andryyy
e84dec3b56
[SOGo] Revert self-built SOGo
2018-12-21 19:54:32 +01:00
andryyy
ad90496169
[SOGo] Add logo to config dir
...
[Web] Add missing lang strings for transport maps
2018-12-20 19:02:47 +01:00
andryyy
bcd6e43665
[Postfix] Remove verbose flag from smtp service
2018-12-19 12:16:36 +01:00
andryyy
cd72a4e18b
[Postfix] Split SASL passwd maps
...
[Postfix] create new smtp service to skip sender-dependent SASL map
[Postfix] Hard-bounce on SASL errors
2018-12-19 09:40:08 +01:00
andryyy
534e83a218
[Nginx] New WebServerResources path
2018-12-19 09:37:07 +01:00
andryyy
ed763cd668
[Rspamd] Use meta exporter to pipe meta data of ratelimited msg to Redis
2018-12-15 21:23:42 +01:00
andryyy
e7427eddf3
[Rspamd] Updated values of default ratelimit settings, add info_symbol
2018-12-15 21:22:59 +01:00
andryyy
497b6a39de
[Postfix] Add missing regexp map, fixes #2083
2018-12-11 17:16:53 +01:00
Markus Heberling
4755bb323b
Allow setting ACL_ANYONE in the configuration
2018-12-11 11:32:36 +01:00
andryyy
9b1f51ae3f
[Git] Add allow_mailcow_local.regexp and dovecot-master.userdb
2018-12-10 23:26:28 +01:00
andryyy
9b720bb07a
[Dovecot] Add master user to userdb (to be used in SOGo)
2018-12-10 23:25:37 +01:00
andryyy
fa3525e2dd
[SOGo] Enable EMailAlarms
2018-12-10 23:24:49 +01:00
andryyy
3a39937baf
[Rspamd] Do not apply SOGO_CONTACT for SPF fails and when sending from whitelisted host
2018-12-10 13:26:18 +01:00
andryyy
e43c696204
[Rspamd] Remove SOGO_CONTACT for header from
2018-12-10 13:25:38 +01:00
andryyy
c2d413bff4
[MySQL] Remove deprecated values for future use of MariaDB 10.3
2018-12-10 13:23:02 +01:00
andryyy
fe95852f45
[Dovecot] Increate proc limit and default client limit
2018-12-06 16:47:41 +01:00
andryyy
968f6f4157
[Rspamd] use boolean for one_shot, fixes #2066
2018-12-04 08:31:56 +01:00
andryyy
e02c51b1d1
[Rspamd] Fix examples for global white/blacklist
2018-11-29 21:51:09 +01:00
root
d445d7d2e7
[Web] Allow actions in quarantine modal, fixes #1991
...
[Web] Fixes for Source Sans Pro font
[Rspamd] Add global rcpt blacklist and whitelist
[Compose] New Rspamd image
2018-11-27 10:20:42 +01:00
andryyy
113c6fe018
Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized
2018-11-26 10:41:44 +01:00
andryyy
f76c3ee7f3
[Dovecot] Unsupported examples for IMAP auth via LDAP
...
[Rspamd] Globel whitelist/blacklist from via multimap
2018-11-26 09:06:51 +01:00
André Peters
a13c2c9359
Merge pull request #1949 from patschi/patch-1
...
[Postfix] Security: Prefer server-side ciphers
2018-11-22 12:59:06 +01:00
Max
822175f20a
Outlook-Folder-Alias
2018-11-14 22:18:02 +01:00
andryyy
224a5ebd9a
[Dovecot] Enable mail_log (events: delete undelete expunge copy mailbox_delete mailbox_rename)
...
[Dovecot] Increase vsz_limit for some services to 1 G
[Dovecot] Enable auth_cache
2018-11-12 21:00:39 +01:00
andryyy
1d9f820b02
[SOGo] Include custom-sogo.js to dynamically add JS to SOGo, increase textarea font of CKeditor by default
2018-11-12 09:59:49 +01:00
andryyy
869e01a9a7
[Rspamd] Add fuzzy hash to msg
2018-11-12 09:57:25 +01:00
andryyy
4f7f493490
[Rspamd] Add SOGo contacts to whitelist
2018-11-12 09:56:54 +01:00
andryyy
e6625501e7
[Nginx] Remove Strict-Transport-Security for subdomains (prevented autoconfig from working without TLS)
2018-11-12 09:53:18 +01:00
andryyy
159c36b531
[Dovecot] Create crypted mail_attachment_fs to store attachments with a min size of 128k
...
[Dovecot] Shared location to "auto:" to auto-detect legacy mailbox formats across shared mailboxes
[Dovecot] Create config service for crypted mail_attachment_fs
2018-11-12 09:52:12 +01:00
Michael Kuron
4ee546c04a
Reduce rspamd DNS timeout
...
Fixes #1957
2018-10-29 19:55:24 +01:00
andryyy
f92b20c9ad
[Rspamd] Change log level to silent (see docs)
2018-10-27 13:55:55 +02:00
andryyy
af5ce48e8d
[ClamAV] Remove AllowSupplementaryGroups from freshclam.conf (deprecated)
2018-10-27 13:24:14 +02:00
andryyy
bf71f9b600
[Postfix] Add tls_preempt_cipherlist to SMTPS
2018-10-27 13:22:29 +02:00
andryyy
42fe16250b
[Rspamd] Adjust default values for (perm) failures of DKIM and SPF
2018-10-26 20:04:41 +02:00
Patrik Kernstock
1dc9d3fa27
[Postfix] Security: Prefer server-side ciphers
...
Prefer server-side ciphers to prevent client-side cipher downgrade. Already enabled in Dovecot.
2018-10-25 23:37:25 +02:00
andryyy
5f02c6006c
[Postfix] Do not remove user agent
2018-10-23 23:22:43 +02:00
André
93e0206db4
[Update] Remove mailcow_anonymize_headers.pcre checks
...
[Postfix] Rename mailcow_anonymize_headers.pcre > anonymize_headers.pcre to prevent collisions
2018-10-23 22:57:38 +02:00
André
66d8f33aac
[Postfix] Move "should not"-sign headers out of Postcow check to always remove them, fixes #1911
2018-10-23 21:55:55 +02:00
André Peters
68f2a1c5fc
[Rspamd] Properly close additional Rspamd maps
2018-10-19 11:12:58 +02:00
André
73b48fc13e
[Rspamd] Remove deprecated attachments_only in AV module
...
