodiscover/Autodiscover.xml {
|
||||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||||
fastcgi_pass phpfpm:9000;
|
fastcgi_pass phpfpm:9002;
|
||||||
include /etc/nginx/fastcgi_params;
|
include /etc/nginx/fastcgi_params;
|
||||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||||
try_files /autodiscover.php =404;
|
try_files /autodiscover.php =404;
|
||||||
|
@ -106,7 +118,7 @@ server {
|
||||||
|
|
||||||
location ~* ^/Autodiscover/Autodiscover.json {
|
location ~* ^/Autodiscover/Autodiscover.json {
|
||||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||||
fastcgi_pass phpfpm:9000;
|
fastcgi_pass phpfpm:9002;
|
||||||
include /etc/nginx/fastcgi_params;
|
include /etc/nginx/fastcgi_params;
|
||||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||||
try_files /autodiscover-json.php =404;
|
try_files /autodiscover-json.php =404;
|
||||||
|
@ -114,7 +126,7 @@ server {
|
||||||
|
|
||||||
location ~ /(?:m|M)ail/(?:c|C)onfig-v1.1.xml {
|
location ~ /(?:m|M)ail/(?:c|C)onfig-v1.1.xml {
|
||||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||||
fastcgi_pass phpfpm:9000;
|
fastcgi_pass phpfpm:9002;
|
||||||
include /etc/nginx/fastcgi_params;
|
include /etc/nginx/fastcgi_params;
|
||||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||||
try_files /autoconfig.php =404;
|
try_files /autoconfig.php =404;
|
||||||
|
|
|
@ -0,0 +1,25 @@
|
||||||
|
[system-worker]
|
||||||
|
user = www-data
|
||||||
|
group = www-data
|
||||||
|
pm = dynamic
|
||||||
|
pm.max_children = 15
|
||||||
|
pm.start_servers = 2
|
||||||
|
pm.min_spare_servers = 2
|
||||||
|
pm.max_spare_servers = 4
|
||||||
|
listen = [::]:9001
|
||||||
|
access.log = /proc/self/fd/2
|
||||||
|
clear_env = no
|
||||||
|
catch_workers_output = yes
|
||||||
|
|
||||||
|
[web-worker]
|
||||||
|
user = www-data
|
||||||
|
group = www-data
|
||||||
|
pm = dynamic
|
||||||
|
pm.max_children = 50
|
||||||
|
pm.start_servers = 2
|
||||||
|
pm.min_spare_servers = 2
|
||||||
|
pm.max_spare_servers = 4
|
||||||
|
listen = [::]:9002
|
||||||
|
access.log = /proc/self/fd/2
|
||||||
|
clear_env = no
|
||||||
|
catch_workers_output = yes
|
|
@ -0,0 +1,27 @@
|
||||||
|
# High spam networks, disabled by default
|
||||||
|
#201942:5 #Soltia Consulting SL - ipinfo.io
|
||||||
|
#16276:5 #OVH
|
||||||
|
#12876:5 #ONLINE S.A.S
|
||||||
|
#31034:5
|
||||||
|
#12874:5
|
||||||
|
#30823:5
|
||||||
|
#197071:5
|
||||||
|
#42831:5 #UK Dedicated Servers Ltd
|
||||||
|
#29119:5 #Aire Networks del Mediterraneo S.L.U.
|
||||||
|
#13335:5 #Cloudflare
|
||||||
|
#28753:5 #Leaseweb
|
||||||
|
#61272:5 #Informacines sistemos ir technologijos
|
||||||
|
#53755:5 #Input Output Flood LLC
|
||||||
|
#29422:5 #FICIX Helsinki
|
||||||
|
#62255:4 #Asmunda New Media Ltd
|
||||||
|
#14061:4 #Digitalocean
|
||||||
|
#55293:4 #A2 Hosting
|
||||||
|
#63018:4 #US Dedicated
|
||||||
|
#197518:2
|
||||||
|
#44493:2
|
||||||
|
#46606:2
|
||||||
|
#49505:2
|
||||||
|
#21100:2
|
||||||
|
#197695:2
|
||||||
|
#198068:2
|
||||||
|
#43146:2
|
|
@ -27,6 +27,14 @@ KEEP_SPAM {
|
||||||
action = "accept";
|
action = "accept";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
LOCAL_BL_ASN {
|
||||||
|
require_symbols = "!MAILCOW_WHITE";
|
||||||
|
type = "asn";
|
||||||
|
map = "$LOCAL_CONFDIR/custom/bad_asn.map";
|
||||||
|
score = 5;
|
||||||
|
description = "Sender's ASN is on the local blacklist";
|
||||||
|
}
|
||||||
|
|
||||||
#SPOOFED_SENDER {
|
#SPOOFED_SENDER {
|
||||||
# type = "rcpt";
|
# type = "rcpt";
|
||||||
# filter = "email:domain:tld";
|
# filter = "email:domain:tld";
|
||||||
|
|
|
@ -8,6 +8,8 @@ classifier "bayes" {
|
||||||
min_tokens = 11;
|
min_tokens = 11;
|
||||||
min_learns = 20;
|
min_learns = 20;
|
||||||
autolearn = [-20, 50];
|
autolearn = [-20, 50];
|
||||||
|
new_schema = true;
|
||||||
|
