Commit Graph

703 Commits (07c7da2821c1c45ee4219ac6f4d547763e109675)

Author SHA1 Message Date
André d8f86ae488 [Rspamd] Add local fuzzy worker 2018-07-29 00:34:36 +02:00
André f1b096b36e [Dovecot] Increase process_limit to 500, thanks to @mritzmann 2018-07-25 21:04:24 +02:00
André e2ed2eab53 [Rspamd] Remove per_user settings as they were pretty much useless, some minor changes to bayes" 2018-07-25 01:06:12 +02:00
André 7de2607594 [Dovecot] Enable vacation-seconds with a default min period of 5s and a default period of 60s 2018-07-23 19:59:23 +02:00
André a83adc4d31 [Rspamd] Remove unused user_keywords and dynamic_rates from ratelimit module 2018-07-15 12:02:37 +02:00
André 882ee5fee6 [Rspamd] Re-use fixed new ratelimit 2018-07-15 12:01:28 +02:00
André 353af8e3a4 [Rspamd] Set start and end to rcpt matching regex 2018-07-12 23:18:49 +02:00
André 587f37a300 [Dovecot] Remove additional hash scheme and let Dovecot decide the hash by prefix 2018-07-12 00:46:31 +02:00
André 2aef18d130 [Dovecot] Remove user queries from passdb + add a second passdb for additional algorithms + create userdb without password queries 2018-07-12 00:23:12 +02:00
André 1b47ae55f1 [SOGo] Set SOGoPasswordChangeEnabled = YES - allow user to change password in SOGo 2018-07-11 22:11:09 +02:00
André fa0b351da6 [Postfix] smtpd_tls_eecdh_grade = auto 2018-07-11 22:10:32 +02:00
André 37fbce855e [Rspamd] Remove autolearn from Rspamd 2018-07-03 23:24:11 +02:00
André d6a74e82e3 [ACME] Fix for CNAME response on AAAA dig request 2018-06-28 20:41:44 +02:00
André 9dc250c9f2 [Rspamd] Important fix for settings map 2018-06-28 11:48:23 +02:00
André Peters bca8920679
Revert "[Postfix] Default SMTP server security grade for EECDH key exchange" 2018-06-27 23:28:54 +02:00
elcore c386dfc11d
[Postfix] Default SMTP server security grade for EECDH key exchange 2018-06-27 03:39:54 +02:00
André 5905a3919c [Dovecot] Minor changes to ciphers, still disallow insecure ciphers 2018-06-26 07:50:17 +02:00
André a5d40a4ab6 [Postfix] Re-enable TLS 1, 1.1 and some ciphers - real-world tests have shown this setup uses TOO MANY plain text sessions due to compatibility issues 2018-06-25 22:31:23 +02:00
André b8973648ff [Rspamd] Disable default authenticated user ratelimit 2018-06-24 11:40:31 +02:00
André 8bb24a9866 [Rspamd] Load additional settings defined in web ui 2018-06-23 23:48:06 +02:00
André aa6a136c1f [Dockerapi, Dovecot] Fix missing active user filter 2018-06-20 07:25:10 +02:00
André e79429beef [PHP-FPM, Nginx] Move some PHP parameters from Nginx to FPM configuration file 2018-06-10 14:31:24 +02:00
André 27d3388579 [Rspamd] Remove antivirus debugging 2018-06-10 14:30:30 +02:00
André f15f30d53e [Dovecot] Re-enable lz4 until 2.3.2 to verify replication fix 2018-06-08 09:09:31 +02:00
André 0a44ea1a4c [Dovecot] Lz4 compression sometimes leads to strange EOF errors when replicating
[Web] Cleanup JSON API
2018-06-05 00:31:27 +02:00
André 777e469958 [ClamAV] Remove deprecated AllowSupplementaryGroups 2018-05-30 20:28:23 +02:00
André 1b35376252 [Rspamd] Remove score for CTYPE_MIXED_BOGUS and ARC_REJECT, increase DNS timeout 2018-05-30 18:40:43 +02:00
apoc4lyps 918343865e
hardening http headers 2018-05-28 12:28:23 +02:00
Michael Kuron ea84004410
[rspamd] fix redis multimaps in version 1.7.5
The key's value was being used as symbol name instead of the symbol name defined in the config file
2018-05-25 18:58:37 +02:00
André 1f7a5d586c [Rspamd] Remove IP, fixes #1400 2018-05-19 00:14:30 +02:00
André 8ff4eb8076 [Rspamd] Slight changes to neural plugin 2018-05-18 21:39:25 +02:00
André 7a5d3af80b [Rspamd] Slight changes to neural 2018-05-17 11:15:46 +02:00
André 5e2d19ac62 [Rspamd] Add neural module and define its scores 2018-05-16 21:26:05 +02:00
André d167ade957 [Rspamd] Remove explict redis servers from statistic, add a name 2018-05-16 21:25:55 +02:00
André a8d9b4359e [Dovecot] Set vszlimits for some services to prevent oom situations, fixes #1203 2018-05-12 08:52:03 +02:00
André 7f72e44dac [Rspamd] Move symbols to corresponding groups 2018-05-11 10:40:26 +02:00
André 527e790620 [Web] Store session data in Redis 2018-05-08 12:55:19 +02:00
André 4c31adaa82 [Rspamd] Ratelimit: fix attempt to index a nil value when no authenticated user is found in a message 2018-05-01 22:44:03 +02:00
André 30cea1da9a [SOGo] Increase workers count to 20
[Postfix] Add extended TLS header
[Web] Increase timeout to 10 for docker API connections
