Commit Graph

883 Commits (3873e38919457902c10324ec1c026a68dbbc85ca)

Author SHA1 Message Date
andryyy 0cf22b64e1 [Postfix] Less strict smtpd_tls_mandatory_protocols 2017-09-18 08:23:31 +02:00
andryyy e07f84d0f0 [Web] Update phpmailer, always use correct path for vars.inc.php 2017-09-17 14:39:10 +02:00
andryyy e20f50fafc [Web] Fix spacing 2017-09-17 14:38:05 +02:00
andryyy d0c0cd4992 [Rspamd] Fix user settings... 2017-09-16 23:27:13 +02:00
andryyy fcc6bcc4b3 Merge branch 'dev' of https://github.com/mailcow/mailcow-dockerized into dev 2017-09-16 23:05:40 +02:00
andryyy 1b974bc8d1 [Compose] New images 2017-09-16 23:05:33 +02:00
André Peters 6d86813330 Merge pull request #610 from mkuron/rspamd-header
Rspamd user settings: fix matching From header
2017-09-16 23:00:38 +02:00
andryyy 750a2b8cef [Web] New feature: Show DKIM private keys - needs variable set to true in vars.local.inc.php 2017-09-16 22:59:42 +02:00
Michael Kuron e4f13568d1 Rspamd user settings: fix matching From header 2017-09-16 18:46:28 +02:00
andryyy c6f81fe67b [Web] Fix autodiscover merge on user.php 2017-09-16 13:33:27 +02:00
andryyy e20d31e440 Merge branch 'dev' of https://github.com/mailcow/mailcow-dockerized into dev 2017-09-16 13:17:59 +02:00
andryyy 2b97305f6d [ACME] Sleep, don't exit 2017-09-16 13:17:48 +02:00
andryyy 8741b5f3b1 [Compose] Enable some minimal inits, change or remove some health checks 2017-09-16 13:17:37 +02:00
André Peters 4acc82dbea Merge pull request #468 from mkuron/clientconfig4
Client configuration guide link
2017-09-16 13:11:54 +02:00
andryyy c63fb8b11a [Web] Init db fix for c_location 2017-09-15 07:55:23 +02:00
andryyy 762f18e913 [Clamd] Use Dockerds own init system 2017-09-14 23:13:24 +02:00
andryyy c75f16c97c [Web] Fix initial admin creation 2017-09-14 22:45:17 +02:00
andryyy 089e8776f5 [Postfix] Stricter TLS settings for mandatory connections 2017-09-14 13:34:23 +02:00
andryyy f0df390d12 [Nginx] Stricter TLS settings 2017-09-14 13:34:07 +02:00
andryyy 00e465a9a1 [Dovecot] Allow INBOX to be shared, sigh... fixes #594 2017-09-14 13:32:11 +02:00
marrco a2720cca83 Update mx_check.conf 2017-09-13 16:32:10 +02:00
54f6e50bb5 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2017-09-13 16:14:14 +02:00
andryyy 71070fbe86 [Web] Fix admin injection query 2017-09-12 22:48:12 +02:00
andryyy 998523bdfa [Web] Allow ratelimt per user, overrides domain tl 2017-09-12 20:57:54 +02:00
andryyy eeaa48a729 [PHP-FPM] Use valid user for mysqladmin ping
[SOGo] Use valid user for mysqladmin ping
2017-09-12 20:57:18 +02:00
marrco 1f9bafd578 Temporay fix to MX values
see https://github.com/mailcow/mailcow-dockerized/issues/576
2017-09-12 17:02:43 +02:00
andryyy 1ffed58956 [ACME] New version, better IPv4 detection 2017-09-11 21:51:17 +02:00
andryyy 2d0af3f486 [ACME] New version, better IPv4 detection 2017-09-11 21:49:22 +02:00
andryyy 92e6c9daae [Nginx] Fix SSL temp. 2017-09-11 17:37:25 +02:00
André Peters 013163bac9 Merge pull request #573 from cwildfoerster/serve-local-only
serve internet explorer js files too
2017-09-10 19:15:14 +02:00
Constantin Wildförster 82ed5e17b0
serve internet explorer js files too 2017-09-10 16:28:33 +02:00
Constantin Wildförster 65deb45f68
fixes #562 2017-09-10 16:11:55 +02:00
andryyy 3ab6fc21c6 [Web] Init user_acl after mailbox table 2017-09-10 13:48:53 +02:00
JOduMonT b2b9731020 a little bit of security
Hide the version of NGINX, block XSS and more...

