Commit Graph

382 Commits (243c441ae19205359995c70e489f485cc89a7087)

Author SHA1 Message Date
André c80fe40669 [Unbound] Do not allow from all (dangerous for setups with incorrect netfilter setups) 2018-10-12 11:35:45 +02:00
André 1fce562434 [Dovecot] Set imap_max_line_length = 2 M 2018-10-12 10:56:40 +02:00
André 3db6af5c90 [Unbound] Trust all addresses - do not expose Unbound! 2018-10-12 10:56:17 +02:00
André 32f7ae1d2e [Rspamd] Prefix quarantine error_log messages with "QUARANTINE"
[Rspamd] Fix quarantine max size check (it was ignored)
2018-10-11 11:55:52 +02:00
André c0b590fff6 [PHP-FPM] Move max_execution_time and max_input_time to general PHP config, removed as fixed php_admin_value 2018-10-11 11:54:38 +02:00
André c08149adef [SOGo] EAS changes, larger timeout 2018-10-05 11:12:55 +02:00
André f6b2a6aab2 [Postfix] Enable/create smtp_tls_policy_maps 2018-10-04 14:34:34 +02:00
André 2f18eb5ad0 [Nginx] Avoid php extensions, use rewrite 2018-10-04 14:34:00 +02:00
André b2067cb521 [SOGo] SOGoMaximumSyncWindowSize = 99 2018-10-04 14:33:32 +02:00
André b8ebdc3c58 [Postfix] Increase default message size limit to 100 MiB 2018-10-01 22:06:20 +02:00
André a054182246 [Rspamd] Add desc to high spam networks 2018-09-30 18:56:35 +02:00
André cdca603ff5 [Unbound] Fix logging, fixes #585
[Rspamd] Fix permissions of controller password file
[Unbound] Enable unbound-control
2018-09-30 14:43:18 +02:00
André b008211f52 [Rspamd] Controller password placeholder 2018-09-30 09:55:50 +02:00
André 8439daea7e [Rspamd] Revert adding worker-controller-password... 2018-09-30 09:54:19 +02:00
André 4396be2938 [Rspamd] Place socket in _rspamd home and fix permissions
[Compose] Remove volume for Rspamd socket
[Web] Do not exit loop on fuzzy errors when learning a message as spam
2018-09-30 09:53:25 +02:00
André 73b10350d0 [Rspamd] Ignore sa-rules-heinlein file, remove from index 2018-09-29 22:03:48 +02:00
André 0fb43f4916 [Docker API] Use TLS encryption for communication with "on-the-fly" created key paris (non-exposed)
[Docker API] Create pipe to pass Rspamd UI worker password
[Dovecot] Pull Spamassassin ruleset to be read by Rspamd (MANY THANKS to Peer Heinlein!)
[Dovecot] Garbage collector for deleted maildirs (set keep time via MAILDIR_GC_TIME which defaults to 1440 minutes)
[Web] Flush memcached after mailbox item changes, fixes #1808
[Web] Fix duplicate IDs, fixes #1792
[Compose] Use SQL sockets
[PHP-FPM] Update APCu and Redis libs
[Dovecot] Encrypt maildir with global key pair in crypt-vol-1 (BACKUP!), also fixes #1791
[Web] Fix deletion of spam aliases
[Helper] Add "crypt" to backup script
[Helper] Override file for external SQL socket (not supported!)