[Postfix] Add perl package
2018-04-26 14:08:45 +02:00
André ef6644df34 [PHP-FPM] Delete old pool files
[Nginx] Remove dev code
2018-04-26 13:57:23 +02:00
André 7181ee4658 [Rspamd] Apply ratelimit against authenticated user instead of envelope from
[PHP-FPM] Create PHP-FPM listeners 9001 (system) and 9002 (web), drop 9000
[Rspamd] Parse quarantine messages as utf8
[Rspamd] Use new schema for Rspamd bayes hashes and expire them in Redis
[SOGo] Change default logo
[SOGo] Use different keyserver by default in Dockerfile
[Rspamd] Add bad ASN list (disabled by default)
[Watchdog] Change the way we check PHP-FPM, change SOGo check
[Nginx] Change ports according to new PHP-FPM listeners
[Update] Fix PHP-FPM ports for existing non-mailcow Nginx sites
2018-04-26 13:56:07 +02:00
André f53006f6ab [Dovecot] Dovecot 2.3.1, Pigeonhole 0.5.1
[ClamAV] 0.100.0, new log method without pipes
[Compose] New images for Dovecot and ClamAV, add persistent tty to clamd-mailcow
2018-04-26 12:36:13 +02:00
Michael Kuron ea3502f2a1
rspamd: Fix NO_LOG_STAT for everycloud monitoring 2018-04-02 19:26:15 +02:00
André Peters 8a7664f7d5 [Nginx] Add larger map bucket size, fixes 1112 2018-03-01 07:28:06 +01:00
André Peters b255ecd62b [Dovecot] Add, but disable auth_debug 2018-02-27 20:54:46 +01:00
André Peters 6b066c2891
Merge pull request #1090 from extremeshok/patch-5
Enable maildir compression
2018-02-26 18:54:04 +01:00
André Peters 410cbf55b6
Update dovecot.conf 2018-02-26 18:53:56 +01:00
André Peters bbbe52f560 [SOGo] Add blue (default) and red theme 2018-02-22 09:20:46 +01:00
André Peters f3896195d4
Update worker-controller-password.inc 2018-02-22 09:19:01 +01:00
André Peters eb4dd632ae [Web] Fix autodiscover triggering fail2ban implementation, fixes #1069 2018-02-22 09:16:16 +01:00
André Peters da48bd721f
Merge pull request #1056 from klausenbusk/nginx-deduplicate
[Nginx] Reduce config duplication
2018-02-19 13:12:46 +01:00
André Peters ff3328ea8c [SOGo] Use indigo theme, copy logo and theme.js to image 2018-02-19 12:56:45 +01:00
Kristian Klausen 63002cbb74 [Nginx] Reduce config duplication
It does not make sense having a seperate server block for both http
and https.
According to the nginx doc [1], using the same server block for both
should work.

[1] http://nginx.org/en/docs/http/configuring_https_servers.html#single_http_https_server
2018-02-15 21:23:07 +01:00
eXtremeSHOK 1e40472017
Enable maildir compression
Currently the plugin is loaded, but actual compression is not enabled.

https://wiki.dovecot.org/Plugins/Zlib
2018-02-14 14:38:06 +02:00
André Peters 0bfd0838c2 [SOGo] Increase workers again 2018-02-14 11:26:55 +01:00
André Peters e186e350ef [Nginx] Fixes #1033 2018-02-14 09:09:17 +01:00
André Peters 993c998716
Merge pull request #995 from Alireza2n/master
SOGO & Rspamd interface: adding "expire" header to static files, allowing browser to be able to cache them
2018-02-14 07:50:22 +01:00
André Peters 943598f705 [Nginx] Fix EAS... 2018-02-13 09:12:54 +01:00
André Peters fb92619aac [Nginx] Fix EAS... 2018-02-13 09:12:21 +01:00
André Peters 458dfc8418 [Nginx] Remove unused file 2018-02-13 09:11:13 +01:00
André Peters 406e7ebd07 [Nginx] Fix EAS 2018-02-13 09:10:41 +01:00
André Peters 21e8edae43 [Nginx] Fix EAS 2018-02-13 09:09:41 +01:00
André Peters 63f7e5930d [Nginx] Fix EAS 2018-02-13 09:07:44 +01:00
André Peters e85cd38945 [SOGo] SOGo refuses to bind to IPv6, so force IPv4 in proxy_pass, fixes #1006 2018-02-12 21:34:59 +01:00
André Peters 74c804b9a3 [SOGo] SOGo refuses to bind to IPv6, so force IPv4 in proxy_pass, fixes #1006 2018-02-12 21:32:49 +01:00
André Peters 5030ce7547 [Web] More and more fixes for #1017 2018-02-11 15:59:35 +01:00
André Peters 07a05b9363 [Rspamd] Enable more modules 2018-02-09 10:32:42 +01:00
André Peters e5031accbb [Nginx] Remove auto-redirect to not break rp 2018-02-09 09:59:35 +01:00
André Peters 3a1e7b4ee1 [Nginx] Pass args when redirecting to https 2018-02-09 09:11:59 +01:00
André Peters 557fa4385c [Rspamd] Also listen on socket for internal communication 2018-02-08 22:55:34 +01:00
André Peters a50036477e [Web] Mind was set to french, reverting to english 2018-02-08 20:13:36 +01:00
andre.peters e8fe5282b2 [Dovecot] Inconsistent view fix 2018-02-05 21:55:37 +01:00
andre.peters dda2768f10 [Dovecot] Enable IMAP metadata 2018-02-05 21:42:23 +01:00
Alireza 781a5eb69a Added expires directive and map to nginx, allowing browser to cache SOGO JS,CSS,WOFF files. 2018-02-02 18:38:18 +03:30