inspired by : https://gist.github.com/plentz/6737338
2017-09-09 23:10:36 +07:00
André Peters 78c363b7a5 Merge pull request #565 from mkuron/softreject
Forwarding hosts: treat soft reject like greylist
2017-09-09 10:43:41 +02:00
Michael Kuron 3d9c161be1 Forwarding hosts: treat soft reject like greylist 2017-09-09 10:30:26 +02:00
andryyy ed4e8d301c Fix tabs 2017-09-08 18:41:02 +02:00
andryyy b8c4093702 [Web] Allow a spam score up to 2000, fixes #556 2017-09-07 20:20:36 +02:00
Tobias fcd0efc265 Change primary name of SSL certificate
Hostname as primary name for the SSL certificate, all other names will
be added as SAN
2017-09-03 19:41:47 +02:00
andryyy 1f90433429 [Dovecot, Postfix, SOGo] Fix redis log cleanup, fixes #542 2017-09-03 11:57:58 +02:00
andryyy 446907944a [Postfix] Fix missing ltrim 2017-09-01 23:40:23 +02:00
andryyy 008d500f4d [Compose, Dovecot] Fixed missing ltrim 2017-09-01 23:39:51 +02:00
andryyy 7351fcf1e3 [Compose, SOGo] New version, ltrim logs 2017-09-01 23:33:12 +02:00
andryyy 4d7bb26874 [Postfix] Add null rcpt for watchdog 2017-09-01 12:22:29 +02:00
andryyy 08d6b97ffa [Dovecot] New Dovecot and Pigeonhole versions; include delete2 option in imapsync 2017-08-31 10:36:10 +02:00
andryyy 4a0e3a433b [Fail2ban] Remove rule to detect disconnects without authentication 2017-08-30 22:27:33 +02:00
andryyy 3e741a0d9c [Web] Disable connectors in FooTable filter 2017-08-30 22:06:51 +02:00
andryyy cfd9316d74 Merge branch 'dev' of https://github.com/mailcow/mailcow-dockerized into dev 2017-08-30 21:43:45 +02:00
andryyy 9ebb9efeb1 [Web] Added Polish translation! Big thanks to Jan! 2017-08-30 21:43:35 +02:00
andryyy b1213c51d7 [Rspamd] Dynamic ratelimit fixed, removed async redis request; Ready to implement per-user ratelimits via UI (tbd) 2017-08-30 21:42:39 +02:00
André Peters 29acfe85db Merge pull request #536 from mkuron/patch-1
Rspamd user blacklist/whitelist improvements
2017-08-28 22:55:12 +02:00
Michael Kuron 8383ba5e9c Rspamd user settings: fix From header match
The request_header regex appears to not be expected to be encapsulated in slashes and does not seem to accept flags.
2017-08-28 20:27:53 +02:00
Michael Kuron fcd8cfa4f4 Rspamd user settings: don't print all email addresses of a domain
The ucl_rcpts function can already deal with domains, so lets use this capability.
2017-08-27 14:19:29 +02:00
Michael Kuron 93a092e627 Rspamd user settings: also match From header 2017-08-27 14:19:28 +02:00
Michael Kuron e178ca36de Rspamd user settings: make regexes case-insensitive
This is necessary because the user web UI normalizes to lowercase
2017-08-27 14:19:28 +02:00
andryyy 66ae588445 [Web] Started work on ACL, fix notifications 2017-08-18 22:18:14 +02:00
andryyy e47feeffd6 [Rspamd] Add custom directory for own files 2017-08-18 22:17:01 +02:00
andryyy 7a2c0f2ee7 [Acme] Skip backup mx domains 2017-08-18 09:57:25 +02:00
andryyy e5faee9037 [Nginx] Disable client_max_body_size 2017-08-09 10:17:32 +02:00
André Peters 92eefc1288 Merge pull request #486 from mkuron/patch-1
Disable ClamAV phishing filter
2017-08-02 15:54:16 +02:00
Michael Kuron dec64eef32 Disable ClamAV phishing filter
ClamAV has a phishing filter built in, but it generates too many false positives. We can disable it without risk because rspamd also checks for phishing itself.
