andryyy
5c07cca529
[Rspamd] Change spoofed mail handling
2019-05-09 11:48:38 +02:00
andryyy
456e92c830
[Rspamd] Set to to_ip to_ip_from rate buckets to 100 / 1s
2019-05-09 11:32:16 +02:00
André Peters
61433a4488
Merge pull request #2541 from sriccio/master
...
Allow to easily add custom plugins to rspamd
2019-05-05 22:33:32 +02:00
andryyy
28c8c53a6e
[Rspamd] meta_exporter: return false if not matched
...
[Compose] Update Dovecot image
2019-05-01 22:50:38 +02:00
Howaner
17918b3e21
Added domain alias handling to quarantine mails and added recipients row to quarantine mail display
...
If a mail is sent to a domain alias domain and rejected, mailcow does not currently store the mail in quarantine.
This commit adds domain alias handling to the reject code and should fix this behavior.
Also added displaying of recipient addresses into the quarantine mail dialog to be able to see what mail address was "leaked".
2019-05-01 00:56:12 +02:00
andryyy
91af3d5c5a
[Rspamd] Much higher scores for DMARC failures
2019-04-30 14:00:47 +02:00
andryyy
9b303dcc0e
[Dovecot] Set default_vsz_limit = 1024 M
...
[Web] Form cache for user passwd change modal disabled
2019-04-24 14:46:45 +02:00
sriccio
ef5cf81308
[rspamd] Allow to easily use custom rspamd lua plugins
...
Since rspamd 1.9.2 we'll be able to load custom modules from plugins.d
directory.
This allow to add and configure plugins easily from the
data/conf/rspamd/plugins.d
Also loading config for custom plugins need rspamd.conf.local or
optionally rspamd.conf.override.
I added support for this in the docker-compose.yml
Idea came while i was writing a custom plugin for Cyren antispam
gateway, which can be found here: https://github.com/sriccio/rspamd-plugins
2019-04-17 10:36:39 +02:00
andryyy
9f00d956f1
[Rspamd] Improve spoofing detection
2019-04-14 20:37:38 +02:00
andryyy
c8047b9555
[Web] Change session timeout handling
...
[Rspamd] Add missing spamassassin.conf
2019-04-14 13:01:47 +02:00
andryyy
fae34b8a89
I'm an idiot
2019-04-01 22:52:45 +02:00
andryyy
bb12ce9edc
[Nginx] Fix site when ALLOW_ADMIN_EMAIL_LOGIN=y and reverse proxy is used, fixes #2489
2019-04-01 22:46:13 +02:00
Marcel Hofer
7d2289c3a7
Merge branch 'master' into admin-login
...
# Conflicts:
# data/web/js/site/mailbox.js
2019-03-23 21:17:02 +01:00
andryyy
4aae72779a
[Dovecot] Remove auth cache
2019-03-18 14:15:02 +01:00
André Peters
3d8a46357b
Merge branch 'master' into admin-login
2019-03-18 02:03:59 +01:00
andryyy
d8e356f590
[SOGo] Revert to previous settings
2019-03-18 01:36:32 +01:00
andryyy
a614d64615
[SOGo] Adjust sync parameters, revert if you run into problems!
2019-03-14 08:59:24 +01:00
andryyy
d449984a66
Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized
2019-03-12 23:39:57 +01:00
andryyy
fc63661fbd
[Solr] Change default configset before bootstrapping
...