[Rspamd] Remove old symbol score
2018-10-16 22:59:25 +02:00
André
51dd88abeb
[Unbound] Reduce negative max ttl to 60s and min-ttl for all other keys to 5
2018-10-16 20:14:14 +02:00
André
8958449e76
[Postfix] Remove headers only when mail_name matches
2018-10-16 20:11:21 +02:00
André
d99b8aaf69
[Postfix] Change mail_name to Postcow and only replace headers when mail_name matches
2018-10-16 10:26:41 +02:00
Tobias "Knight" S
41c8a8bb46
disabling more functions inside php-fpm
2018-10-15 22:52:30 +02:00
André Peters
83a5eda762
Merge pull request #1434 from apoc4lyps/master
...
hardening http headers
2018-10-15 22:48:50 +02:00
André
abd0a1b337
[PHP-FPM] Disable some functions by default
2018-10-15 20:52:39 +02:00
André
a844adde0f
[Postfix] Add mailcow_anonymize_headers to default config
2018-10-15 20:52:06 +02:00
André
c80fe40669
[Unbound] Do not allow from all (dangerous for setups with incorrect netfilter setups)
2018-10-12 11:35:45 +02:00
André
1fce562434
[Dovecot] Set imap_max_line_length = 2 M
2018-10-12 10:56:40 +02:00
André
3db6af5c90
[Unbound] Trust all addresses - do not expose Unbound!
2018-10-12 10:56:17 +02:00
André
32f7ae1d2e
[Rspamd] Prefix quarantine error_log messages with "QUARANTINE"
...
[Rspamd] Fix quarantine max size check (it was ignored)
2018-10-11 11:55:52 +02:00
André
c0b590fff6
[PHP-FPM] Move max_execution_time and max_input_time to general PHP config, removed as fixed php_admin_value
2018-10-11 11:54:38 +02:00
André
c08149adef
[SOGo] EAS changes, larger timeout
2018-10-05 11:12:55 +02:00
André
f6b2a6aab2
[Postfix] Enable/create smtp_tls_policy_maps
2018-10-04 14:34:34 +02:00
André
2f18eb5ad0
[Nginx] Avoid php extensions, use rewrite
2018-10-04 14:34:00 +02:00
André
b2067cb521
[SOGo] SOGoMaximumSyncWindowSize = 99
2018-10-04 14:33:32 +02:00
André
b8ebdc3c58
[Postfix] Increase default message size limit to 100 MiB
2018-10-01 22:06:20 +02:00
André
a054182246
[Rspamd] Add desc to high spam networks
2018-09-30 18:56:35 +02:00
André
cdca603ff5
[Unbound] Fix logging, fixes #585
...
[Rspamd] Fix permissions of controller password file
[Unbound] Enable unbound-control
2018-09-30 14:43:18 +02:00
André
b008211f52
[Rspamd] Controller password placeholder
2018-09-30 09:55:50 +02:00
André
8439daea7e
[Rspamd] Revert adding worker-controller-password...
2018-09-30 09:54:19 +02:00
André
4396be2938
[Rspamd] Place socket in _rspamd home and fix permissions
...
[Compose] Remove volume for Rspamd socket
[Web] Do not exit loop on fuzzy errors when learning a message as spam
2018-09-30 09:53:25 +02:00
André
73b10350d0
[Rspamd] Ignore sa-rules-heinlein file, remove from index
2018-09-29 22:03:48 +02:00
André
0fb43f4916
[Docker API] Use TLS encryption for communication with "on-the-fly" created key paris (non-exposed)
...
[Docker API] Create pipe to pass Rspamd UI worker password
[Dovecot] Pull Spamassassin ruleset to be read by Rspamd (MANY THANKS to Peer Heinlein!)
[Dovecot] Garbage collector for deleted maildirs (set keep time via MAILDIR_GC_TIME which defaults to 1440 minutes)
[Web] Flush memcached after mailbox item changes, fixes #1808
[Web] Fix duplicate IDs, fixes #1792
[Compose] Use SQL sockets
[PHP-FPM] Update APCu and Redis libs
[Dovecot] Encrypt maildir with global key pair in crypt-vol-1 (BACKUP!), also fixes #1791
[Web] Fix deletion of spam aliases
[Helper] Add "crypt" to backup script
[Helper] Override file for external SQL socket (not supported!)
[Compose] New images for Rspamd, PHP-FPM, SOGo, Dovecot, Docker API, Watchdog, ACME, Postfix
2018-09-29 22:01:23 +02:00
André
c7cef3241f
[Rspamd] Controller worker count == 1, fixes #1716
2018-09-12 20:32:59 +02:00
André
1b5409f3fa
[Rspamd] Check if ip is valid (KEEP_SPAM symbol), fixes #1759
2018-09-12 15:50:42 +02:00
André
1499094b61
[PHP-FPM] Increase PHP memory limit for "web" to 512M
...
[Helper] Nextcloud 14
[Rspamd] Fix KEEP_SPAM lua script: skip check if ip is false
2018-09-11 19:35:21 +02:00
André
ea4a26eabf
[Nginx] Use SOGo web resources from local mount
2018-09-09 09:51:37 +02:00
André
afc18fd469
[Rspamd] Update bad asn, move KEEP_SPAM to a custom lua function
2018-09-09 09:47:47 +02:00
André
e5b830adea
[Dovecot] Fix shared namespace
2018-08-31 23:33:55 +02:00
André
6cee038a63
[Dovecot] IMPORTANT: Disables 'any' and 'all authenticated' ACL settings! See wiki how to revert this, if you need it.