Alireza 1b898b1c7b Added expires directive and map to nginx, allowing browser to cache rspamd JS,CSS and image files. 2018-02-02 17:46:49 +03:30
Alireza 64fbc73582 Added expires directive and map to nginx, allowing browser to cache rspamd JS,CSS and image files. 2018-02-02 17:42:19 +03:30
andre.peters d6cbe5b10a [Unbound] Fix IPv6 subnet 2018-02-01 13:37:50 +01:00
andre.peters 36cb6d288d [Rspamd] Fix IPv6 subnet 2018-02-01 13:36:24 +01:00
andre.peters 70ac65d794 [Nginx] Fix IPv6 subnet, only rewrite to HTTPS when request is not internal 2018-02-01 13:36:01 +01:00
andre.peters 03ad0f22c4 [PHP-FPM] Add bind for upload.ini 2018-01-30 09:00:34 +01:00
André Peters 4405cb3e74
Merge pull request #953 from mkuron/recipient_map
Expose Postfix's recipient_canonical_maps through web UI
2018-01-28 11:09:22 +01:00
andre.peters 1f08e9a7b7 [Postfix] Fixes #967 (assign correct local network range for mynetworks) 2018-01-27 18:13:35 +01:00
Michael Kuron c30448c4d8 Merge branch 'master' of https://github.com/andryyy/mailcow-dockerized into recipient_map
Conflicts:
	data/web/inc/init_db.inc.php
2018-01-27 17:22:08 +01:00
andre.peters f0bc580ceb [PHP-FPM] Fix port... 2018-01-27 12:09:25 +01:00
andre.peters c33ec7e989 [PHP-FPM] Fix duplicate listen 2018-01-27 10:33:50 +01:00
andre.peters c7729f195b [Rspamd] Fixes #960 2018-01-26 18:56:19 +01:00
andre.peters 7149350973 [Rspamd] Allow internal IPv6 networks 2018-01-24 08:37:49 +01:00
andre.peters c9b3044d5d [Postfix] Allow internal IPv6 networks 2018-01-24 08:37:27 +01:00
andre.peters 7efe67daaf [ClamAV] Mount ClamAV config files 2018-01-24 08:36:56 +01:00
andre.peters 696b52b5eb [Unbound] Allow internal networks in access-control 2018-01-24 08:36:37 +01:00
andre.peters 67ddc710a7 [Nginx] Set real IP from internal networks 2018-01-24 08:36:19 +01:00
andre.peters 40a9389295 [SOGo] Reduce workers to 7 by default 2018-01-24 08:30:25 +01:00
Michael Kuron e86565e283 Expose Postfix's recipient_canonical_maps through web UI 2018-01-23 20:02:31 +01:00
andre.peters a50f85026a [PHP-FPM] Mount php configs into container 2018-01-21 15:00:28 +01:00
andre.peters 83a21259f7 [Rspamd] Use names instead of IPs 2018-01-21 15:00:05 +01:00
andre.peters 83fb8c0fd8 [Nginx] Use names instead of IPs 2018-01-21 14:59:45 +01:00
André Peters 5648ec6d39
Merge pull request #915 from tiirex9/master
Adds 'do nothing' as default for sub-addressing
2018-01-18 10:27:14 +01:00
andre.peters 003e6ef5cd [Web] Important fixes for quarantaine; other minor changes 2018-01-17 15:22:11 +01:00
andre.peters 0019502069 [Rspamd] Increase spam scores for SPF failures 2018-01-16 21:02:45 +01:00
andre.peters c6bcf322ff [Rspamd] Force-add metadata_exporter 2018-01-16 18:58:29 +01:00
Tii d58b89528f rspamd multimap redis stuff doesn't work as expected... 2018-01-16 16:31:37 +01:00
Tii 2291bdbeed Added 'do nothing' option as default for sub-addressing 2018-01-16 13:13:04 +01:00
Tii cd2c242540 Added 'do nothing' option as default for sub-addressing 2018-01-16 12:47:59 +01:00
andre.peters 5fd3d986c7 [Rspamd] Fix settings map regex 2018-01-16 12:42:09 +01:00
andre.peters 5d5d36fc60 [Dovecot] Revert to 2.2 to fix various errors 2018-01-14 10:44:06 +01:00
andre.peters 0d8c7e446a [Dovecot] Update config to fit Dovecot 2.3 2018-01-09 11:28:12 +01:00
andre.peters 868abc15bd [Rspamd] Fix worker-controller-password placeholder 2018-01-02 18:15:33 +01:00
Amir Zarrinkafsh 65386d4ccf Included folder mapping for iOS Mail Trash folder. 2017-12-30 13:58:17 +11:00
andre.peters eb57fce38f [Dovecot] Possibly fixes #722 2017-12-25 10:25:50 +01:00
andre.peters ae56c3b59e Fix quarantaine 2017-12-11 10:44:46 +01:00
andre.peters d71b6f0ad1 Add placeholder for Rspamd controller password written via UI 2017-12-11 09:41:29 +01:00
andre.peters 873222d5f8 [Rspamd] Remove DKIM forced action, move ratelimit lua, add meta exporter 2017-12-09 09:08:23 +01:00
andre.peters c8f41cdae2 [Postfix] Listener for quarantaine, remove excluded Docker gw from mynetworks 2017-12-09 09:07:06 +01:00
andre.peters 21a677e024 [MariaDB] Move config to my.cnf, removed from yml 2017-12-09 09:06:04 +01:00
André Peters b1855587ec
Revert exclude, bad idea 2017-12-05 20:53:45 +01:00
André 3ec3a341e4 [Postfix] Remove gw from mynetworks in case of ipv6 failures 2017-11-21 09:33:43 +01:00
André Peters 4c98cbec27
Exclude 172.22.1.1 from mynetworks
In case of v6 nat failures.