[Solr] Bootstrap cannot be omitted and must occur before mounting the data directory
2019-03-12 23:15:26 +01:00
André Peters
70c424caa2
[Web] Fix rejected mails not being quarantized properly if they are tagged
2019-03-12 11:26:33 +01:00
andryyy
1c3daedc39
[Rspamd] Remove headers var from dyn maps
2019-03-12 01:28:04 +01:00
Aaron Larisch
40a826a347
Fix rejected mails not being quarantized properly if they are tagged
2019-03-11 15:31:21 +01:00
Robert Christian
4bbb6d78e3
fix solr query ngram
2019-03-10 17:20:46 +01:00
André Peters
ae19d81f2d
Merge branch 'master' into admin-login
2019-03-10 10:38:42 +01:00
André Peters
216451ed43
Merge branch 'master' into admin-login
2019-03-10 09:51:12 +01:00
andryyy
0a1e71f7ec
[Dovecot] Use dovecot-fts core
2019-03-10 09:40:31 +01:00
andryyy
c7c115d63a
[Solr] Use fixed, recommended schema but add EdgeNGramFilterFactory
2019-03-10 09:40:04 +01:00
andryyy
2443e956eb
[Rspamd] Remove buggy last-modified check
2019-03-08 12:43:05 +01:00
andryyy
d124fa1d5b
[Rspamd] Check if filterconf table was changed and return Last-Modified accordingly
2019-03-07 11:44:38 +01:00
andryyy
e04e15ed23
[Rspamd] Mime from and rcpt can now be checked by from_mime and rcpt_mime
2019-03-07 00:07:11 +01:00
andryyy
c792bbcbab
[Rspamd] make upstream an object
2019-03-07 00:05:55 +01:00
andryyy
bb065dbc22
[Rspamd] Add fuzzy worker with worker-fuzzy.inc
2019-03-06 15:14:25 +01:00
andryyy
9abbe7eb1d
[Postfix] Mandatory protocol for authenticated clients over 587/tcp and 465/tcp is now TLSv1.0+ (reverts previous protocol change for authenticated users only)
...
[Postfix] Force route localhost$ over local:
2019-03-06 15:09:28 +01:00
andryyy
6dc5318673
[Rspamd] Delete rspamd.conf.local
2019-03-06 15:08:18 +01:00
andryyy
4d32eb49ee
[Dovecot] Revert to TLS1+
2019-03-04 17:57:44 +01:00
andryyy
0375703198
[Postfix] Fix mandatory encryption protocols and always require at least TLS 1.2 for LMTP
2019-03-03 12:11:39 +01:00
andryyy
eccf3ff4da
[Postfix] Mandatory encryption protocol is now min. TLS 1.2
2019-03-03 12:09:10 +01:00
andryyy
69f54b99a1
[Dovecot] ssl_min_protocol is now TLS 1.2
2019-03-03 12:08:26 +01:00
Marcel Hofer
a110378000
always check basic auth against user database for EAS and SOGo if ALLOW_ADMIN_EMAIL_LOGIN is enabled
2019-02-27 23:06:19 +01:00
andryyy
38911034c3
Don't break DAV
2019-02-26 22:13:37 +01:00
andryyy
ae512018a8
[Postfix] Remove sasl requiring policies from port 25
2019-02-26 21:37:08 +01:00
Marcel Hofer
dd6d253ac0
add random masterpass for sogo admin login
...
add required headers for sogo proxy auth with password
add SOGoEncryptionKey
add SOGoTrustProxyAuthentication only conditionally if feature is enabled
2019-02-26 09:02:35 +01:00
andryyy
b0584b7699
[Dovecot] Remove vacation-seconds from global-only
2019-02-25 10:22:00 +01:00
andryyy
57312ad605
[Compose] Add ALLOW_ADMIN_EMAIL_LOGIN to sogo-mailcow to trigger bootstrap on change
...
[Compose] Static IPv4 for Dovecot
[SOGo] Remove SOGoIMAPServer from sogo.conf
[SOGo] Add SOGoIMAPServer to bootstrap process
[Nginx] Disallow editAccount for other accounts than 0 (own)
2019-02-25 00:00:32 +01:00
André Peters
298a8d24e9
Merge pull request #2360 from mhofer117/allow-admin-email-login
...
Allow admins to login as email user (without any password)
2019-02-24 18:49:13 +01:00
andryyy
108e808d06
[Rspamd] Reduce SOGO_CONTACT score to -99
2019-02-23 23:46:01 +01:00
André Peters
9a9079baa5
Update sogo.auth_request.template.sh
2019-02-23 22:29:14 +01:00
André Peters
0c8f217f49
Update sogo.auth_request.template.sh
...
Don't want to split hairs! Just consistency. :)
2019-02-23 22:20:09 +01:00
Marcel Hofer
cac67db203
add config ALLOW_ADMIN_EMAIL_LOGIN and implement password-less SOGo login admins
2019-02-23 17:59:18 +01:00
andryyy
28a3f5ca8c
[Dovecot] Add flags and notify to sieve_extensions
2019-02-22 18:25:35 +01:00
andryyy
1092d98499
[Dovecot] Enable sieve vacation seconds not just for global scripts
2019-02-22 10:52:18 +01:00
andryyy
02b015a359
[Rspamd] Lower history nrows
2019-02-14 11:11:20 +01:00
eXtremeSHOK
260421448d
Update clamd.conf
...