expiry = 50d;
|
||||||
per_user = <<EOD
|
per_user = <<EOD
|
||||||
return function(task)
|
return function(task)
|
||||||
local rcpt = task:get_recipients(1)
|
local rcpt = task:get_recipients(1)
|
||||||
|
|
|
@ -59,16 +59,16 @@ rspamd_config:register_symbol({
|
||||||
local redis_params = rspamd_parse_redis_server('dyn_rl')
|
local redis_params = rspamd_parse_redis_server('dyn_rl')
|
||||||
local rspamd_logger = require "rspamd_logger"
|
local rspamd_logger = require "rspamd_logger"
|
||||||
local envfrom = task:get_from(1)
|
local envfrom = task:get_from(1)
|
||||||
if not envfrom then
|
local uname = task:get_user():lower()
|
||||||
|
if not envfrom or not uname then
|
||||||
return false
|
return false
|
||||||
end
|
end
|
||||||
local env_from_domain = envfrom[1].domain:lower() -- get smtp from domain in lower case
|
local env_from_domain = envfrom[1].domain:lower() -- get smtp from domain in lower case
|
||||||
local env_from_addr = envfrom[1].addr:lower() -- get smtp from addr in lower case
|
|
||||||
|
|
||||||
local function redis_cb_user(err, data)
|
local function redis_cb_user(err, data)
|
||||||
|
|
||||||
if err or type(data) ~= 'string' then
|
if err or type(data) ~= 'string' then
|
||||||
rspamd_logger.infox(rspamd_config, "dynamic ratelimit request for user %s returned invalid or empty data (\"%s\") or error (\"%s\") - trying dynamic ratelimit for domain...", env_from_addr, data, err)
|
rspamd_logger.infox(rspamd_config, "dynamic ratelimit request for user %s returned invalid or empty data (\"%s\") or error (\"%s\") - trying dynamic ratelimit for domain...", uname, data, err)
|
||||||
|
|
||||||
local function redis_key_cb_domain(err, data)
|
local function redis_key_cb_domain(err, data)
|
||||||
if err or type(data) ~= 'string' then
|
if err or type(data) ~= 'string' then
|
||||||
|
@ -91,7 +91,7 @@ rspamd_config:register_symbol({
|
||||||
rspamd_logger.infox(rspamd_config, "cannot make request to load ratelimit for domain")
|
rspamd_logger.infox(rspamd_config, "cannot make request to load ratelimit for domain")
|
||||||
end
|
end
|
||||||
else
|
else
|
||||||
rspamd_logger.infox(rspamd_config, "found dynamic ratelimit in redis for user %s with value %s", env_from_addr, data)
|
rspamd_logger.infox(rspamd_config, "found dynamic ratelimit in redis for user %s with value %s", uname, data)
|
||||||
task:insert_result('DYN_RL', 0.0, data)
|
task:insert_result('DYN_RL', 0.0, data)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -99,11 +99,11 @@ rspamd_config:register_symbol({
|
||||||
|
|
||||||
local redis_ret_user = rspamd_redis_make_request(task,
|
local redis_ret_user = rspamd_redis_make_request(task,
|
||||||
redis_params, -- connect params
|
redis_params, -- connect params
|
||||||
env_from_addr, -- hash key
|
uname, -- hash key
|
||||||
false, -- is write
|
false, -- is write
|
||||||
redis_cb_user, --callback
|
redis_cb_user, --callback
|
||||||
'HGET', -- command
|
'HGET', -- command
|
||||||
{'RL_VALUE', env_from_addr} -- arguments
|
{'RL_VALUE', uname} -- arguments
|
||||||
)
|
)
|
||||||
if not redis_ret_user then
|
if not redis_ret_user then
|
||||||
rspamd_logger.infox(rspamd_config, "cannot make request to load ratelimit for user")
|
rspamd_logger.infox(rspamd_config, "cannot make request to load ratelimit for user")
|
||||||
|
|
|
@ -44,7 +44,8 @@ if (!function_exists('getallheaders')) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$raw_data = file_get_contents('php://input');
|
$raw_data_content = file_get_contents('php://input');
|
||||||
|
$raw_data = mb_convert_encoding($raw_data_content, 'HTML-ENTITIES', "UTF-8");
|
||||||
$headers = getallheaders();
|
$headers = getallheaders();
|
||||||
|
|
||||||
$qid = $headers['X-Rspamd-Qid'];
|
$qid = $headers['X-Rspamd-Qid'];
|
||||||
|
|
Loading…
Reference in New Issue