[Compose] New images for Rspamd, PHP-FPM, SOGo, Dovecot, Docker API, Watchdog, ACME, Postfix
2018-09-29 22:01:23 +02:00
André c7cef3241f [Rspamd] Controller worker count == 1, fixes #1716 2018-09-12 20:32:59 +02:00
André 1b5409f3fa [Rspamd] Check if ip is valid (KEEP_SPAM symbol), fixes #1759 2018-09-12 15:50:42 +02:00
André 1499094b61 [PHP-FPM] Increase PHP memory limit for "web" to 512M
[Helper] Nextcloud 14
[Rspamd] Fix KEEP_SPAM lua script: skip check if ip is false
2018-09-11 19:35:21 +02:00
André ea4a26eabf [Nginx] Use SOGo web resources from local mount 2018-09-09 09:51:37 +02:00
André afc18fd469 [Rspamd] Update bad asn, move KEEP_SPAM to a custom lua function 2018-09-09 09:47:47 +02:00
André e5b830adea [Dovecot] Fix shared namespace 2018-08-31 23:33:55 +02:00
André 6cee038a63 [Dovecot] IMPORTANT: Disables 'any' and 'all authenticated' ACL settings! See wiki how to revert this, if you need it. 2018-08-17 21:44:17 +02:00
André d5e81b987b [Dovecot] Set from address for sieve generated addresses, fixes #1662 2018-08-13 08:31:09 +02:00
André 02e567f76b [Dovecot] Set CONTROL path for shared namespace and remove index 2018-08-08 23:59:38 +02:00
André d83537cda0 [ClamAV] Add whitelist template for ClamAV 2018-08-05 22:38:06 +02:00
André 66d1bc12c0 [Nginx] Set client_max_body_size = 0 2018-08-05 22:37:07 +02:00
André b007975a04 [Rspamd] Rename -disable_monitored > disable_monitoring 2018-08-03 11:56:39 +02:00
André 59c4cc054e [Rspamd] Deactivate neural but use a more aggressive learning method (no autolearn) 2018-07-29 23:03:49 +02:00
André d8f86ae488 [Rspamd] Add local fuzzy worker 2018-07-29 00:34:36 +02:00
André f1b096b36e [Dovecot] Increase process_limit to 500, thanks to @mritzmann 2018-07-25 21:04:24 +02:00
André e2ed2eab53 [Rspamd] Remove per_user settings as they were pretty much useless, some minor changes to bayes" 2018-07-25 01:06:12 +02:00
André 7de2607594 [Dovecot] Enable vacation-seconds with a default min period of 5s and a default period of 60s 2018-07-23 19:59:23 +02:00
André a83adc4d31 [Rspamd] Remove unused user_keywords and dynamic_rates from ratelimit module 2018-07-15 12:02:37 +02:00
André 882ee5fee6 [Rspamd] Re-use fixed new ratelimit 2018-07-15 12:01:28 +02:00
André 353af8e3a4 [Rspamd] Set start and end to rcpt matching regex 2018-07-12 23:18:49 +02:00
André 587f37a300 [Dovecot] Remove additional hash scheme and let Dovecot decide the hash by prefix 2018-07-12 00:46:31 +02:00
André 2aef18d130 [Dovecot] Remove user queries from passdb + add a second passdb for additional algorithms + create userdb without password queries 2018-07-12 00:23:12 +02:00
André 1b47ae55f1 [SOGo] Set SOGoPasswordChangeEnabled = YES - allow user to change password in SOGo 2018-07-11 22:11:09 +02:00
André fa0b351da6 [Postfix] smtpd_tls_eecdh_grade = auto 2018-07-11 22:10:32 +02:00
André 37fbce855e [Rspamd] Remove autolearn from Rspamd 2018-07-03 23:24:11 +02:00
André d6a74e82e3 [ACME] Fix for CNAME response on AAAA dig request 2018-06-28 20:41:44 +02:00
André 9dc250c9f2 [Rspamd] Important fix for settings map 2018-06-28 11:48:23 +02:00
André Peters bca8920679
Revert "[Postfix] Default SMTP server security grade for EECDH key exchange" 2018-06-27 23:28:54 +02:00
elcore c386dfc11d
[Postfix] Default SMTP server security grade for EECDH key exchange 2018-06-27 03:39:54 +02:00
André 5905a3919c [Dovecot] Minor changes to ciphers, still disallow insecure ciphers 2018-06-26 07:50:17 +02:00
André a5d40a4ab6 [Postfix] Re-enable TLS 1, 1.1 and some ciphers - real-world tests have shown this setup uses TOO MANY plain text sessions due to compatibility issues 2018-06-25 22:31:23 +02:00
André b8973648ff [Rspamd] Disable default authenticated user ratelimit 2018-06-24 11:40:31 +02:00
André 8bb24a9866 [Rspamd] Load additional settings defined in web ui 2018-06-23 23:48:06 +02:00