2017-11-19 18:44:18 +01:00
André ade4b9e7ae [Postfix, Web] Feature: BCC maps 2017-11-19 15:13:43 +01:00
André c2d9928f8f [Rspamd] Set task timeout to 12s 2017-11-10 19:58:56 +01:00
André 3873e38919 [SOGo] Use SOGoMaximumSyncResponseSize of 2048 2017-11-06 13:35:48 +01:00
André 586a0b0e05 [Dovecot] Add bindirs to cache compiled scripts, drop some privileges, run one login proc per user 2017-11-05 12:18:52 +01:00
André b16684ce20 [Rspamd] Slightly reduce map watch interval 2017-11-03 20:26:36 +01:00
André 21e20f3786 [Dovecot] sieve_before/after maps in sql, changed dict names 2017-11-03 20:25:43 +01:00
André f067a45bcb [SOGo] Should fix some Android sync issues 2017-11-02 09:51:58 +01:00
André 1e9bc49f2c [Rspamd] Echo dummy for fowardingshosts map; Use higher map reading interval;
[Dockerapi] Exit on sigterm;
[Watchdog] Wait for dockerapi-mailcow to be online
2017-10-27 11:22:39 +02:00
André 083174a9bd [Rspamd] Do not try to index nil value 2017-10-26 22:25:13 +02:00
André 4156b4cdf8 [Rspamd] Disable spoofed sender check 2017-10-26 10:29:13 +02:00
André 988978b351 [Rspamd] Remove log helper and disable fann redis 2017-10-25 20:55:11 +02:00
André 4fd5b9afba [SOGo] Fix for some Outlook 2016 EAS problems 2017-10-25 08:57:34 +02:00
André f7cd7cc123 [Rspamd] Redis history is enabled by default 2017-10-21 10:09:53 +02:00
Michael Kuron a4ccd780c6 rspamd: disable greylisting for forwarding hosts 2017-10-14 16:40:44 +02:00
André a3e966696f [Nginx] Revert to site splitting 2017-10-12 08:37:48 +02:00
andryyy c5054ae7ed [Watchdog] Ignore null name in jq
[Nginx] Merge sites
[Scripts] Nextcloud helper script (testing!)
2017-10-11 22:56:22 +02:00
andryyy 57484e4a45 [Postfix] Log all watchdog activities to local7 facility 2017-10-11 11:21:41 +02:00
andryyy 874aac3c5e [Nginx, PHP-FPM] Do not expose PHP version, example for nextcloud site, include custom locations to site (add site.something.custom to data/conf/nginx) 2017-10-08 22:57:34 +02:00
andryyy fc18d153cd [Compose, DockerAPI, Web, Watchdog] Watchdog may send notification mails (todo: docs), DockerAPI via Flesk for limited access 2017-10-05 23:38:33 +02:00
andryyy 073c6c6e73 [Postfix/Rspamd] Do not reject unauthenticated sender mismatches but rewrite their subject and assign symbol SPOOFED_SENDER with score 1.0 2017-10-04 23:16:39 +02:00
André Peters d8636113dd Merge pull request #636 from mkuron/outlook
Preliminary support for Outlook 2016’s autodiscover.json
2017-10-03 21:23:59 +03:00
Michael Kuron c731a18f66 Preliminary support for Outlook 2016’s autodiscover.json 2017-09-26 22:11:01 +02:00
andryyy f257ed92f5 [Rspamd] Add missing ratelimit.conf 2017-09-21 22:21:11 +02:00
andryyy edb2be979b [Postfix] Changes to ignore watchdog checks 2017-09-21 19:25:43 +02:00
andryyy fd3b2e5f16 [Rspamd] Changes to ignore watchdog checks 2017-09-21 19:25:17 +02:00
andryyy 288a55b1f3 Merge branch 'dev' of https://github.com/mailcow/mailcow-dockerized into dev 2017-09-20 23:25:07 +02:00
andryyy ea5aa261c9 [Unbound] Define mailcow ip6 as private 2017-09-20 23:23:11 +02:00
Michael Kuron a411a357b9 rspamd: exclude Mail Flow monitoring from logs and stats 2017-09-20 15:21:02 +02:00
andryyy a8fb1d3f4f Add experimental watchdog 2017-09-20 10:56:49 +02:00
andryyy 719aa1a391 [Postfix] Fix protocols 2017-09-18 10:59:45 +02:00
andryyy 67056dc3d1 [Postfix] Less strict smtpd_tls_mandatory_protocols 2017-09-18 08:24:24 +02:00
Michael Kuron e4f13568d1 Rspamd user settings: fix matching From header 2017-09-16 18:46:28 +02:00
andryyy 089e8776f5 [Postfix] Stricter TLS settings for mandatory connections 2017-09-14 13:34:23 +02:00
andryyy f0df390d12 [Nginx] Stricter TLS settings 2017-09-14 13:34:07 +02:00
andryyy 00e465a9a1 [Dovecot] Allow INBOX to be shared, sigh... fixes #594 2017-09-14 13:32:11 +02:00
andryyy 92e6c9daae [Nginx] Fix SSL temp. 2017-09-11 17:37:25 +02:00
JOduMonT b2b9731020 a little bit of security
Hide the version of NGINX, block XSS and more...

inspired by : https://gist.github.com/plentz/6737338
2017-09-09 23:10:36 +07:00
André Peters 78c363b7a5 Merge pull request #565 from mkuron/softreject
Forwarding hosts: treat soft reject like greylist
2017-09-09 10:43:41 +02:00
Michael Kuron 3d9c161be1 Forwarding hosts: treat soft reject like greylist 2017-09-09 10:30:26 +02:00
andryyy cfd9316d74 Merge branch 'dev' of https://github.com/mailcow/mailcow-dockerized into dev 2017-08-30 21:43:45 +02:00
andryyy b1213c51d7 [Rspamd] Dynamic ratelimit fixed, removed async redis request; Ready to implement per-user ratelimits via UI (tbd) 2017-08-30 21:42:39 +02:00
André Peters 29acfe85db Merge pull request #536 from mkuron/patch-1
Rspamd user blacklist/whitelist improvements
2017-08-28 22:55:12 +02:00
Michael Kuron 8383ba5e9c Rspamd user settings: fix From header match
The request_header regex appears to not be expected to be encapsulated in slashes and does not seem to accept flags.