2017-08-02 14:42:53 +02:00
andryyy 2eed7c05a1 [Dovecot] Push version, fix cronjob (fixes #310) 2017-08-01 14:02:00 +02:00
andryyy d85352fa9a [Dovecot] Use listescape 2017-07-31 12:41:18 +02:00
andryyy c7484434dd [Dovecot] Remove master.pid if not running; Check for active imapsync besides lock file; Reconnect MySQL connection in imapsync_cron.pl 2017-07-31 08:19:02 +02:00
andryyy 10b2ae09b9 [Web] Remove dev file 2017-07-30 21:40:40 +02:00
andryyy aabcf65c69 [Nginx] Set server_names_hash_bucket_size 64 2017-07-30 21:39:35 +02:00
andryyy 66e06a0c0c [Web] Sync jobs can be created/viewed/edited by admins/domain admins; Various fixes or improvements 2017-07-29 10:32:17 +02:00
andryyy 9be3aa3334 [Rspamd] Disable monitored 2017-07-27 09:03:44 +02:00
andryyy 3bd7383bca [Web] Add relay host testing tool 2017-07-26 23:11:43 +02:00
andryyy b4892f043f [Web] Edit relayhost 2017-07-26 23:11:08 +02:00
andryyy 45ef561ac0 [Web] Add default rcpt for relay testing tool to variables 2017-07-26 23:10:18 +02:00
andryyy 9bce8f0501 [Web] Fix session timeout 2017-07-26 23:09:50 +02:00
andryyy 5a49748dd5 [Web] Add graphs and stats to JSON api 2017-07-26 23:09:15 +02:00
andryyy 379933a333 [Web] Added PHPMailer for relayhost testing tool 2017-07-26 23:07:46 +02:00
andryyy 33bf9f5c5d [Rspamd] Push image version 1.5, Rspamd 1.6.3 2017-07-26 23:07:01 +02:00
andryyy 8da02378b1 [Rspamd] Use Nginx IP in settings map 2017-07-26 23:04:49 +02:00
andryyy 03c614f749 [Postfix] Use Nginx IP in whitelist_forwardinghosts.sh 2017-07-26 23:04:27 +02:00
andryyy b629089ff8 [SOGo] Rename reconf-domains to bootstrap-sogo and exec sogod after a successful bootstrap; Wait for SOGo to die and free listener 2017-07-24 23:25:04 +02:00
andryyy 5d5646df0c [Compose, SOGo] Update SOGo, give SOGo more time for a graceful restart, autorestart on any exit code 2017-07-24 22:53:23 +02:00
André Peters 0a6eef83bd Merge pull request #449 from mkuron/autoconfig
Autoconfig/Autodiscover unification
2017-07-24 12:58:53 +02:00
André Peters 1b719a8668 Update autoconfig.php 2017-07-24 12:37:02 +02:00
André Peters 27c169dbe1 Update mobileconfig.php 2017-07-24 12:35:56 +02:00
André Peters bfa2e83803 Add more help text, remove obsolete variable 2017-07-24 12:35:04 +02:00
André Peters b295bedf53 Update autoconfig.php 2017-07-24 12:28:48 +02:00
Phoenix Eve Aspacio e26563d51e Enable Fail2ban in Autodiscover 2017-07-23 21:27:18 +08:00
Michael Kuron 53d44ed18d Merge branch 'dev' into autoconfig 2017-07-23 10:12:03 +02:00
andryyy 83d485dd94 [Web, Postfix, Compose] Allow to add relayhosts per domain (+ plain and login authentication) 2017-07-22 20:39:54 +02:00
Michael Kuron 8fcaf407e6 Client configuration link 2017-07-22 12:37:39 +02:00
andryyy ed33cb5f57 [Rspamd] ARC: Disallow login/domain mismatch 2017-07-21 11:03:35 +02:00
andryyy f4db3a7a00 [Web] Allow multiple sync jobs with same username, fixes #464 2017-07-17 22:36:34 +02:00
andryyy 84ad579437 [Web] Initial ratelimit support, more API actions 2017-07-16 11:03:28 +02:00
andryyy 256c9d86dd [Rspamd] Initial custom ratelimit support 2017-07-13 12:55:14 +02:00
andryyy 5f5872f78b [Rspamd] Initial custom ratelimit support 2017-07-13 12:54:53 +02:00
andryyy e6727b1fd6 [ACME] Iterate alias domains, use hostname in subject field 2017-07-13 12:51:52 +02:00
andryyy 9e92c4a2ad [Dovecot] Do not keep persistent logs in a container 2017-07-11 17:09:31 +02:00
andryyy f8ae5158cb [Postfix] Do not keep persistent logs in a container 2017-07-11 17:09:20 +02:00
andryyy a31819fd6c [SOGo] Log to a pipe to not keep logs in a container 2017-07-11 17:08:06 +02:00
andryyy 08b99c8d74 [Dovecot] Add doveadm service 2017-07-10 21:30:45 +02:00
Michael Kuron 5abeb313ba Autoconfig harmonization
- use $autodiscover_config everywhere
- non-443 HTTPS ports in autoconfig etc.