AlertOLE2Macros, default should be set to NO
With this option enabled OLE2 files containing VBA macros, which were NOT detected by signatures will be marked as "Heuristics.OLE2.ContainsMacros".
This causes most microsoft office document files which contains macros to be blocked. Majority of corporate documents mailed contain macros. When the option is set to NO, emails are still checked for known malicious macros.
Due to any message failing clamav being set to a 2000 score, this causes all legitimate emails with harmless macros to be blocked.
The default for debian/ubuntu is to set this to NO
cPanel, iredmail, etc all have this option set to NO
2019-02-13 09:50:29 +02:00
andryyy
5efdf71120
[Nginx] Add qhandler rewrite
...
[Web] Move theme header include, fixes #2267
2019-02-06 10:14:56 +01:00
andryyy
c57a544c52
[Postfix] Disable auth on port 25
2019-02-05 10:35:32 +01:00
andryyy
7a96516fad
Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized
2019-02-05 00:05:00 +01:00
andryyy
6f478ed2a3
[Rspamd] Set history lines to 10000
2019-02-05 00:02:56 +01:00
andryyy
aa1e03476d
[Dovecot] Enable quota notifications
2019-02-04 23:59:31 +01:00
Tobias "Knight" S
c06e4c81cf
Enable TLSv1.3 finally
...
With Alpine 3.9 https://pkgs.alpinelinux.org/package/v3.9/main/x86/openssl we got OpenSSL 1.1.1a.
With https://github.com/docker-library/official-images/pull/5377 it was merged into the Nginx upstream image and thus Nginx was built with it.
2019-02-01 01:04:13 +01:00
andryyy
6ad8798d5c
[Nginx] Compress some files, don't compress proxy answers
2019-01-31 17:07:49 +01:00
andryyy
14901eed64
[Nginx] Remove broken locations
2019-01-31 15:58:35 +01:00
andryyy
60f9968134
[Nginx] Add compression, change expires
2019-01-31 15:45:57 +01:00
andryyy
b3f84d2c78
[Dovecot] Remove break-imap-search (it is a default setting)
2019-01-29 13:25:35 +01:00
andryyy
8da54e5194
[Rspamd] Split global wl from to mime-from and smtp-from
2019-01-29 12:11:10 +01:00
andryyy
07392b7437
[Watchdog] Use stackoverflow.com for DNS check
...
[Git] Ignore mail_plugins*
[Dovecot] Read mail_plugins from dynamically generated file
[Dovecot] Encrypt FTS
[Dovecot] Add break_imap_seach option to Solr
[Web] Add ability to send quarantine notification mails
[Web] Minor style fixes
[Web] Add new MAILBOX_DEFAULT_ATTRIBUTES (doc updates, anyone? :-( )
[Web] Use rcpt_smtp if rcpt_mime is not set
[Web] Other minor fixes
2019-01-29 00:20:39 +01:00
andryyy
d6efc2fcd3
[Rspamd] Fix metadata_exporter
...
[Web] Show subjet in quarantine
[Compose] Update Rspamd image
2019-01-17 22:00:18 +01:00
andryyy
2e8bd8b3c4
[Dovecot] Add czech folder names to namespace
2019-01-16 23:47:15 +01:00
andryyy
a2b52e0969
[Dovecot] Use Solr for LMTP
2019-01-16 22:19:40 +01:00
André Peters
f3dfe346bf
[Dovecot] Allow setting ACL_ANYONE in mailcow.conf
2019-01-16 19:08:19 +01:00
Aiko Appeldorn
4c176d3833
[rspamd] increased values for SPF, DKIM reject
2019-01-15 18:54:05 +01:00
andryyy
17222eac94
[Rspamd] Set max_size for AV
...
[Rspamd] Set higher/lower scores for local fuzzy matches
2019-01-13 23:02:09 +01:00
Michael Kuron
2b0065d5ab
Do not apply SOGO_CONTACT for hard SPF failures
...