2017-08-28 20:27:53 +02:00
Michael Kuron fcd8cfa4f4 Rspamd user settings: don't print all email addresses of a domain
The ucl_rcpts function can already deal with domains, so lets use this capability.
2017-08-27 14:19:29 +02:00
Michael Kuron 93a092e627 Rspamd user settings: also match From header 2017-08-27 14:19:28 +02:00
Michael Kuron e178ca36de Rspamd user settings: make regexes case-insensitive
This is necessary because the user web UI normalizes to lowercase
2017-08-27 14:19:28 +02:00
andryyy e47feeffd6 [Rspamd] Add custom directory for own files 2017-08-18 22:17:01 +02:00
andryyy e5faee9037 [Nginx] Disable client_max_body_size 2017-08-09 10:17:32 +02:00
andryyy d85352fa9a [Dovecot] Use listescape 2017-07-31 12:41:18 +02:00
andryyy aabcf65c69 [Nginx] Set server_names_hash_bucket_size 64 2017-07-30 21:39:35 +02:00
andryyy 9be3aa3334 [Rspamd] Disable monitored 2017-07-27 09:03:44 +02:00
andryyy 83d485dd94 [Web, Postfix, Compose] Allow to add relayhosts per domain (+ plain and login authentication) 2017-07-22 20:39:54 +02:00
andryyy ed33cb5f57 [Rspamd] ARC: Disallow login/domain mismatch 2017-07-21 11:03:35 +02:00
andryyy 256c9d86dd [Rspamd] Initial custom ratelimit support 2017-07-13 12:55:14 +02:00
andryyy a31819fd6c [SOGo] Log to a pipe to not keep logs in a container 2017-07-11 17:08:06 +02:00
andryyy 08b99c8d74 [Dovecot] Add doveadm service 2017-07-10 21:30:45 +02:00
andryyy c5d90b821a [Dovecot] Add extra.conf include to override Dovecot configuration changes 2017-07-10 09:19:12 +02:00
andryyy 56a652fbf3 [Rspamd] Set error_reporting to 0 2017-07-02 11:25:14 +02:00
andryyy afc8c93c07 [Rspamd] Cleanup settings map 2017-07-01 23:14:27 +02:00
andryyy 6cd44b4136 Remove old code 2017-06-26 23:17:46 +02:00
andryyy cbb4f51a9d Fix Junk-E-Mail folder name 2017-06-25 11:32:21 +02:00
andryyy 3be99d7f89 Set IPv6 network as secure_ip range in Rspamd 2017-06-24 22:07:26 +02:00
andryyy 578011c78c Move milter config, increase timeout for DNS 2017-06-21 10:18:52 +02:00
andryyy 036c51f053 Prefere ipv4 to fix problems on v4-only envs 2017-06-19 10:39:14 +02:00
andryyy 2a845a0d21 Less verbose 2017-06-18 20:57:54 +02:00
andryyy 9117c499ef Do not break DNS replies.... 2017-06-18 20:57:26 +02:00
andryyy 6fa19a37d8 Unbound changes 2017-06-18 20:23:26 +02:00
andryyy ba3fc47d5f Fix autodiscover, thanks to K2rool! 2017-06-15 23:03:10 +02:00
James Smith bcdbbf0102 Make autodiscover case insensitive 2017-06-14 23:42:42 +01:00
andryyy 83cb686e33 Fix fix for Apple dav.... 2017-06-14 23:17:31 +02:00
andryyy 495bf05fb8 Fix for Apple autoconfiguration (dav) 2017-06-14 23:14:41 +02:00
andryyy e99fa9433e Fix dav url detection for apple 2017-06-14 23:10:50 +02:00
andryyy 44197c410e Do not add milter headers for authenticated users 2017-06-13 07:41:00 +02:00
André Peters 329ac40d95 Merge pull request #332 from mkuron/symlink
Replace symlink to PHP script
2017-06-08 20:57:51 +02:00
andryyy 663ea7815c Use new milter interface 2017-06-06 22:01:41 +02:00
andryyy a41cafac3e Switch to Rspamds milter interface 2017-06-06 22:00:34 +02:00
andryyy c9318ecf83 Switch to Rspamds milter interface 2017-06-06 21:59:44 +02:00
andryyy e15795e112 Enable http2 2017-06-06 21:59:27 +02:00
Michael Kuron 062abb0ca7 Replace symlink to PHP script 2017-06-04 13:31:35 +02:00
andryyy 55071805f3 Execute after rmilter_headers (prio 10) 2017-05-29 21:53:47 +02:00
andryyy d33399b3cb Fix mismatch in env and from mime header when signing mail 2017-05-29 21:49:01 +02:00
andryyy e159eb7522 Fix listener 2017-05-29 21:48:41 +02:00
Michael Kuron eb9217a8b8 SOGo UI: per-user authentication failure rate-limiting 2017-05-28 16:02:34 +02:00
André Peters fb6893f664 Add IPv6 2017-05-28 11:14:43 +02:00
andryyy 813207c694 Listen on internal IPv6 2017-05-25 10:59:57 +02:00
andryyy fd92283fb8 Add missing ; 2017-05-24 10:03:06 +02:00
andryyy 258a8ee6e9 Add IPv6 listener to Nginx, fixes IO error in Rspamd logs 2017-05-23 22:24:30 +02:00
andryyy 466b8137e5 Add log_helper to Rspamd, add IPv6 for http maps in Nginx, make Bind listen on v6 and add acl for internal network 2017-05-23 22:23:34 +02:00
andryyy 21714bd054 Remove obsolete map 2017-05-23 21:50:33 +02:00
andryyy f3a1d81347 Rate extensions 2017-05-23 21:50:05 +02:00
andryyy e99db685e5 Change map watch interval, remove Mraptor 2017-05-20 14:28:05 +02:00