2018-08-17 21:44:17 +02:00
André
d5e81b987b
[Dovecot] Set from address for sieve generated addresses, fixes #1662
2018-08-13 08:31:09 +02:00
André
02e567f76b
[Dovecot] Set CONTROL path for shared namespace and remove index
2018-08-08 23:59:38 +02:00
apoc4lyps
cf56be1843
set Referrer-Policy to strict-origin
2018-08-06 09:24:34 +02:00
André
d83537cda0
[ClamAV] Add whitelist template for ClamAV
2018-08-05 22:38:06 +02:00
André
66d1bc12c0
[Nginx] Set client_max_body_size = 0
2018-08-05 22:37:07 +02:00
André
b007975a04
[Rspamd] Rename -disable_monitored > disable_monitoring
2018-08-03 11:56:39 +02:00
André
59c4cc054e
[Rspamd] Deactivate neural but use a more aggressive learning method (no autolearn)
2018-07-29 23:03:49 +02:00
André
d8f86ae488
[Rspamd] Add local fuzzy worker
2018-07-29 00:34:36 +02:00
André
f1b096b36e
[Dovecot] Increase process_limit to 500, thanks to @mritzmann
2018-07-25 21:04:24 +02:00
André
e2ed2eab53
[Rspamd] Remove per_user settings as they were pretty much useless, some minor changes to bayes"
2018-07-25 01:06:12 +02:00
André
7de2607594
[Dovecot] Enable vacation-seconds with a default min period of 5s and a default period of 60s
2018-07-23 19:59:23 +02:00
André
a83adc4d31
[Rspamd] Remove unused user_keywords and dynamic_rates from ratelimit module
2018-07-15 12:02:37 +02:00
André
882ee5fee6
[Rspamd] Re-use fixed new ratelimit
2018-07-15 12:01:28 +02:00
André
353af8e3a4
[Rspamd] Set start and end to rcpt matching regex
2018-07-12 23:18:49 +02:00
André
587f37a300
[Dovecot] Remove additional hash scheme and let Dovecot decide the hash by prefix
2018-07-12 00:46:31 +02:00
André
2aef18d130
[Dovecot] Remove user queries from passdb + add a second passdb for additional algorithms + create userdb without password queries
2018-07-12 00:23:12 +02:00
André
1b47ae55f1
[SOGo] Set SOGoPasswordChangeEnabled = YES - allow user to change password in SOGo
2018-07-11 22:11:09 +02:00
André
fa0b351da6
[Postfix] smtpd_tls_eecdh_grade = auto
2018-07-11 22:10:32 +02:00
André
37fbce855e
[Rspamd] Remove autolearn from Rspamd
2018-07-03 23:24:11 +02:00
André
d6a74e82e3
[ACME] Fix for CNAME response on AAAA dig request
2018-06-28 20:41:44 +02:00
André
9dc250c9f2
[Rspamd] Important fix for settings map
2018-06-28 11:48:23 +02:00
André Peters
bca8920679
Revert "[Postfix] Default SMTP server security grade for EECDH key exchange"
2018-06-27 23:28:54 +02:00
elcore
c386dfc11d
[Postfix] Default SMTP server security grade for EECDH key exchange
2018-06-27 03:39:54 +02:00
André
5905a3919c
[Dovecot] Minor changes to ciphers, still disallow insecure ciphers
2018-06-26 07:50:17 +02:00
André
a5d40a4ab6
[Postfix] Re-enable TLS 1, 1.1 and some ciphers - real-world tests have shown this setup uses TOO MANY plain text sessions due to compatibility issues
2018-06-25 22:31:23 +02:00
André
b8973648ff
[Rspamd] Disable default authenticated user ratelimit
2018-06-24 11:40:31 +02:00
André
8bb24a9866
[Rspamd] Load additional settings defined in web ui
2018-06-23 23:48:06 +02:00
André
aa6a136c1f
[Dockerapi, Dovecot] Fix missing active user filter
2018-06-20 07:25:10 +02:00
André
e79429beef
[PHP-FPM, Nginx] Move some PHP parameters from Nginx to FPM configuration file
2018-06-10 14:31:24 +02:00
André
27d3388579
[Rspamd] Remove antivirus debugging
2018-06-10 14:30:30 +02:00
André
f15f30d53e
[Dovecot] Re-enable lz4 until 2.3.2 to verify replication fix
2018-06-08 09:09:31 +02:00
André
0a44ea1a4c
[Dovecot] Lz4 compression sometimes leads to strange EOF errors when replicating
...
[Web] Cleanup JSON API
2018-06-05 00:31:27 +02:00
André
777e469958
[ClamAV] Remove deprecated AllowSupplementaryGroups
2018-05-30 20:28:23 +02:00
André
1b35376252
[Rspamd] Remove score for CTYPE_MIXED_BOGUS and ARC_REJECT, increase DNS timeout
2018-05-30 18:40:43 +02:00
apoc4lyps
918343865e
hardening http headers
2018-05-28 12:28:23 +02:00
Michael Kuron
ea84004410
[rspamd] fix redis multimaps in version 1.7.5
...
The key's value was being used as symbol name instead of the symbol name defined in the config file
2018-05-25 18:58:37 +02:00
André
1f7a5d586c
[Rspamd] Remove IP, fixes #1400
2018-05-19 00:14:30 +02:00
André
8ff4eb8076
[Rspamd] Slight changes to neural plugin
2018-05-18 21:39:25 +02:00
André
7a5d3af80b
[Rspamd] Slight changes to neural
2018-05-17 11:15:46 +02:00
André
5e2d19ac62
[Rspamd] Add neural module and define its scores
2018-05-16 21:26:05 +02:00
André
d167ade957
[Rspamd] Remove explict redis servers from statistic, add a name
2018-05-16 21:25:55 +02:00
André
a8d9b4359e
[Dovecot] Set vszlimits for some services to prevent oom situations, fixes #1203
2018-05-12 08:52:03 +02:00
André
7f72e44dac
[Rspamd] Move symbols to corresponding groups
2018-05-11 10:40:26 +02:00
André
527e790620
[Web] Store session data in Redis
2018-05-08 12:55:19 +02:00
André
4c31adaa82
[Rspamd] Ratelimit: fix attempt to index a nil value when no authenticated user is found in a message
2018-05-01 22:44:03 +02:00
André
30cea1da9a
[SOGo] Increase workers count to 20
...
[Postfix] Add extended TLS header
[Web] Increase timeout to 10 for docker API connections
[Postfix] Add perl package
2018-04-26 14:08:45 +02:00
André
ef6644df34
[PHP-FPM] Delete old pool files
...
[Nginx] Remove dev code
2018-04-26 13:57:23 +02:00
André
7181ee4658
[Rspamd] Apply ratelimit against authenticated user instead of envelope from
...
[PHP-FPM] Create PHP-FPM listeners 9001 (system) and 9002 (web), drop 9000
[Rspamd] Parse quarantine messages as utf8
[Rspamd] Use new schema for Rspamd bayes hashes and expire them in Redis
[SOGo] Change default logo
[SOGo] Use different keyserver by default in Dockerfile
[Rspamd] Add bad ASN list (disabled by default)
[Watchdog] Change the way we check PHP-FPM, change SOGo check
[Nginx] Change ports according to new PHP-FPM listeners
[Update] Fix PHP-FPM ports for existing non-mailcow Nginx sites
2018-04-26 13:56:07 +02:00
André
f53006f6ab
[Dovecot] Dovecot 2.3.1, Pigeonhole 0.5.1
...
[ClamAV] 0.100.0, new log method without pipes
[Compose] New images for Dovecot and ClamAV, add persistent tty to clamd-mailcow
2018-04-26 12:36:13 +02:00
Michael Kuron
ea3502f2a1
rspamd: Fix NO_LOG_STAT for everycloud monitoring
2018-04-02 19:26:15 +02:00
André Peters
8a7664f7d5
[Nginx] Add larger map bucket size, fixes 1112
2018-03-01 07:28:06 +01:00
André Peters
b255ecd62b
[Dovecot] Add, but disable auth_debug
2018-02-27 20:54:46 +01:00
André Peters
6b066c2891
Merge pull request #1090 from extremeshok/patch-5
...
Enable maildir compression
2018-02-26 18:54:04 +01:00
André Peters
410cbf55b6
Update dovecot.conf
2018-02-26 18:53:56 +01:00
André Peters
bbbe52f560
[SOGo] Add blue (default) and red theme
2018-02-22 09:20:46 +01:00
André Peters
f3896195d4
Update worker-controller-password.inc
2018-02-22 09:19:01 +01:00
André Peters
eb4dd632ae
[Web] Fix autodiscover triggering fail2ban implementation, fixes #1069
2018-02-22 09:16:16 +01:00
André Peters
da48bd721f
Merge pull request #1056 from klausenbusk/nginx-deduplicate
...
[Nginx] Reduce config duplication
2018-02-19 13:12:46 +01:00
André Peters
ff3328ea8c
[SOGo] Use indigo theme, copy logo and theme.js to image
2018-02-19 12:56:45 +01:00
Kristian Klausen
63002cbb74
[Nginx] Reduce config duplication
...
It does not make sense having a seperate server block for both http
and https.
According to the nginx doc [1], using the same server block for both
should work.
[1] http://nginx.org/en/docs/http/configuring_https_servers.html#single_http_https_server
2018-02-15 21:23:07 +01:00
eXtremeSHOK
1e40472017
Enable maildir compression
...
Currently the plugin is loaded, but actual compression is not enabled.
https://wiki.dovecot.org/Plugins/Zlib
2018-02-14 14:38:06 +02:00
André Peters
0bfd0838c2
[SOGo] Increase workers again
2018-02-14 11:26:55 +01:00
André Peters
e186e350ef
[Nginx] Fixes #1033
2018-02-14 09:09:17 +01:00
André Peters
993c998716
Merge pull request #995 from Alireza2n/master
...
SOGO & Rspamd interface: adding "expire" header to static files, allowing browser to be able to cache them
2018-02-14 07:50:22 +01:00
André Peters
943598f705
[Nginx] Fix EAS...
2018-02-13 09:12:54 +01:00
André Peters
fb92619aac
[Nginx] Fix EAS...
2018-02-13 09:12:21 +01:00
André Peters
458dfc8418
[Nginx] Remove unused file
2018-02-13 09:11:13 +01:00
André Peters
406e7ebd07
[Nginx] Fix EAS
2018-02-13 09:10:41 +01:00
André Peters
21e8edae43
[Nginx] Fix EAS
2018-02-13 09:09:41 +01:00
André Peters
63f7e5930d
[Nginx] Fix EAS
2018-02-13 09:07:44 +01:00
André Peters
e85cd38945
[SOGo] SOGo refuses to bind to IPv6, so force IPv4 in proxy_pass, fixes #1006
2018-02-12 21:34:59 +01:00
André Peters
74c804b9a3
[SOGo] SOGo refuses to bind to IPv6, so force IPv4 in proxy_pass, fixes #1006
2018-02-12 21:32:49 +01:00
André Peters
5030ce7547
[Web] More and more fixes for #1017
2018-02-11 15:59:35 +01:00
André Peters
07a05b9363
[Rspamd] Enable more modules
2018-02-09 10:32:42 +01:00
André Peters
e5031accbb
[Nginx] Remove auto-redirect to not break rp
2018-02-09 09:59:35 +01:00
André Peters
3a1e7b4ee1
[Nginx] Pass args when redirecting to https
2018-02-09 09:11:59 +01:00
André Peters
557fa4385c
[Rspamd] Also listen on socket for internal communication
2018-02-08 22:55:34 +01:00
André Peters
a50036477e
[Web] Mind was set to french, reverting to english
2018-02-08 20:13:36 +01:00
andre.peters
e8fe5282b2
[Dovecot] Inconsistent view fix
2018-02-05 21:55:37 +01:00
andre.peters
dda2768f10
[Dovecot] Enable IMAP metadata
2018-02-05 21:42:23 +01:00
Alireza
781a5eb69a
Added expires directive and map to nginx, allowing browser to cache SOGO JS,CSS,WOFF files.
2018-02-02 18:38:18 +03:30
Alireza
1b898b1c7b
Added expires directive and map to nginx, allowing browser to cache rspamd JS,CSS and image files.
2018-02-02 17:46:49 +03:30
Alireza
64fbc73582
Added expires directive and map to nginx, allowing browser to cache rspamd JS,CSS and image files.
2018-02-02 17:42:19 +03:30
andre.peters
d6cbe5b10a
[Unbound] Fix IPv6 subnet
2018-02-01 13:37:50 +01:00
andre.peters
36cb6d288d
[Rspamd] Fix IPv6 subnet
2018-02-01 13:36:24 +01:00
andre.peters
70ac65d794
[Nginx] Fix IPv6 subnet, only rewrite to HTTPS when request is not internal
2018-02-01 13:36:01 +01:00
andre.peters
03ad0f22c4
[PHP-FPM] Add bind for upload.ini
2018-01-30 09:00:34 +01:00
André Peters
4405cb3e74
Merge pull request #953 from mkuron/recipient_map
...
Expose Postfix's recipient_canonical_maps through web UI
2018-01-28 11:09:22 +01:00
andre.peters
1f08e9a7b7
[Postfix] Fixes #967 (assign correct local network range for mynetworks)
2018-01-27 18:13:35 +01:00
Michael Kuron
c30448c4d8
Merge branch 'master' of https://github.com/andryyy/mailcow-dockerized into recipient_map
...
Conflicts:
data/web/inc/init_db.inc.php
2018-01-27 17:22:08 +01:00
andre.peters
f0bc580ceb
[PHP-FPM] Fix port...
2018-01-27 12:09:25 +01:00
andre.peters
c33ec7e989
[PHP-FPM] Fix duplicate listen
2018-01-27 10:33:50 +01:00
andre.peters
c7729f195b
[Rspamd] Fixes #960
2018-01-26 18:56:19 +01:00
andre.peters
7149350973
[Rspamd] Allow internal IPv6 networks
2018-01-24 08:37:49 +01:00
andre.peters
c9b3044d5d
[Postfix] Allow internal IPv6 networks
2018-01-24 08:37:27 +01:00
andre.peters
7efe67daaf
[ClamAV] Mount ClamAV config files
2018-01-24 08:36:56 +01:00
andre.peters
696b52b5eb
[Unbound] Allow internal networks in access-control
2018-01-24 08:36:37 +01:00
andre.peters
67ddc710a7
[Nginx] Set real IP from internal networks
2018-01-24 08:36:19 +01:00
andre.peters
40a9389295
[SOGo] Reduce workers to 7 by default
2018-01-24 08:30:25 +01:00
Michael Kuron
e86565e283
Expose Postfix's recipient_canonical_maps through web UI
2018-01-23 20:02:31 +01:00
andre.peters
a50f85026a
[PHP-FPM] Mount php configs into container
2018-01-21 15:00:28 +01:00
andre.peters
83a21259f7
[Rspamd] Use names instead of IPs
2018-01-21 15:00:05 +01:00
andre.peters
83fb8c0fd8
[Nginx] Use names instead of IPs
2018-01-21 14:59:45 +01:00
André Peters
5648ec6d39
Merge pull request #915 from tiirex9/master
...
Adds 'do nothing' as default for sub-addressing
2018-01-18 10:27:14 +01:00
andre.peters
003e6ef5cd
[Web] Important fixes for quarantaine; other minor changes
2018-01-17 15:22:11 +01:00
andre.peters
0019502069
[Rspamd] Increase spam scores for SPF failures
2018-01-16 21:02:45 +01:00
andre.peters
c6bcf322ff
[Rspamd] Force-add metadata_exporter
2018-01-16 18:58:29 +01:00
Tii
d58b89528f
rspamd multimap redis stuff doesn't work as expected...
2018-01-16 16:31:37 +01:00
Tii
2291bdbeed
Added 'do nothing' option as default for sub-addressing
2018-01-16 13:13:04 +01:00
Tii
cd2c242540
Added 'do nothing' option as default for sub-addressing
2018-01-16 12:47:59 +01:00
andre.peters
5fd3d986c7
[Rspamd] Fix settings map regex
2018-01-16 12:42:09 +01:00
andre.peters
5d5d36fc60
[Dovecot] Revert to 2.2 to fix various errors
2018-01-14 10:44:06 +01:00
andre.peters
0d8c7e446a
[Dovecot] Update config to fit Dovecot 2.3
2018-01-09 11:28:12 +01:00
andre.peters
868abc15bd
[Rspamd] Fix worker-controller-password placeholder
2018-01-02 18:15:33 +01:00
Amir Zarrinkafsh
65386d4ccf
Included folder mapping for iOS Mail Trash folder.
2017-12-30 13:58:17 +11:00
andre.peters
eb57fce38f
[Dovecot] Possibly fixes #722
2017-12-25 10:25:50 +01:00
andre.peters
ae56c3b59e
Fix quarantaine
2017-12-11 10:44:46 +01:00
andre.peters
d71b6f0ad1
Add placeholder for Rspamd controller password written via UI
2017-12-11 09:41:29 +01:00
andre.peters
873222d5f8
[Rspamd] Remove DKIM forced action, move ratelimit lua, add meta exporter
2017-12-09 09:08:23 +01:00
andre.peters
c8f41cdae2
[Postfix] Listener for quarantaine, remove excluded Docker gw from mynetworks
2017-12-09 09:07:06 +01:00
andre.peters
21a677e024
[MariaDB] Move config to my.cnf, removed from yml
2017-12-09 09:06:04 +01:00
André Peters
b1855587ec
Revert exclude, bad idea
2017-12-05 20:53:45 +01:00
André
3ec3a341e4
[Postfix] Remove gw from mynetworks in case of ipv6 failures
2017-11-21 09:33:43 +01:00
André Peters
4c98cbec27
Exclude 172.22.1.1 from mynetworks
...
In case of v6 nat failures.
2017-11-19 18:44:18 +01:00
André
ade4b9e7ae
[Postfix, Web] Feature: BCC maps
2017-11-19 15:13:43 +01:00
André
c2d9928f8f
[Rspamd] Set task timeout to 12s
2017-11-10 19:58:56 +01:00
André
3873e38919
[SOGo] Use SOGoMaximumSyncResponseSize of 2048
2017-11-06 13:35:48 +01:00
André
586a0b0e05
[Dovecot] Add bindirs to cache compiled scripts, drop some privileges, run one login proc per user
2017-11-05 12:18:52 +01:00
André
b16684ce20
[Rspamd] Slightly reduce map watch interval
2017-11-03 20:26:36 +01:00
André
21e20f3786
[Dovecot] sieve_before/after maps in sql, changed dict names
2017-11-03 20:25:43 +01:00
André
f067a45bcb
[SOGo] Should fix some Android sync issues
2017-11-02 09:51:58 +01:00
André
1e9bc49f2c
[Rspamd] Echo dummy for fowardingshosts map; Use higher map reading interval;
...
[Dockerapi] Exit on sigterm;
[Watchdog] Wait for dockerapi-mailcow to be online
2017-10-27 11:22:39 +02:00
André
083174a9bd
[Rspamd] Do not try to index nil value
2017-10-26 22:25:13 +02:00
André
4156b4cdf8
[Rspamd] Disable spoofed sender check
2017-10-26 10:29:13 +02:00
André
988978b351
[Rspamd] Remove log helper and disable fann redis
2017-10-25 20:55:11 +02:00
André
4fd5b9afba
[SOGo] Fix for some Outlook 2016 EAS problems
2017-10-25 08:57:34 +02:00
André
f7cd7cc123
[Rspamd] Redis history is enabled by default
2017-10-21 10:09:53 +02:00
Michael Kuron
a4ccd780c6
rspamd: disable greylisting for forwarding hosts
2017-10-14 16:40:44 +02:00
André
a3e966696f
[Nginx] Revert to site splitting
2017-10-12 08:37:48 +02:00
andryyy
c5054ae7ed
[Watchdog] Ignore null name in jq
...
[Nginx] Merge sites
[Scripts] Nextcloud helper script (testing!)
2017-10-11 22:56:22 +02:00
andryyy
57484e4a45
[Postfix] Log all watchdog activities to local7 facility
2017-10-11 11:21:41 +02:00
andryyy
874aac3c5e
[Nginx, PHP-FPM] Do not expose PHP version, example for nextcloud site, include custom locations to site (add site.something.custom to data/conf/nginx)
2017-10-08 22:57:34 +02:00
andryyy
fc18d153cd
[Compose, DockerAPI, Web, Watchdog] Watchdog may send notification mails (todo: docs), DockerAPI via Flesk for limited access
2017-10-05 23:38:33 +02:00
andryyy
073c6c6e73
[Postfix/Rspamd] Do not reject unauthenticated sender mismatches but rewrite their subject and assign symbol SPOOFED_SENDER with score 1.0
2017-10-04 23:16:39 +02:00
André Peters
d8636113dd
Merge pull request #636 from mkuron/outlook
...
Preliminary support for Outlook 2016’s autodiscover.json
2017-10-03 21:23:59 +03:00
Michael Kuron
c731a18f66
Preliminary support for Outlook 2016’s autodiscover.json
2017-09-26 22:11:01 +02:00
andryyy
f257ed92f5
[Rspamd] Add missing ratelimit.conf
2017-09-21 22:21:11 +02:00
andryyy
edb2be979b
[Postfix] Changes to ignore watchdog checks
2017-09-21 19:25:43 +02:00
andryyy
fd3b2e5f16
[Rspamd] Changes to ignore watchdog checks
2017-09-21 19:25:17 +02:00
andryyy
288a55b1f3
Merge branch 'dev' of https://github.com/mailcow/mailcow-dockerized into dev
2017-09-20 23:25:07 +02:00
andryyy
ea5aa261c9
[Unbound] Define mailcow ip6 as private
2017-09-20 23:23:11 +02:00
Michael Kuron
a411a357b9
rspamd: exclude Mail Flow monitoring from logs and stats
2017-09-20 15:21:02 +02:00
andryyy
a8fb1d3f4f
Add experimental watchdog
2017-09-20 10:56:49 +02:00
andryyy
719aa1a391
[Postfix] Fix protocols
2017-09-18 10:59:45 +02:00
andryyy
67056dc3d1
[Postfix] Less strict smtpd_tls_mandatory_protocols
2017-09-18 08:24:24 +02:00
Michael Kuron
e4f13568d1
Rspamd user settings: fix matching From header
2017-09-16 18:46:28 +02:00
andryyy
089e8776f5
[Postfix] Stricter TLS settings for mandatory connections
2017-09-14 13:34:23 +02:00
andryyy
f0df390d12
[Nginx] Stricter TLS settings
2017-09-14 13:34:07 +02:00
andryyy
00e465a9a1
[Dovecot] Allow INBOX to be shared, sigh... fixes #594
2017-09-14 13:32:11 +02:00
andryyy
92e6c9daae
[Nginx] Fix SSL temp.
2017-09-11 17:37:25 +02:00
JOduMonT
b2b9731020
a little bit of security
...
Hide the version of NGINX, block XSS and more...
inspired by : https://gist.github.com/plentz/6737338
2017-09-09 23:10:36 +07:00
André Peters
78c363b7a5
Merge pull request #565 from mkuron/softreject
...
Forwarding hosts: treat soft reject like greylist
2017-09-09 10:43:41 +02:00
Michael Kuron
3d9c161be1
Forwarding hosts: treat soft reject like greylist
2017-09-09 10:30:26 +02:00
andryyy
cfd9316d74
Merge branch 'dev' of https://github.com/mailcow/mailcow-dockerized into dev
2017-08-30 21:43:45 +02:00
andryyy
b1213c51d7
[Rspamd] Dynamic ratelimit fixed, removed async redis request; Ready to implement per-user ratelimits via UI (tbd)
2017-08-30 21:42:39 +02:00
André Peters
29acfe85db
Merge pull request #536 from mkuron/patch-1
...
Rspamd user blacklist/whitelist improvements
2017-08-28 22:55:12 +02:00
Michael Kuron
8383ba5e9c
Rspamd user settings: fix From header match
...
The request_header regex appears to not be expected to be encapsulated in slashes and does not seem to accept flags.
2017-08-28 20:27:53 +02:00
Michael Kuron
fcd8cfa4f4
Rspamd user settings: don't print all email addresses of a domain
...
The ucl_rcpts function can already deal with domains, so lets use this capability.
2017-08-27 14:19:29 +02:00
Michael Kuron
93a092e627
Rspamd user settings: also match From header
2017-08-27 14:19:28 +02:00
Michael Kuron
e178ca36de
Rspamd user settings: make regexes case-insensitive
...
This is necessary because the user web UI normalizes to lowercase
2017-08-27 14:19:28 +02:00
andryyy
e47feeffd6
[Rspamd] Add custom directory for own files
2017-08-18 22:17:01 +02:00
andryyy
e5faee9037
[Nginx] Disable client_max_body_size
2017-08-09 10:17:32 +02:00
andryyy
d85352fa9a
[Dovecot] Use listescape
2017-07-31 12:41:18 +02:00
andryyy
aabcf65c69
[Nginx] Set server_names_hash_bucket_size 64
2017-07-30 21:39:35 +02:00
andryyy
9be3aa3334
[Rspamd] Disable monitored
2017-07-27 09:03:44 +02:00
andryyy
83d485dd94
[Web, Postfix, Compose] Allow to add relayhosts per domain (+ plain and login authentication)
2017-07-22 20:39:54 +02:00
andryyy
ed33cb5f57
[Rspamd] ARC: Disallow login/domain mismatch
2017-07-21 11:03:35 +02:00
andryyy
256c9d86dd
[Rspamd] Initial custom ratelimit support
2017-07-13 12:55:14 +02:00
andryyy
a31819fd6c
[SOGo] Log to a pipe to not keep logs in a container
2017-07-11 17:08:06 +02:00
andryyy
08b99c8d74
[Dovecot] Add doveadm service
2017-07-10 21:30:45 +02:00
andryyy
c5d90b821a
[Dovecot] Add extra.conf include to override Dovecot configuration changes
2017-07-10 09:19:12 +02:00
andryyy
56a652fbf3
[Rspamd] Set error_reporting to 0
2017-07-02 11:25:14 +02:00
andryyy
afc8c93c07
[Rspamd] Cleanup settings map
2017-07-01 23:14:27 +02:00
andryyy
6cd44b4136
Remove old code
2017-06-26 23:17:46 +02:00
andryyy
cbb4f51a9d
Fix Junk-E-Mail folder name
2017-06-25 11:32:21 +02:00
andryyy
3be99d7f89
Set IPv6 network as secure_ip range in Rspamd
2017-06-24 22:07:26 +02:00
andryyy
578011c78c
Move milter config, increase timeout for DNS
2017-06-21 10:18:52 +02:00
andryyy
036c51f053
Prefere ipv4 to fix problems on v4-only envs
2017-06-19 10:39:14 +02:00
andryyy
2a845a0d21
Less verbose
2017-06-18 20:57:54 +02:00
andryyy
9117c499ef
Do not break DNS replies....
2017-06-18 20:57:26 +02:00
andryyy
6fa19a37d8
Unbound changes
2017-06-18 20:23:26 +02:00
andryyy
ba3fc47d5f
Fix autodiscover, thanks to K2rool!
2017-06-15 23:03:10 +02:00
James Smith
bcdbbf0102
Make autodiscover case insensitive
2017-06-14 23:42:42 +01:00
andryyy
83cb686e33
Fix fix for Apple dav....
2017-06-14 23:17:31 +02:00
andryyy
495bf05fb8
Fix for Apple autoconfiguration (dav)
2017-06-14 23:14:41 +02:00
andryyy
e99fa9433e
Fix dav url detection for apple
2017-06-14 23:10:50 +02:00
andryyy
44197c410e
Do not add milter headers for authenticated users
2017-06-13 07:41:00 +02:00
André Peters
329ac40d95
Merge pull request #332 from mkuron/symlink
...
Replace symlink to PHP script
2017-06-08 20:57:51 +02:00
andryyy
663ea7815c
Use new milter interface
2017-06-06 22:01:41 +02:00
andryyy
a41cafac3e
Switch to Rspamds milter interface
2017-06-06 22:00:34 +02:00
andryyy
c9318ecf83
Switch to Rspamds milter interface
2017-06-06 21:59:44 +02:00
andryyy
e15795e112
Enable http2
2017-06-06 21:59:27 +02:00
Michael Kuron
062abb0ca7
Replace symlink to PHP script
2017-06-04 13:31:35 +02:00
andryyy
55071805f3
Execute after rmilter_headers (prio 10)
2017-05-29 21:53:47 +02:00
andryyy
d33399b3cb
Fix mismatch in env and from mime header when signing mail
2017-05-29 21:49:01 +02:00
andryyy
e159eb7522
Fix listener
2017-05-29 21:48:41 +02:00
Michael Kuron
eb9217a8b8
SOGo UI: per-user authentication failure rate-limiting
2017-05-28 16:02:34 +02:00
André Peters
fb6893f664
Add IPv6
2017-05-28 11:14:43 +02:00
andryyy
813207c694
Listen on internal IPv6
2017-05-25 10:59:57 +02:00
andryyy
fd92283fb8
Add missing ;
2017-05-24 10:03:06 +02:00
andryyy
258a8ee6e9
Add IPv6 listener to Nginx, fixes IO error in Rspamd logs
2017-05-23 22:24:30 +02:00
andryyy
466b8137e5
Add log_helper to Rspamd, add IPv6 for http maps in Nginx, make Bind listen on v6 and add acl for internal network
2017-05-23 22:23:34 +02:00
andryyy
21714bd054
Remove obsolete map
2017-05-23 21:50:33 +02:00
andryyy
f3a1d81347
Rate extensions
2017-05-23 21:50:05 +02:00
andryyy
e99db685e5
Change map watch interval, remove Mraptor
2017-05-20 14:28:05 +02:00
andryyy
9965ff10a7
Fix mynetworks: Add mailcow ipv6 network
2017-05-17 22:38:59 +02:00
andryyy
63324b0de8
Fix mynetworks: Add mailcow ipv6 network
2017-05-17 22:38:11 +02:00
Michael Kuron
759f21ac6b
Consistent symbol names for forwarding hosts
...
multimap.conf and force_actions weren't using the same name
2017-05-09 07:29:43 +02:00
andryyy
d64ed65575
Add multimap and forced actions for forwarded_hosts, removed from settings
2017-05-08 23:09:21 +02:00
André Peters
5861bec0c3
Merge pull request #256 from mkuron/forwardinghosts
...
Optionally enable spam filter for forwarding hosts
2017-05-08 19:00:42 +02:00
andryyy
cdf7c87e20
Deleted two http maps, replaced by redis multimaps, much better tag system
2017-05-08 15:39:33 +02:00
Michael Kuron
7efc720d47
Merge remote-tracking branch 'origin/dev' into forwardinghosts
2017-05-08 07:39:30 +02:00
andryyy
aa98d86feb
Sieve rule for tags changed
2017-05-08 00:27:16 +02:00
Michael Kuron
ae6d7d63fc
Optionally enable spam filter for forwarding hosts
2017-05-07 08:50:28 +02:00
andryyy
fa3a47fde5
Log to syslog
2017-05-06 23:42:07 +02:00
andryyy
ecda4fb1d1
Change whitelist for forwarding hosts
2017-05-06 23:41:58 +02:00
andryyy
b3a161f930
Keep format
2017-05-06 08:09:40 +02:00
andryyy
1501df6e42
Use Redis for DKIM keys, define any selector, auto-merge old keys to Redis and fallback to files
2017-05-05 10:35:27 +02:00
andryyy
e3f9839410
Do not use sld for DKIM signing
2017-05-04 19:12:21 +02:00
andryyy
edc41b48d1
Add map for scheme...
2017-05-03 22:26:10 +02:00
andryyy
2f0129539b
Hopefully fix all Nginx reverse proxy issues, see documentation updates!
2017-05-03 18:05:13 +02:00
andryyy
8f213e8df9
Changes to api path
2017-04-29 16:36:41 +02:00
andryyy
a03b36e0c3
Add object to Nginx api configuration
2017-04-26 23:37:55 +02:00
andryyy
fd84b2ffa9
Change DKIM to new method, add clamav forced action when virus is found"
2017-04-25 20:32:36 +02:00
andryyy
e4310cafb3
Revert RP changes
2017-04-25 10:49:38 +02:00
Michael Kuron
f3fad4e7a2
Remove rspamd size limit
...
This ensures that the spam and antivirus filters cannot be evaded by making the message large enough.
Rspamd does not need a size limit on its own (e.g. for DoS protection) as Postfix already has a size limit (message_size_limit).
2017-04-24 19:49:41 +02:00
André Peters
0f3202109d
Merge pull request #212 from mkuron/reverseproxy
...
Fix CalDAV/CardDAV URLs displayed in SOGo web interface when used behind reverse proxy
2017-04-24 10:09:32 +02:00
andryyy
755da65426
Change path
2017-04-23 19:38:27 +02:00
andryyy
55f6384f2a
Change to hostname, connection is not important for container start
2017-04-23 17:43:29 +02:00
Michael Kuron
affa52edcf
Forwarding hosts: don’t add configuration if none are defined
2017-04-22 18:34:49 +02:00
Michael Kuron
08612f0aef
Merge remote-tracking branch 'origin/dev' into forwardinghosts
2017-04-22 18:13:58 +02:00
Michael Kuron
894d6234e9
Improvements to forwarding hosts in Postfix
...
- No more premature EOF and no more leaking of bash processes
- Log result
- Correctly treat non-CIDR entries
- Adapt to schema change from df71e97
- Correctly report SQL failure
2017-04-22 14:28:51 +02:00
andryyy
8adcc4fcd3
Force add mailcow_black/white
2017-04-21 10:19:45 +02:00
andryyy
be28877f68
Remove permanent moo symbol
2017-04-21 10:19:24 +02:00
andryyy
95cbfe3661
Move mail to spam when DKIM fails, ignore when white/blacklist and honor other actions
2017-04-21 10:19:07 +02:00
andryyy
babad4f137
Anti-Virus local configuration for Rspamd, container not enabled by default
2017-04-20 21:14:20 +02:00
Michael Kuron
d350c009b9
Fix login redirect behind reverse proxy
2017-04-20 19:53:56 +02:00
Michael Kuron
06e64c585c
Fix CalDAV/CardDAV URLs displayed in SOGo web interface when used behind a reverse proxy
2017-04-18 20:24:43 +02:00
Michael Kuron
a75d916b74
Forwarding hosts in postscreen
2017-04-17 15:51:50 +02:00
Michael Kuron
8822eb57c8
Forwarding hosts in rspamd
2017-04-17 15:51:50 +02:00
andryyy
d0d87ead49
Zeyple is not enabled by default
2017-04-10 13:16:40 +02:00
andryyy
06100c30ca
mail_crypt is not enabled by default
2017-04-10 13:15:48 +02:00
andryyy
c460636a70
mail_crypt is not enabled by default
2017-04-10 13:09:33 +02:00
andryyy
7f8d6556b8
imapsync: added option to delete from source after transfer
2017-04-10 13:07:45 +02:00
andryyy
b0d8b1344a
Remove obsolete parameters, use imapsieve instead of deprecated antispam module, use mail_crypt per default
2017-04-05 22:22:43 +02:00
andryyy
96c1a7c225
Open 10026 for Zeyple
2017-04-05 22:21:20 +02:00
andryyy
34bc242554
Add Zeyple filter
2017-04-05 22:19:01 +02:00
andryyy
8b7e3c718d
API format changes
2017-03-28 11:51:31 +02:00
andryyy
60fa9ab9dd
Fall back to dkim.conf
2017-03-26 11:08:07 +02:00
andryyy
16d90b86d5
Use Redis history in Rspamd
2017-03-21 23:50:00 +01:00
andryyy
f384759282
Add all defaults to ratelimit module config in Rspamd
2017-03-21 11:20:04 +01:00
André Peters
4f72ed4509
Merge branch 'dev' into footable
2017-03-21 10:06:46 +01:00
André P
8d1784a1c4
Reset ratelimit
2017-03-21 10:05:26 +01:00
André P
d8cf921e35
Add ignore
2017-03-21 10:04:26 +01:00
root
892f2197cb
Add footable
2017-03-21 10:02:23 +01:00
root
51230f780f
Local
2017-03-21 08:11:06 +01:00
andryyy
7e6fc8568f
Move DKIM signing to new dkim_signing.conf
2017-03-19 21:55:03 +01:00
andryyy
2fcbce4f2e
Fix: return true
2017-03-17 19:23:25 +01:00
andryyy
509a804acd
Deprecated lua function replaced, better tag handling when spam
2017-03-16 13:42:56 +01:00
andryyy
9f4a5b1834
Fix symbol check
2017-03-12 17:25:30 +01:00
andryyy
09850a76e5
Use Rspamds new tag symbol
2017-03-12 14:38:20 +01:00
andryyy
7a2427bf9b
Add Junk-E-Mail as special use junk
2017-03-10 15:34:23 +01:00
andryyy
4c8288f85e
Use tag settings for alias addresses
2017-03-09 17:06:58 +01:00
andryyy
276e370989
Rspamd tag check for non-spam only (post-filter), remove sql files from repository"
2017-03-08 17:58:00 +01:00
andryyy
2d086424fa
Fix settings for aliases, alias domains
2017-03-04 14:05:06 +01:00
andryyy
285e295d91
Fix for settings
2017-03-04 00:27:57 +01:00
andryyy
8c2416b711
Never return empty map
2017-03-04 00:23:38 +01:00
andryyy
211e4158a2
Always return settings
2017-03-04 00:19:10 +01:00
andryyy
cad084598d
Remove old files, fix tagging
2017-03-03 19:01:33 +01:00