Commit Graph

4807 Commits (47b57df3a2ada6cd3d8549ac2610bf823ca64663)

Author SHA1 Message Date
andryyy fcbcc117d2
[Netfilter] Detect SOGo 403
[Compose] Update Netfilter
2019-02-28 20:22:16 +01:00
André Peters 6dcb1af1b0
Merge pull request #2373 from mhofer117/allow-admin-email-login
always check basic auth against user database for EAS and SOGo if ALLOW_ADMIN_EMAIL_LOGIN is enabled
2019-02-28 09:00:14 +01:00
Marcel Hofer 965577c5d8 fix path check 2019-02-27 23:16:23 +01:00
Marcel Hofer fa80d66d6c match EAS and SOGO/dav case insensitive 2019-02-27 23:14:30 +01:00
Marcel Hofer a110378000 always check basic auth against user database for EAS and SOGo if ALLOW_ADMIN_EMAIL_LOGIN is enabled 2019-02-27 23:06:19 +01:00
Marcel 769ddb9ad4
Merge pull request #2 from mailcow/admin-login
rebase
2019-02-27 20:41:03 +01:00
andryyy 38911034c3
Don't break DAV 2019-02-26 22:13:37 +01:00
André Peters 5cef6b92be
Merge pull request #2368 from mhofer117/allow-admin-email-login
Security Fix/Extension for #2360 - Allow Admin Login
2019-02-26 21:38:13 +01:00
andryyy ae512018a8
[Postfix] Remove sasl requiring policies from port 25 2019-02-26 21:37:08 +01:00
Marcel Hofer e2f39df7d8 remove obsolete code, use openssl instead of `cat /dev/urandom` 2019-02-26 20:44:53 +01:00
andryyy 97adcbe5f8
[Web] Strip < and > from start/end of full name 2019-02-26 09:23:16 +01:00
Marcel Hofer 9f3b79b361 ignore sogo master pass file 2019-02-26 09:03:21 +01:00
Marcel Hofer dd6d253ac0 add random masterpass for sogo admin login
add required headers for sogo proxy auth with password
add SOGoEncryptionKey
add SOGoTrustProxyAuthentication only conditionally if feature is enabled
2019-02-26 09:02:35 +01:00
Marcel 937cdadd36
Merge pull request #1 from mailcow/admin-login
rebase
2019-02-26 08:42:32 +01:00
andryyy b0584b7699
[Dovecot] Remove vacation-seconds from global-only 2019-02-25 10:22:00 +01:00
andryyy 57312ad605
[Compose] Add ALLOW_ADMIN_EMAIL_LOGIN to sogo-mailcow to trigger bootstrap on change
[Compose] Static IPv4 for Dovecot
[SOGo] Remove SOGoIMAPServer from sogo.conf
[SOGo] Add SOGoIMAPServer to bootstrap process
[Nginx] Disallow editAccount for other accounts than 0 (own)
2019-02-25 00:00:32 +01:00
André Peters 298a8d24e9
Merge pull request #2360 from mhofer117/allow-admin-email-login
Allow admins to login as email user (without any password)
2019-02-24 18:49:13 +01:00
André Peters 4482aee747
Update sogo-auth.php 2019-02-24 00:15:09 +01:00
andryyy 108e808d06
[Rspamd] Reduce SOGO_CONTACT score to -99 2019-02-23 23:46:01 +01:00
André Peters 9a9079baa5
Update sogo.auth_request.template.sh 2019-02-23 22:29:14 +01:00
André Peters 88fbc6bf16
Update sogo-auth.php
Consistency again. :)