andryyy 9965ff10a7 Fix mynetworks: Add mailcow ipv6 network 2017-05-17 22:38:59 +02:00
andryyy 63324b0de8 Fix mynetworks: Add mailcow ipv6 network 2017-05-17 22:38:11 +02:00
Michael Kuron 759f21ac6b Consistent symbol names for forwarding hosts
multimap.conf and force_actions weren't using the same name
2017-05-09 07:29:43 +02:00
andryyy d64ed65575 Add multimap and forced actions for forwarded_hosts, removed from settings 2017-05-08 23:09:21 +02:00
André Peters 5861bec0c3 Merge pull request #256 from mkuron/forwardinghosts
Optionally enable spam filter for forwarding hosts
2017-05-08 19:00:42 +02:00
andryyy cdf7c87e20 Deleted two http maps, replaced by redis multimaps, much better tag system 2017-05-08 15:39:33 +02:00
Michael Kuron 7efc720d47 Merge remote-tracking branch 'origin/dev' into forwardinghosts 2017-05-08 07:39:30 +02:00
andryyy aa98d86feb Sieve rule for tags changed 2017-05-08 00:27:16 +02:00
Michael Kuron ae6d7d63fc Optionally enable spam filter for forwarding hosts 2017-05-07 08:50:28 +02:00
andryyy fa3a47fde5 Log to syslog 2017-05-06 23:42:07 +02:00
andryyy ecda4fb1d1 Change whitelist for forwarding hosts 2017-05-06 23:41:58 +02:00
andryyy b3a161f930 Keep format 2017-05-06 08:09:40 +02:00
andryyy 1501df6e42 Use Redis for DKIM keys, define any selector, auto-merge old keys to Redis and fallback to files 2017-05-05 10:35:27 +02:00
andryyy e3f9839410 Do not use sld for DKIM signing 2017-05-04 19:12:21 +02:00
andryyy edc41b48d1 Add map for scheme... 2017-05-03 22:26:10 +02:00
andryyy 2f0129539b Hopefully fix all Nginx reverse proxy issues, see documentation updates! 2017-05-03 18:05:13 +02:00
andryyy 8f213e8df9 Changes to api path 2017-04-29 16:36:41 +02:00
andryyy a03b36e0c3 Add object to Nginx api configuration 2017-04-26 23:37:55 +02:00
andryyy fd84b2ffa9 Change DKIM to new method, add clamav forced action when virus is found" 2017-04-25 20:32:36 +02:00
andryyy e4310cafb3 Revert RP changes 2017-04-25 10:49:38 +02:00
Michael Kuron f3fad4e7a2 Remove rspamd size limit
This ensures that the spam and antivirus filters cannot be evaded by making the message large enough.
Rspamd does not need a size limit on its own (e.g. for DoS protection) as Postfix already has a size limit (message_size_limit).
2017-04-24 19:49:41 +02:00
André Peters 0f3202109d Merge pull request #212 from mkuron/reverseproxy
Fix CalDAV/CardDAV URLs displayed in SOGo web interface when used behind reverse proxy
2017-04-24 10:09:32 +02:00
andryyy 755da65426 Change path 2017-04-23 19:38:27 +02:00
andryyy 55f6384f2a Change to hostname, connection is not important for container start 2017-04-23 17:43:29 +02:00
Michael Kuron affa52edcf Forwarding hosts: don’t add configuration if none are defined 2017-04-22 18:34:49 +02:00
Michael Kuron 08612f0aef Merge remote-tracking branch 'origin/dev' into forwardinghosts 2017-04-22 18:13:58 +02:00
Michael Kuron 894d6234e9 Improvements to forwarding hosts in Postfix
- No more premature EOF and no more leaking of bash processes
- Log result
- Correctly treat non-CIDR entries
- Adapt to schema change from df71e97
- Correctly report SQL failure
2017-04-22 14:28:51 +02:00
andryyy 8adcc4fcd3 Force add mailcow_black/white 2017-04-21 10:19:45 +02:00
andryyy be28877f68 Remove permanent moo symbol 2017-04-21 10:19:24 +02:00
andryyy 95cbfe3661 Move mail to spam when DKIM fails, ignore when white/blacklist and honor other actions 2017-04-21 10:19:07 +02:00
andryyy babad4f137 Anti-Virus local configuration for Rspamd, container not enabled by default 2017-04-20 21:14:20 +02:00
Michael Kuron d350c009b9 Fix login redirect behind reverse proxy 2017-04-20 19:53:56 +02:00
Michael Kuron 06e64c585c Fix CalDAV/CardDAV URLs displayed in SOGo web interface when used behind a reverse proxy 2017-04-18 20:24:43 +02:00
Michael Kuron a75d916b74 Forwarding hosts in postscreen 2017-04-17 15:51:50 +02:00
Michael Kuron 8822eb57c8 Forwarding hosts in rspamd 2017-04-17 15:51:50 +02:00
andryyy d0d87ead49 Zeyple is not enabled by default 2017-04-10 13:16:40 +02:00
andryyy 06100c30ca mail_crypt is not enabled by default 2017-04-10 13:15:48 +02:00
andryyy c460636a70 mail_crypt is not enabled by default 2017-04-10 13:09:33 +02:00
andryyy 7f8d6556b8 imapsync: added option to delete from source after transfer 2017-04-10 13:07:45 +02:00
andryyy b0d8b1344a Remove obsolete parameters, use imapsieve instead of deprecated antispam module, use mail_crypt per default 2017-04-05 22:22:43 +02:00