- disabling POP service via SRV record
- fix display name in Outlook IMAP autodiscover
- allow multiple calls to TLSA generator and support Sieve STARTTLS
- iOS mobileconfig generator
2017-07-10 20:52:51 +02:00
andryyy c5d90b821a [Dovecot] Add extra.conf include to override Dovecot configuration changes 2017-07-10 09:19:12 +02:00
André Peters f37405d9fd Merge pull request #446 from mailcow/revert-444-dns
Revert "DNS diagnostics page"
2017-07-10 08:46:32 +02:00
André Peters beec3d47f7 Revert "Client configuration guides" 2017-07-10 08:46:20 +02:00
André Peters 4c1537c1c2 Revert "DNS diagnostics page" 2017-07-10 08:45:59 +02:00
André Peters c5acdd70fb Merge pull request #427 from mkuron/clientconfig2
Client configuration guides
2017-07-10 08:03:28 +02:00
André Peters b1dddd08e6 Merge pull request #444 from mkuron/dns
DNS diagnostics page
2017-07-10 07:53:29 +02:00
andryyy 51660589d4 [Rspamd] Push version 1.3 2017-07-09 22:28:36 +02:00
Michael Kuron c1a1f98ee5 DNS diagnostics page 2017-07-09 10:01:27 +02:00
andryyy fa2af1b286 [Web] Allow more bytes in concat queries, fixes #435 2017-07-06 17:34:51 +02:00
andryyy a324b1a385 [Rspamd] Fix DKIM siging (base64 hash line folding) 2017-07-06 15:57:33 +02:00
Michael Kuron 8946d69274 Fix merge conflict 2017-07-05 20:11:07 +02:00
andryyy 69da02c144 [Dovecot] Important fix for Pigeonhole (downgrade) 2017-07-05 19:13:07 +02:00
andryyy 7f47af1d60 Fix destination hash 2017-07-05 12:31:52 +02:00
andryyy 87cc5f54ff [Postfix] Fix redis log destination hash 2017-07-05 12:03:12 +02:00
andryyy 2fadfee61a [SOGo] Remove thunderbird plugin generation, will move to docs 2017-07-05 10:22:48 +02:00
andryyy de14d30e6b [ACME] Fix exit command (was using echo), fix for duplicate SAN (filter) 2017-07-04 21:32:58 +02:00
Michael Kuron b88190988e Autodiscover: Strip bind addresses off of port environment variables 2017-07-04 19:58:30 +02:00
andryyy dc463c3dda [Multiple] Push multiple logs to Redis channel for fail2ban-mailcow to read. Enables Fail2ban independently of used Docker logging driver. 2017-07-04 18:08:20 +02:00
andryyy ed11e7586e [Clamd] Add SKIP_CLAMD variable to disable Clamd start 2017-07-04 18:05:44 +02:00
andryyy a2f1c09a84 [Web] Style changes to DKIM import section, push login errors to Redis channel 2017-07-04 18:05:04 +02:00
andryyy ace247b3b9 [ACME] Unset name arrays before reusing them 2017-07-03 10:20:09 +02:00
andryyy d4311a806b Fix Rspamd logs date 2017-07-03 08:10:11 +02:00
andryyy 2cf9f71613 [ACME] Revert fix for empty additional_san, fix skip_ip_check in ACME 2017-07-02 20:18:22 +02:00
Michael Kuron 96ed94dedd Client configuration guides
- iOS mobileconfig generator
- non-443 HTTPS ports in autoconfig etc.