Fixes #1983 more completely
2019-01-13 10:28:21 +01:00
andryyy
fc1c2dc87b
[ClamAV] Do not log twice
2019-01-12 08:56:02 +01:00
André Peters
a520293461
[Dovecot] Add more special_use folder names
2019-01-09 18:10:36 +01:00
andryyy
94d7952802
[Rspamd] Scan the whole message to be able to trigger Sanesecurity rules
...
[Rspamd] Increase add_header and greylist score
2019-01-08 13:00:56 +01:00
andryyy
2baf407331
[Rspamd] preg_quote filter objects, only translate * to .* - fixes #2152
2019-01-08 12:58:27 +01:00
andryyy
e42afa39a8
[ClamAV] Update to 0.101.1 (based on Debian to fix some errors)
...
[ClamAV] Some config values are deprecated and were replaced
2019-01-08 12:54:33 +01:00
Markus Heberling
9750ec5bec
Merge branch 'master' into master
2019-01-01 14:20:22 +01:00
andryyy
b3896d464c
[SOGo] Remove old js file
2018-12-23 17:12:14 +01:00
andryyy
e84dec3b56
[SOGo] Revert self-built SOGo
2018-12-21 19:54:32 +01:00
andryyy
ad90496169
[SOGo] Add logo to config dir
...
[Web] Add missing lang strings for transport maps
2018-12-20 19:02:47 +01:00
andryyy
bcd6e43665
[Postfix] Remove verbose flag from smtp service
2018-12-19 12:16:36 +01:00
andryyy
cd72a4e18b
[Postfix] Split SASL passwd maps
...
[Postfix] create new smtp service to skip sender-dependent SASL map
[Postfix] Hard-bounce on SASL errors
2018-12-19 09:40:08 +01:00
andryyy
534e83a218
[Nginx] New WebServerResources path
2018-12-19 09:37:07 +01:00
andryyy
ed763cd668
[Rspamd] Use meta exporter to pipe meta data of ratelimited msg to Redis
2018-12-15 21:23:42 +01:00
andryyy
e7427eddf3
[Rspamd] Updated values of default ratelimit settings, add info_symbol
2018-12-15 21:22:59 +01:00
andryyy
497b6a39de
[Postfix] Add missing regexp map, fixes #2083
2018-12-11 17:16:53 +01:00
Markus Heberling
4755bb323b
Allow setting ACL_ANYONE in the configuration
2018-12-11 11:32:36 +01:00
andryyy
9b1f51ae3f
[Git] Add allow_mailcow_local.regexp and dovecot-master.userdb
2018-12-10 23:26:28 +01:00
andryyy
9b720bb07a
[Dovecot] Add master user to userdb (to be used in SOGo)
2018-12-10 23:25:37 +01:00
andryyy
fa3525e2dd
[SOGo] Enable EMailAlarms
2018-12-10 23:24:49 +01:00
andryyy
3a39937baf
[Rspamd] Do not apply SOGO_CONTACT for SPF fails and when sending from whitelisted host
2018-12-10 13:26:18 +01:00
andryyy
e43c696204
[Rspamd] Remove SOGO_CONTACT for header from
2018-12-10 13:25:38 +01:00
andryyy
c2d413bff4
[MySQL] Remove deprecated values for future use of MariaDB 10.3
2018-12-10 13:23:02 +01:00
andryyy
fe95852f45
[Dovecot] Increate proc limit and default client limit
2018-12-06 16:47:41 +01:00
andryyy
968f6f4157
[Rspamd] use boolean for one_shot, fixes #2066
2018-12-04 08:31:56 +01:00
andryyy
e02c51b1d1
[Rspamd] Fix examples for global white/blacklist
2018-11-29 21:51:09 +01:00
root
d445d7d2e7
[Web] Allow actions in quarantine modal, fixes #1991
...
[Web] Fixes for Source Sans Pro font
[Rspamd] Add global rcpt blacklist and whitelist
[Compose] New Rspamd image
2018-11-27 10:20:42 +01:00
andryyy
113c6fe018
Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized
2018-11-26 10:41:44 +01:00
andryyy
f76c3ee7f3
[Dovecot] Unsupported examples for IMAP auth via LDAP
...
[Rspamd] Globel whitelist/blacklist from via multimap
2018-11-26 09:06:51 +01:00