andryyy 96c1a7c225 Open 10026 for Zeyple 2017-04-05 22:21:20 +02:00
andryyy 34bc242554 Add Zeyple filter 2017-04-05 22:19:01 +02:00
andryyy 8b7e3c718d API format changes 2017-03-28 11:51:31 +02:00
andryyy 60fa9ab9dd Fall back to dkim.conf 2017-03-26 11:08:07 +02:00
andryyy 16d90b86d5 Use Redis history in Rspamd 2017-03-21 23:50:00 +01:00
andryyy f384759282 Add all defaults to ratelimit module config in Rspamd 2017-03-21 11:20:04 +01:00
André Peters 4f72ed4509 Merge branch 'dev' into footable 2017-03-21 10:06:46 +01:00
André P 8d1784a1c4 Reset ratelimit 2017-03-21 10:05:26 +01:00
André P d8cf921e35 Add ignore 2017-03-21 10:04:26 +01:00
root 892f2197cb Add footable 2017-03-21 10:02:23 +01:00
root 51230f780f Local 2017-03-21 08:11:06 +01:00
andryyy 7e6fc8568f Move DKIM signing to new dkim_signing.conf 2017-03-19 21:55:03 +01:00
andryyy 2fcbce4f2e Fix: return true 2017-03-17 19:23:25 +01:00
andryyy 509a804acd Deprecated lua function replaced, better tag handling when spam 2017-03-16 13:42:56 +01:00
andryyy 9f4a5b1834 Fix symbol check 2017-03-12 17:25:30 +01:00
andryyy 09850a76e5 Use Rspamds new tag symbol 2017-03-12 14:38:20 +01:00
andryyy 7a2427bf9b Add Junk-E-Mail as special use junk 2017-03-10 15:34:23 +01:00
andryyy 4c8288f85e Use tag settings for alias addresses 2017-03-09 17:06:58 +01:00
andryyy 276e370989 Rspamd tag check for non-spam only (post-filter), remove sql files from repository" 2017-03-08 17:58:00 +01:00
andryyy 2d086424fa Fix settings for aliases, alias domains 2017-03-04 14:05:06 +01:00
andryyy 285e295d91 Fix for settings 2017-03-04 00:27:57 +01:00
andryyy 8c2416b711 Never return empty map 2017-03-04 00:23:38 +01:00
andryyy 211e4158a2 Always return settings 2017-03-04 00:19:10 +01:00
andryyy cad084598d Remove old files, fix tagging 2017-03-03 19:01:33 +01:00
andryyy 579b5483ab Do not return empty map 2017-03-03 17:31:50 +01:00
andryyy 92b5a8e6dd Change map variable 2017-03-03 15:39:12 +01:00
andryyy 279210a524 Tab size 2017-03-03 04:48:28 +01:00
andryyy c21623b482 Important fix for Rspamd score settings, LUA tag handling changes 2017-03-03 04:44:51 +01:00
andryyy 8175a0387f Change wording 2017-03-02 09:12:43 +01:00
andryyy 41d771e780 Aliases do not match alias domains 2017-03-01 17:59:46 +01:00
andryyy 50eb49ab71 Better autodiscover/autoconfig config in Nginx, add new ignores 2017-02-28 14:27:19 +01:00
andryyy 6d7c3423ba Change Nginx templates 2017-02-28 10:12:18 +01:00
andryyy 2fea636a01 Add Nginx HTTP listener 2017-02-28 10:02:02 +01:00
andryyy 4db74f6734 Fix bind9 config 2017-02-23 16:23:16 +01:00
andryyy 1c12799091 Add bind9 and replace pdns 2017-02-23 16:06:28 +01:00
andryyy 26906caa07 Pass IP even if behind (second) reverse proxy, add new SOGo resource path 2017-02-23 16:05:42 +01:00
andryyy f13df1ec46 Add mraptor to rspamd 2017-02-18 20:29:15 +01:00
andryyy f6241619df Reset first 2017-02-16 20:20:27 +01:00
carazzim0 d295435cad use ip address instead of alias name 2017-02-16 19:55:07 +01:00
andryyy 4e311d7738 Read mime to field when env has no tag 2017-02-14 21:55:58 +01:00
andryyy 15bffcd447 Display keys inline, also read domain aliases for tagging option 2017-02-14 21:54:09 +01:00
André Peters a6c6e34fe9 Update mysql_virtual_sender_acl.cf 2017-02-12 19:28:52 +01:00
andryyy c73cc42a95 Handle alias domains the same way as their parents in sender_acl, thanks to @tehXor 2017-02-11 20:54:14 +01:00
andryyy 8883960d5a Add mime types and full path to fcgi params 2017-02-08 19:11:25 +01:00
andryyy 7c3a8a5819 Use IPs to not emerg Nginx when host does not exist 2017-02-02 10:09:44 +01:00
andryyy 5e39bcf5e4 Fix settings 2017-01-29 13:56:24 +01:00
andryyy 6e196eeb6e Remove kind where field 2017-01-29 12:33:36 +01:00
andryyy 13a8e6bf28 Exclude resources 2017-01-28 09:53:12 +01:00
andryyy 0630c882ee When TLS is enforced for incoming mails, allow mynetworks and sasl authenticated users 2017-01-25 19:04:31 +01:00
andryyy a294cd04e5 Add charset 2017-01-25 19:04:01 +01:00
andryyy 54de192334 Add mydestination to prevent hostname == domain situations 2017-01-23 08:23:59 +01:00
andryyy 3ece7cc7fd Get SOGo web resources from SOGo httpd, enable caching 2017-01-21 11:46:56 +01:00
andryyy 30c4396c31 Change var names 2017-01-18 21:33:11 +01:00