- disabling POP service via SRV record
- fix display name in Outlook IMAP autodiscover
- allow multiple calls to TLSA generator and support Sieve STARTTLS
2017-07-02 16:29:42 +02:00
andryyy 56a652fbf3 [Rspamd] Set error_reporting to 0 2017-07-02 11:25:14 +02:00
andryyy cf902854d7 Merge, conflict fixed 2017-07-02 11:22:35 +02:00
andryyy b7cb4ac9d5 [Fail2ban] Added more regex to match failed or disallowed logins to Dovecot, changed Mailcow to mailcow 2017-07-02 11:10:35 +02:00
andryyy afc8c93c07 [Rspamd] Cleanup settings map 2017-07-01 23:14:27 +02:00
andryyy 60ce236738 [Web] Language strings for DKIM import tool 2017-07-01 23:12:14 +02:00
andryyy 744784cb62 [UI] Initial: Import private keys for DKIM/ARC 2017-06-30 21:50:21 +02:00
andryyy ae5ce6568d [Dovecot] Dovecot 2.2.31, Pigeonhole 0.4.19 2017-06-30 20:30:30 +02:00
andryyy 5ab11c0c1e [ACME] Show err instead of empty var when IP lookup failed 2017-06-30 20:29:55 +02:00
andryyy d2048ccf20 [ACME] Be more verbose about IP address 2017-06-29 21:22:01 +02:00
andryyy a6b60aebb8 [Fai2ban] Added auto-detection for container names; Allow multiple rules for each container; log rule id and container on match 2017-06-29 11:30:14 +02:00
andryyy 372da9b557 [Web] Move Fail2ban function, add lang strings 2017-06-29 10:30:25 +02:00
andryyy 6c64ffbd49 [acme-mailcow] Auto-detect container ids for restart; Restart containers after restore 2017-06-29 10:29:56 +02:00
andryyy 9040d456ed [acme-mailcow] Auto-detect container ids for restart; Restart containers after restore 2017-06-29 10:25:32 +02:00
andryyy 3d652dd3d0 Added more checks for acme-mailcow 2017-06-29 00:56:51 +02:00
andryyy 6d8438c01c - More checks for acme-mailcow (verify hashes)
- Autodiscover configuration file: Merge array from vars.local.inc.php
- Push acme-mailcow to 1.6
2017-06-28 23:22:51 +02:00
andryyy 234baf1cb9 Readd 2017-06-28 18:59:15 +02:00
andryyy aa5b03dd99 Merge branch 'dev'
Conflicts:
	data/web/autodiscover.php
2017-06-28 18:57:22 +02:00
andryyy b0584c3622 Use , as IFS for additional san 2017-06-28 10:50:51 +02:00
andryyy f7bce8b81a Copy dhparams if not found 2017-06-27 20:15:53 +02:00
andryyy e9ea0712f2 Add SKIP_FAIL2BAN var 2017-06-27 10:26:48 +02:00
andryyy 433e0c8f9a Allow /0 to whitelist all, push f2b version in yml 2017-06-27 09:32:57 +02:00
andryyy a6677983af Merge branch 'dev' of https://github.com/mailcow/mailcow-dockerized into dev 2017-06-26 23:18:15 +02:00
andryyy b9ffcf2bf8 Add whitelist function to Fail2ban 2017-06-26 23:18:05 +02:00
andryyy 6cd44b4136 Remove old code 2017-06-26 23:17:46 +02:00
Phoenix Eve Aspacio 0488c9a250 Update edit.css 2017-06-26 07:34:41 +08:00
Phoenix Eve Aspacio 38c74e5e24 Update mailbox.css 2017-06-26 07:34:21 +08:00
Phoenix Eve Aspacio d4f4c0f0c9 Update user.css 2017-06-26 07:33:53 +08:00