I moved the prerequisites require_once to the top, ok?
2019-02-23 22:26:41 +01:00
André Peters 0c8f217f49
Update sogo.auth_request.template.sh
Don't want to split hairs! Just consistency. :)
2019-02-23 22:20:09 +01:00
Marcel Hofer cac67db203 add config ALLOW_ADMIN_EMAIL_LOGIN and implement password-less SOGo login admins 2019-02-23 17:59:18 +01:00
andryyy db17a304b0
[ClamAV] Create directory before handling whitelist 2019-02-23 10:34:16 +01:00
andryyy 354ecd727c
[ClamAV] More checks and permission fixes 2019-02-23 10:27:13 +01:00
andryyy fe9b9f5dfa
[ClamAV] Set permission recursively
[Compose] Updaet ClamAV image
2019-02-23 10:21:13 +01:00
andryyy 9213d65c85 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2019-02-22 18:25:48 +01:00
andryyy 28a3f5ca8c
[Dovecot] Add flags and notify to sieve_extensions 2019-02-22 18:25:35 +01:00
andryyy c987e5c3bc
[Compose] Update SOGo image (v4.0.6.20190222-1) 2019-02-22 10:52:46 +01:00
andryyy 1092d98499
[Dovecot] Enable sieve vacation seconds not just for global scripts 2019-02-22 10:52:18 +01:00
André Peters cfa44a2014
Merge pull request #2355 from gummipunkt/patch-2
Update lang.de.php
2019-02-21 23:28:28 +01:00
gummipunkt 4e4ed9c1aa
Update lang.de.php 2019-02-21 21:58:03 +01:00
andryyy fe6567a3c8
[Compose] New watchdog image
[Watchdog] Use ipv6nat-mailcow instead of ipv6nat
2019-02-19 22:25:28 +01:00
andryyy 52eb6e48f2
[Compose] New Dovecot image
[Dovecot] Fix very stupid error in quarantine_notify.py - thanks to @DevTek314
2019-02-19 15:02:18 +01:00
andryyy 30153f29cc
[Web] Changes to user interface (using tabs now) 2019-02-15 20:20:14 +01:00
andryyy 63752fe0f2
[Solr] Changes to schema - field types are updated 2019-02-15 20:19:50 +01:00
andryyy 11bc02bf29
[Compose] New Solr image 2019-02-15 20:19:16 +01:00
Joshua Hesketh 1355e993dd
Fix building solr
I kept hitting an error when building solr `/bin/sh: /docker-entrypoint.sh: Text file busy`, this is caused where the script is attempted to be ran before the previous `chmod` command has properly sync'd to disk. Adding in a sync fixes this trouble for me.
2019-02-15 17:04:53 +11:00
André Peters 4d7f2618ad
Merge pull request #2329 from vain90/master
Move unset https_port after include of vars local inc
2019-02-14 23:12:09 +01:00
vain90 d7aaa67e2e
Move unset https_port after include of vars local inc 2019-02-14 23:10:46 +01:00
andryyy a58fcff1a0 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2019-02-14 11:11:27 +01:00
andryyy 02b015a359
[Rspamd] Lower history nrows 2019-02-14 11:11:20 +01:00
André Peters 870fee4528
Merge pull request #2325 from extremeshok/patch-15
added information about server/vm specs
2019-02-14 11:09:55 +01:00
andryyy 32994a41ea Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2019-02-14 10:54:16 +01:00
andryyy 8883ddc08c
[Assets] Fix Nextcloud site 2019-02-14 10:54:06 +01:00
eXtremeSHOK aef19e2a46
added information about server/vm specs 2019-02-14 09:40:59 +02:00
André Peters 343e5e2cb1
[Web] Update lang.nl.php 2019-02-13 21:03:29 +01:00
André Peters 728bc21815
[ClamAV] Set AlertOLE2Macros to no 2019-02-13 21:03:02 +01:00
eXtremeSHOK 260421448d
Update clamd.conf
AlertOLE2Macros, default should be set to NO

With this option enabled OLE2 files containing VBA macros, which were NOT detected by signatures will be marked as "Heuristics.OLE2.ContainsMacros".

This causes most microsoft office document files which contains macros to be blocked. Majority of corporate documents mailed contain macros. When the option is set to NO, emails are still checked for known malicious macros.

Due to any message failing clamav being set to a 2000 score, this causes all legitimate emails with harmless macros to be blocked.

The default for debian/ubuntu is to set this to NO
cPanel, iredmail, etc all have this option set to NO
2019-02-13 09:50:29 +02:00
andryyy 54dfb5c450 [Web] Unset https_port after vars local inc
[Compose] New Dovecot image
2019-02-12 19:01:37 +01:00