andryyy 683e24c7f6 Still needs rework... but is ok right now 2017-01-18 21:26:49 +01:00
andryyy 308c2f7e03 Fix EAS for SOGo 2017-01-15 17:37:25 +01:00
andryyy 89b5d9bde6 Easier container names, allow to set HTTPS port, Typo fix 2017-01-12 21:40:42 +01:00
andryyy 33a0357634 Log to mail.log, add postlogin script to give master user full permissions 2017-01-12 20:15:05 +01:00
andryyy 86a8dc195e Change ciphers 2017-01-09 20:22:44 +01:00
andryyy 621235d8da Lowercase tag name "eXaMpLe" to "example" if folder "eXaMpLe" does not exist, else move to folder "eXaMpLe" 2017-01-09 12:37:39 +01:00
andryyy be7693a8e1 Sieve tag handling changes 2017-01-09 11:39:27 +01:00
andryyy 49a98a30b5 Add ability to set tag handling, add domain map 2017-01-09 11:05:33 +01:00
andryyy ebfc45df9f Set huge timeout in PHP for SOGo childs to stop 2017-01-03 11:47:09 +01:00
andryyy 4adcb287bb Fix rspamd dynamic map 2016-12-29 21:12:19 +01:00
andryyy d486a9bb70 Fix Dav discovery on iOS, thanks Brad! 2016-12-27 20:28:30 +01:00
andryyy b514ffb368 Remove creds file 2016-12-23 11:04:48 +01:00
andryyy 5d0081a0ec Base all on xenial to save some space loading chunks, clean-up images 2016-12-23 10:27:48 +01:00
andryyy b0db732e87 Needs lowercase master user with SHA1 2016-12-23 07:07:50 +01:00
andryyy 184a35da24 Format 2016-12-22 12:20:26 +01:00
andryyy b6c95e2bd6 Add local networks 2016-12-22 12:20:17 +01:00
andryyy 2783510bef DKIM sign auto-responder messages by using mime from field 2016-12-21 20:55:38 +01:00
andryyy 49e09d3ca0 Add autodiscover and autoconfig 2016-12-21 12:16:05 +01:00
andryyy 036d547415 Fix forwarding in sieve 2016-12-21 09:50:54 +01:00
andryyy ed9d64bab4 Add random created master at each startup to handle SOGo features 2016-12-21 08:25:11 +01:00
andryyy 85b243a15b SOGo multi-domain setup 2016-12-20 15:24:33 +01:00
andryyy 7a2abe6ada Add default sieve_after handler 2016-12-19 15:20:30 +01:00
andryyy 98e803e6ef Back to utf8mb4... 2016-12-19 12:24:31 +01:00
andryyy 31911c7ed8 Remove unused table, rename table 2016-12-18 22:25:02 +01:00
andryyy 7b18f7881a Remove unused table, rename table 2016-12-18 22:24:48 +01:00
andryyy a47625a34a Remove unused table, rename table 2016-12-18 22:24:22 +01:00
andryyy 608820a728 Use UTF8, MySQL 5.7 is the only docker image to use innodb default row format, but is broken and segfaults on many machines 2016-12-18 15:50:57 +01:00
andryyy 861fc190ca Use UTF8, MySQL 5.7 is the only docker image to use innodb default row format, but is broken and segfaults on many machines 2016-12-18 15:50:13 +01:00
andryyy fa2da040ea Remove debugging 2016-12-18 13:43:11 +01:00
andryyy 380fe11f7f Waiting for bug fix from SOGo for alarms folder 2016-12-18 12:50:45 +01:00
andryyy 73ae15790a Set sql mode and timezone 2016-12-18 12:41:45 +01:00
andryyy 04830141e4 Be more quiet 2016-12-18 12:41:29 +01:00
andryyy defe57d24d Changes 2016-12-18 00:24:05 +01:00
andryyy 220ea526f7 Thanks to https://gist.github.com/croessner/64ae8150b3fa3636ec002b812c4ab2ff 2016-12-16 12:23:04 +01:00
andryyy 8559de7ae6 Fix rspamd settings and dynamic configuration 2016-12-16 08:15:20 +01:00
andryyy 5afda018ce Log some infos, sign using dkim separator 2016-12-15 10:04:56 +01:00
andryyy 1aa5280fc2 Use memcached and changed title 2016-12-15 10:04:32 +01:00
andryyy 774320d5e8 Use env vars for PHP app 2016-12-14 21:10:11 +01:00
andryyy 9e8a003508 Remove old file 2016-12-14 15:56:30 +01:00
andryyy 5d410c1a39 Change SOGo Dockerfile 2016-12-14 09:25:54 +01:00
andryyy 61da76db4e Enable DNSSEC for resolver in rspamd 2016-12-13 13:55:57 +01:00
andryyy b93c4e4102 Fix dovecot antispam plugin parameters 2016-12-13 13:38:31 +01:00
andryyy 855efcf542 Random 2016-12-13 12:32:16 +01:00
andryyy 7e25826d4e Antispam plugin for Dovecot + rspamd pipe script 2016-12-13 12:26:10 +01:00
andryyy 5e883b6f51 Some last changes 2016-12-12 21:53:58 +01:00
andryyy bbd17a7e91 Remove vars from main.cf 2016-12-12 09:25:37 +01:00
andryyy 47a5166383 Add pdns resolver, changed some other files 2016-12-11 18:58:29 +01:00
andryyy e3f0058f4f Changes... 2016-12-11 14:13:17 +01:00
andryyy 42a64b45d7 Fixes, working rspamd settings, generate DKIM keys in PHP 2016-12-10 21:49:41 +01:00
andryyy 7d6c5ff071 First commit for rspamd settings 2016-12-10 00:39:27 +01:00
andryyy e9b97e98ec Some changes 2016-12-09 21:10:11 +01:00
andryyy 5f04dc0b04 mailcow dockerized 2016-12-09 20:39:02 +01:00