From f60143e983ca02399e1b1a9bd74cfedfb3bb1257 Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Wed, 7 Apr 2021 21:27:05 +0200
Subject: [PATCH] [Postfix, Dovecot, SOGo] Sanitize F2B logs

---
 data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf | 2 +-
 data/Dockerfiles/dovecot/syslog-ng.conf             | 2 +-
 data/Dockerfiles/postfix/syslog-ng-redis_slave.conf | 2 +-
 data/Dockerfiles/postfix/syslog-ng.conf             | 2 +-
 data/Dockerfiles/sogo/syslog-ng-redis_slave.conf    | 2 +-
 data/Dockerfiles/sogo/syslog-ng.conf                | 2 +-
 docker-compose.yml                                  | 6 +++---
 7 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf b/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf
index 335cbfe6..f6905092 100644
--- a/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf
+++ b/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf
@@ -27,7 +27,7 @@ destination d_redis_f2b_channel {
     host("`REDIS_SLAVEOF_IP`")
     persist-name("redis2")
     port(`REDIS_SLAVEOF_PORT`)
-    command("PUBLISH" "F2B_CHANNEL" "$MESSAGE")
+    command("PUBLISH" "F2B_CHANNEL" "$(sanitize $MESSAGE)")
   );
 };
 filter f_mail { facility(mail); };
diff --git a/data/Dockerfiles/dovecot/syslog-ng.conf b/data/Dockerfiles/dovecot/syslog-ng.conf
index f0489ea1..bdaca9cb 100644
--- a/data/Dockerfiles/dovecot/syslog-ng.conf
+++ b/data/Dockerfiles/dovecot/syslog-ng.conf
@@ -27,7 +27,7 @@ destination d_redis_f2b_channel {
     host("redis-mailcow")
     persist-name("redis2")
     port(6379)
-    command("PUBLISH" "F2B_CHANNEL" "$MESSAGE")
+    command("PUBLISH" "F2B_CHANNEL" "$(sanitize $MESSAGE)")
   );
 };
 filter f_mail { facility(mail); };
diff --git a/data/Dockerfiles/postfix/syslog-ng-redis_slave.conf b/data/Dockerfiles/postfix/syslog-ng-redis_slave.conf
index 609ee55e..40fb1cda 100644
--- a/data/Dockerfiles/postfix/syslog-ng-redis_slave.conf
+++ b/data/Dockerfiles/postfix/syslog-ng-redis_slave.conf
@@ -28,7 +28,7 @@ destination d_redis_f2b_channel {
     host("`REDIS_SLAVEOF_IP`")
     persist-name("redis2")
     port(`REDIS_SLAVEOF_PORT`)
-    command("PUBLISH" "F2B_CHANNEL" "$MESSAGE")
+    command("PUBLISH" "F2B_CHANNEL" "$(sanitize $MESSAGE)")
   );
 };
 filter f_mail { facility(mail); };
diff --git a/data/Dockerfiles/postfix/syslog-ng.conf b/data/Dockerfiles/postfix/syslog-ng.conf
index 9e14fe17..8fdc104e 100644
--- a/data/Dockerfiles/postfix/syslog-ng.conf
+++ b/data/Dockerfiles/postfix/syslog-ng.conf
@@ -28,7 +28,7 @@ destination d_redis_f2b_channel {
     host("redis-mailcow")
     persist-name("redis2")
     port(6379)
-    command("PUBLISH" "F2B_CHANNEL" "$MESSAGE")
+    command("PUBLISH" "F2B_CHANNEL" "$(sanitize $MESSAGE)")
   );
 };
 filter f_mail { facility(mail); };
diff --git a/data/Dockerfiles/sogo/syslog-ng-redis_slave.conf b/data/Dockerfiles/sogo/syslog-ng-redis_slave.conf
index 9b04c781..5a84b722 100644
--- a/data/Dockerfiles/sogo/syslog-ng-redis_slave.conf
+++ b/data/Dockerfiles/sogo/syslog-ng-redis_slave.conf
@@ -30,7 +30,7 @@ destination d_redis_f2b_channel {
     host("`REDIS_SLAVEOF_IP`")
     persist-name("redis2")
     port(`REDIS_SLAVEOF_PORT`)
-    command("PUBLISH" "F2B_CHANNEL" "$MESSAGE")
+    command("PUBLISH" "F2B_CHANNEL" "$(sanitize $MESSAGE)")
   );
 };
 log {
diff --git a/data/Dockerfiles/sogo/syslog-ng.conf b/data/Dockerfiles/sogo/syslog-ng.conf
index 0c257d6a..537038ef 100644
--- a/data/Dockerfiles/sogo/syslog-ng.conf
+++ b/data/Dockerfiles/sogo/syslog-ng.conf
@@ -30,7 +30,7 @@ destination d_redis_f2b_channel {
     host("redis-mailcow")
     persist-name("redis2")
     port(6379)
-    command("PUBLISH" "F2B_CHANNEL" "$MESSAGE")
+    command("PUBLISH" "F2B_CHANNEL" "$(sanitize $MESSAGE)")
   );
 };
 log {
diff --git a/docker-compose.yml b/docker-compose.yml
index 61c215c3..4fa53d99 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -164,7 +164,7 @@ services:
             - phpfpm
 
     sogo-mailcow:
-      image: mailcow/sogo:1.97
+      image: mailcow/sogo:1.98
       environment:
         - DBNAME=${DBNAME}
         - DBUSER=${DBUSER}
@@ -200,7 +200,7 @@ services:
             - sogo
 
     dovecot-mailcow:
-      image: mailcow/dovecot:1.144
+      image: mailcow/dovecot:1.145
       depends_on:
         - mysql-mailcow
       dns:
@@ -261,7 +261,7 @@ services:
             - dovecot
 
     postfix-mailcow:
-      image: mailcow/postfix:1.60
+      image: mailcow/postfix:1.61
       depends_on:
         - mysql-mailcow
       volumes: