Commit Graph

300 Commits (56538c4ef827624b5005543b6e0ec4a947971503)

Author SHA1 Message Date
André Peters 70c424caa2
[Web] Fix rejected mails not being quarantized properly if they are tagged 2019-03-12 11:26:33 +01:00
andryyy 1c3daedc39
[Rspamd] Remove headers var from dyn maps 2019-03-12 01:28:04 +01:00
Aaron Larisch 40a826a347 Fix rejected mails not being quarantized properly if they are tagged 2019-03-11 15:31:21 +01:00
andryyy 2443e956eb
[Rspamd] Remove buggy last-modified check 2019-03-08 12:43:05 +01:00
andryyy d124fa1d5b
[Rspamd] Check if filterconf table was changed and return Last-Modified accordingly 2019-03-07 11:44:38 +01:00
andryyy e04e15ed23
[Rspamd] Mime from and rcpt can now be checked by from_mime and rcpt_mime 2019-03-07 00:07:11 +01:00
andryyy c792bbcbab
[Rspamd] make upstream an object 2019-03-07 00:05:55 +01:00
andryyy bb065dbc22
[Rspamd] Add fuzzy worker with worker-fuzzy.inc 2019-03-06 15:14:25 +01:00
andryyy 6dc5318673
[Rspamd] Delete rspamd.conf.local 2019-03-06 15:08:18 +01:00
andryyy 108e808d06
[Rspamd] Reduce SOGO_CONTACT score to -99 2019-02-23 23:46:01 +01:00
andryyy 02b015a359
[Rspamd] Lower history nrows 2019-02-14 11:11:20 +01:00
andryyy 6f478ed2a3
[Rspamd] Set history lines to 10000 2019-02-05 00:02:56 +01:00
andryyy 8da54e5194
[Rspamd] Split global wl from to mime-from and smtp-from 2019-01-29 12:11:10 +01:00
andryyy d6efc2fcd3
[Rspamd] Fix metadata_exporter
[Web] Show subjet in quarantine
[Compose] Update Rspamd image
2019-01-17 22:00:18 +01:00
André Peters f3dfe346bf [Dovecot] Allow setting ACL_ANYONE in mailcow.conf 2019-01-16 19:08:19 +01:00
Aiko Appeldorn 4c176d3833 [rspamd] increased values for SPF, DKIM reject 2019-01-15 18:54:05 +01:00
andryyy 17222eac94
[Rspamd] Set max_size for AV
[Rspamd] Set higher/lower scores for local fuzzy matches
2019-01-13 23:02:09 +01:00
Michael Kuron 2b0065d5ab
Do not apply SOGO_CONTACT for hard SPF failures
Fixes #1983 more completely
2019-01-13 10:28:21 +01:00
andryyy 94d7952802
[Rspamd] Scan the whole message to be able to trigger Sanesecurity rules
[Rspamd] Increase add_header and greylist score
2019-01-08 13:00:56 +01:00
andryyy 2baf407331
[Rspamd] preg_quote filter objects, only translate * to .* - fixes #2152 2019-01-08 12:58:27 +01:00
andryyy ed763cd668 [Rspamd] Use meta exporter to pipe meta data of ratelimited msg to Redis 2018-12-15 21:23:42 +01:00
andryyy e7427eddf3 [Rspamd] Updated values of default ratelimit settings, add info_symbol 2018-12-15 21:22:59 +01:00
andryyy 3a39937baf [Rspamd] Do not apply SOGO_CONTACT for SPF fails and when sending from whitelisted host 2018-12-10 13:26:18 +01:00
andryyy e43c696204 [Rspamd] Remove SOGO_CONTACT for header from 2018-12-10 13:25:38 +01:00
andryyy 968f6f4157 [Rspamd] use boolean for one_shot, fixes #2066 2018-12-04 08:31:56 +01:00
andryyy e02c51b1d1 [Rspamd] Fix examples for global white/blacklist 2018-11-29 21:51:09 +01:00
root d445d7d2e7 [Web] Allow actions in quarantine modal, fixes #1991
[Web] Fixes for Source Sans Pro font
[Rspamd] Add global rcpt blacklist and whitelist
[Compose] New Rspamd image
2018-11-27 10:20:42 +01:00
andryyy f76c3ee7f3 [Dovecot] Unsupported examples for IMAP auth via LDAP
[Rspamd] Globel whitelist/blacklist from via multimap
2018-11-26 09:06:51 +01:00
andryyy 869e01a9a7 [Rspamd] Add fuzzy hash to msg 2018-11-12 09:57:25 +01:00
andryyy 4f7f493490 [Rspamd] Add SOGo contacts to whitelist 2018-11-12 09:56:54 +01:00
Michael Kuron 4ee546c04a
Reduce rspamd DNS timeout
Fixes #1957
2018-10-29 19:55:24 +01:00
andryyy f92b20c9ad [Rspamd] Change log level to silent (see docs) 2018-10-27 13:55:55 +02:00
andryyy 42fe16250b [Rspamd] Adjust default values for (perm) failures of DKIM and SPF 2018-10-26 20:04:41 +02:00
André Peters 68f2a1c5fc
[Rspamd] Properly close additional Rspamd maps 2018-10-19 11:12:58 +02:00
André 73b48fc13e [Rspamd] Remove deprecated attachments_only in AV module
[Rspamd] Remove old symbol score
2018-10-16 22:59:25 +02:00
André 32f7ae1d2e [Rspamd] Prefix quarantine error_log messages with "QUARANTINE"
[Rspamd] Fix quarantine max size check (it was ignored)
2018-10-11 11:55:52 +02:00
André a054182246 [Rspamd] Add desc to high spam networks 2018-09-30 18:56:35 +02:00
André b008211f52 [Rspamd] Controller password placeholder 2018-09-30 09:55:50 +02:00
André 8439daea7e [Rspamd] Revert adding worker-controller-password... 2018-09-30 09:54:19 +02:00
André 4396be2938 [Rspamd] Place socket in _rspamd home and fix permissions
[Compose] Remove volume for Rspamd socket
[Web] Do not exit loop on fuzzy errors when learning a message as spam
2018-09-30 09:53:25 +02:00
André 73b10350d0 [Rspamd] Ignore sa-rules-heinlein file, remove from index 2018-09-29 22:03:48 +02:00
André 0fb43f4916 [Docker API] Use TLS encryption for communication with "on-the-fly" created key paris (non-exposed)
[Docker API] Create pipe to pass Rspamd UI worker password
[Dovecot] Pull Spamassassin ruleset to be read by Rspamd (MANY THANKS to Peer Heinlein!)
[Dovecot] Garbage collector for deleted maildirs (set keep time via MAILDIR_GC_TIME which defaults to 1440 minutes)
[Web] Flush memcached after mailbox item changes, fixes #1808
[Web] Fix duplicate IDs, fixes #1792
[Compose] Use SQL sockets
[PHP-FPM] Update APCu and Redis libs
[Dovecot] Encrypt maildir with global key pair in crypt-vol-1 (BACKUP!), also fixes #1791
[Web] Fix deletion of spam aliases
[Helper] Add "crypt" to backup script
[Helper] Override file for external SQL socket (not supported!)
[Compose] New images for Rspamd, PHP-FPM, SOGo, Dovecot, Docker API, Watchdog, ACME, Postfix
2018-09-29 22:01:23 +02:00
André c7cef3241f [Rspamd] Controller worker count == 1, fixes #1716 2018-09-12 20:32:59 +02:00
André 1b5409f3fa [Rspamd] Check if ip is valid (KEEP_SPAM symbol), fixes #1759 2018-09-12 15:50:42 +02:00
André 1499094b61 [PHP-FPM] Increase PHP memory limit for "web" to 512M
[Helper] Nextcloud 14
[Rspamd] Fix KEEP_SPAM lua script: skip check if ip is false
2018-09-11 19:35:21 +02:00
André afc18fd469 [Rspamd] Update bad asn, move KEEP_SPAM to a custom lua function 2018-09-09 09:47:47 +02:00
André b007975a04 [Rspamd] Rename -disable_monitored > disable_monitoring 2018-08-03 11:56:39 +02:00
André 59c4cc054e [Rspamd] Deactivate neural but use a more aggressive learning method (no autolearn) 2018-07-29 23:03:49 +02:00
André d8f86ae488 [Rspamd] Add local fuzzy worker 2018-07-29 00:34:36 +02:00
André e2ed2eab53 [Rspamd] Remove per_user settings as they were pretty much useless, some minor changes to bayes" 2018-07-25 01:06:12 +02:00
André a83adc4d31 [Rspamd] Remove unused user_keywords and dynamic_rates from ratelimit module 2018-07-15 12:02:37 +02:00
André 882ee5fee6 [Rspamd] Re-use fixed new ratelimit 2018-07-15 12:01:28 +02:00
André 353af8e3a4 [Rspamd] Set start and end to rcpt matching regex 2018-07-12 23:18:49 +02:00
André 37fbce855e [Rspamd] Remove autolearn from Rspamd 2018-07-03 23:24:11 +02:00
André d6a74e82e3 [ACME] Fix for CNAME response on AAAA dig request 2018-06-28 20:41:44 +02:00
André 9dc250c9f2 [Rspamd] Important fix for settings map 2018-06-28 11:48:23 +02:00
André b8973648ff [Rspamd] Disable default authenticated user ratelimit 2018-06-24 11:40:31 +02:00
André 8bb24a9866 [Rspamd] Load additional settings defined in web ui 2018-06-23 23:48:06 +02:00
André 27d3388579 [Rspamd] Remove antivirus debugging 2018-06-10 14:30:30 +02:00
André 777e469958 [ClamAV] Remove deprecated AllowSupplementaryGroups 2018-05-30 20:28:23 +02:00
André 1b35376252 [Rspamd] Remove score for CTYPE_MIXED_BOGUS and ARC_REJECT, increase DNS timeout 2018-05-30 18:40:43 +02:00
Michael Kuron ea84004410
[rspamd] fix redis multimaps in version 1.7.5
The key's value was being used as symbol name instead of the symbol name defined in the config file
2018-05-25 18:58:37 +02:00
André 1f7a5d586c [Rspamd] Remove IP, fixes #1400 2018-05-19 00:14:30 +02:00
André 8ff4eb8076 [Rspamd] Slight changes to neural plugin 2018-05-18 21:39:25 +02:00
André 7a5d3af80b [Rspamd] Slight changes to neural 2018-05-17 11:15:46 +02:00
André 5e2d19ac62 [Rspamd] Add neural module and define its scores 2018-05-16 21:26:05 +02:00
André d167ade957 [Rspamd] Remove explict redis servers from statistic, add a name 2018-05-16 21:25:55 +02:00
André 7f72e44dac [Rspamd] Move symbols to corresponding groups 2018-05-11 10:40:26 +02:00
André 4c31adaa82 [Rspamd] Ratelimit: fix attempt to index a nil value when no authenticated user is found in a message 2018-05-01 22:44:03 +02:00
André 7181ee4658 [Rspamd] Apply ratelimit against authenticated user instead of envelope from
[PHP-FPM] Create PHP-FPM listeners 9001 (system) and 9002 (web), drop 9000
[Rspamd] Parse quarantine messages as utf8
[Rspamd] Use new schema for Rspamd bayes hashes and expire them in Redis
[SOGo] Change default logo
[SOGo] Use different keyserver by default in Dockerfile
[Rspamd] Add bad ASN list (disabled by default)
[Watchdog] Change the way we check PHP-FPM, change SOGo check
[Nginx] Change ports according to new PHP-FPM listeners
[Update] Fix PHP-FPM ports for existing non-mailcow Nginx sites
2018-04-26 13:56:07 +02:00
Michael Kuron ea3502f2a1
rspamd: Fix NO_LOG_STAT for everycloud monitoring 2018-04-02 19:26:15 +02:00
André Peters f3896195d4
Update worker-controller-password.inc 2018-02-22 09:19:01 +01:00
André Peters eb4dd632ae [Web] Fix autodiscover triggering fail2ban implementation, fixes #1069 2018-02-22 09:16:16 +01:00
André Peters 5030ce7547 [Web] More and more fixes for #1017 2018-02-11 15:59:35 +01:00
André Peters 07a05b9363 [Rspamd] Enable more modules 2018-02-09 10:32:42 +01:00
André Peters 557fa4385c [Rspamd] Also listen on socket for internal communication 2018-02-08 22:55:34 +01:00
André Peters a50036477e [Web] Mind was set to french, reverting to english 2018-02-08 20:13:36 +01:00
andre.peters 36cb6d288d [Rspamd] Fix IPv6 subnet 2018-02-01 13:36:24 +01:00
andre.peters c7729f195b [Rspamd] Fixes #960 2018-01-26 18:56:19 +01:00
andre.peters 7149350973 [Rspamd] Allow internal IPv6 networks 2018-01-24 08:37:49 +01:00
andre.peters 83a21259f7 [Rspamd] Use names instead of IPs 2018-01-21 15:00:05 +01:00
André Peters 5648ec6d39
Merge pull request #915 from tiirex9/master
Adds 'do nothing' as default for sub-addressing
2018-01-18 10:27:14 +01:00
andre.peters 003e6ef5cd [Web] Important fixes for quarantaine; other minor changes 2018-01-17 15:22:11 +01:00
andre.peters 0019502069 [Rspamd] Increase spam scores for SPF failures 2018-01-16 21:02:45 +01:00
andre.peters c6bcf322ff [Rspamd] Force-add metadata_exporter 2018-01-16 18:58:29 +01:00
Tii d58b89528f rspamd multimap redis stuff doesn't work as expected... 2018-01-16 16:31:37 +01:00
Tii 2291bdbeed Added 'do nothing' option as default for sub-addressing 2018-01-16 13:13:04 +01:00
Tii cd2c242540 Added 'do nothing' option as default for sub-addressing 2018-01-16 12:47:59 +01:00
andre.peters 5fd3d986c7 [Rspamd] Fix settings map regex 2018-01-16 12:42:09 +01:00
andre.peters 868abc15bd [Rspamd] Fix worker-controller-password placeholder 2018-01-02 18:15:33 +01:00
andre.peters d71b6f0ad1 Add placeholder for Rspamd controller password written via UI 2017-12-11 09:41:29 +01:00
andre.peters 873222d5f8 [Rspamd] Remove DKIM forced action, move ratelimit lua, add meta exporter 2017-12-09 09:08:23 +01:00
André c2d9928f8f [Rspamd] Set task timeout to 12s 2017-11-10 19:58:56 +01:00
André b16684ce20 [Rspamd] Slightly reduce map watch interval 2017-11-03 20:26:36 +01:00
André 1e9bc49f2c [Rspamd] Echo dummy for fowardingshosts map; Use higher map reading interval;
[Dockerapi] Exit on sigterm;
[Watchdog] Wait for dockerapi-mailcow to be online
2017-10-27 11:22:39 +02:00
André 083174a9bd [Rspamd] Do not try to index nil value 2017-10-26 22:25:13 +02:00
André 4156b4cdf8 [Rspamd] Disable spoofed sender check 2017-10-26 10:29:13 +02:00
André 988978b351 [Rspamd] Remove log helper and disable fann redis 2017-10-25 20:55:11 +02:00
André f7cd7cc123 [Rspamd] Redis history is enabled by default 2017-10-21 10:09:53 +02:00
Michael Kuron a4ccd780c6 rspamd: disable greylisting for forwarding hosts 2017-10-14 16:40:44 +02:00
andryyy fc18d153cd [Compose, DockerAPI, Web, Watchdog] Watchdog may send notification mails (todo: docs), DockerAPI via Flesk for limited access 2017-10-05 23:38:33 +02:00
andryyy 073c6c6e73 [Postfix/Rspamd] Do not reject unauthenticated sender mismatches but rewrite their subject and assign symbol SPOOFED_SENDER with score 1.0 2017-10-04 23:16:39 +02:00
andryyy f257ed92f5 [Rspamd] Add missing ratelimit.conf 2017-09-21 22:21:11 +02:00
andryyy fd3b2e5f16 [Rspamd] Changes to ignore watchdog checks 2017-09-21 19:25:17 +02:00
Michael Kuron a411a357b9 rspamd: exclude Mail Flow monitoring from logs and stats 2017-09-20 15:21:02 +02:00
andryyy a8fb1d3f4f Add experimental watchdog 2017-09-20 10:56:49 +02:00
Michael Kuron e4f13568d1 Rspamd user settings: fix matching From header 2017-09-16 18:46:28 +02:00
André Peters 78c363b7a5 Merge pull request #565 from mkuron/softreject
Forwarding hosts: treat soft reject like greylist
2017-09-09 10:43:41 +02:00
Michael Kuron 3d9c161be1 Forwarding hosts: treat soft reject like greylist 2017-09-09 10:30:26 +02:00
andryyy cfd9316d74 Merge branch 'dev' of https://github.com/mailcow/mailcow-dockerized into dev 2017-08-30 21:43:45 +02:00
andryyy b1213c51d7 [Rspamd] Dynamic ratelimit fixed, removed async redis request; Ready to implement per-user ratelimits via UI (tbd) 2017-08-30 21:42:39 +02:00
André Peters 29acfe85db Merge pull request #536 from mkuron/patch-1
Rspamd user blacklist/whitelist improvements
2017-08-28 22:55:12 +02:00
Michael Kuron 8383ba5e9c Rspamd user settings: fix From header match
The request_header regex appears to not be expected to be encapsulated in slashes and does not seem to accept flags.
2017-08-28 20:27:53 +02:00
Michael Kuron fcd8cfa4f4 Rspamd user settings: don't print all email addresses of a domain
The ucl_rcpts function can already deal with domains, so lets use this capability.
2017-08-27 14:19:29 +02:00
Michael Kuron 93a092e627 Rspamd user settings: also match From header 2017-08-27 14:19:28 +02:00
Michael Kuron e178ca36de Rspamd user settings: make regexes case-insensitive
This is necessary because the user web UI normalizes to lowercase
2017-08-27 14:19:28 +02:00
andryyy e47feeffd6 [Rspamd] Add custom directory for own files 2017-08-18 22:17:01 +02:00
andryyy 9be3aa3334 [Rspamd] Disable monitored 2017-07-27 09:03:44 +02:00
andryyy ed33cb5f57 [Rspamd] ARC: Disallow login/domain mismatch 2017-07-21 11:03:35 +02:00
andryyy 256c9d86dd [Rspamd] Initial custom ratelimit support 2017-07-13 12:55:14 +02:00
andryyy 56a652fbf3 [Rspamd] Set error_reporting to 0 2017-07-02 11:25:14 +02:00
andryyy afc8c93c07 [Rspamd] Cleanup settings map 2017-07-01 23:14:27 +02:00
andryyy 6cd44b4136 Remove old code 2017-06-26 23:17:46 +02:00
andryyy 3be99d7f89 Set IPv6 network as secure_ip range in Rspamd 2017-06-24 22:07:26 +02:00
andryyy 578011c78c Move milter config, increase timeout for DNS 2017-06-21 10:18:52 +02:00
andryyy 44197c410e Do not add milter headers for authenticated users 2017-06-13 07:41:00 +02:00
André Peters 329ac40d95 Merge pull request #332 from mkuron/symlink
Replace symlink to PHP script
2017-06-08 20:57:51 +02:00
andryyy a41cafac3e Switch to Rspamds milter interface 2017-06-06 22:00:34 +02:00
Michael Kuron 062abb0ca7 Replace symlink to PHP script 2017-06-04 13:31:35 +02:00
andryyy 55071805f3 Execute after rmilter_headers (prio 10) 2017-05-29 21:53:47 +02:00
andryyy d33399b3cb Fix mismatch in env and from mime header when signing mail 2017-05-29 21:49:01 +02:00
andryyy fd92283fb8 Add missing ; 2017-05-24 10:03:06 +02:00
andryyy 466b8137e5 Add log_helper to Rspamd, add IPv6 for http maps in Nginx, make Bind listen on v6 and add acl for internal network 2017-05-23 22:23:34 +02:00
andryyy 21714bd054 Remove obsolete map 2017-05-23 21:50:33 +02:00
andryyy f3a1d81347 Rate extensions 2017-05-23 21:50:05 +02:00
andryyy e99db685e5 Change map watch interval, remove Mraptor 2017-05-20 14:28:05 +02:00
Michael Kuron 759f21ac6b Consistent symbol names for forwarding hosts
multimap.conf and force_actions weren't using the same name
2017-05-09 07:29:43 +02:00
andryyy d64ed65575 Add multimap and forced actions for forwarded_hosts, removed from settings 2017-05-08 23:09:21 +02:00
André Peters 5861bec0c3 Merge pull request #256 from mkuron/forwardinghosts
Optionally enable spam filter for forwarding hosts
2017-05-08 19:00:42 +02:00
andryyy cdf7c87e20 Deleted two http maps, replaced by redis multimaps, much better tag system 2017-05-08 15:39:33 +02:00
Michael Kuron ae6d7d63fc Optionally enable spam filter for forwarding hosts 2017-05-07 08:50:28 +02:00
andryyy ecda4fb1d1 Change whitelist for forwarding hosts 2017-05-06 23:41:58 +02:00
andryyy b3a161f930 Keep format 2017-05-06 08:09:40 +02:00
andryyy 1501df6e42 Use Redis for DKIM keys, define any selector, auto-merge old keys to Redis and fallback to files 2017-05-05 10:35:27 +02:00
andryyy e3f9839410 Do not use sld for DKIM signing 2017-05-04 19:12:21 +02:00
andryyy fd84b2ffa9 Change DKIM to new method, add clamav forced action when virus is found" 2017-04-25 20:32:36 +02:00
Michael Kuron f3fad4e7a2 Remove rspamd size limit
This ensures that the spam and antivirus filters cannot be evaded by making the message large enough.
Rspamd does not need a size limit on its own (e.g. for DoS protection) as Postfix already has a size limit (message_size_limit).
2017-04-24 19:49:41 +02:00
Michael Kuron affa52edcf Forwarding hosts: don’t add configuration if none are defined 2017-04-22 18:34:49 +02:00
Michael Kuron 08612f0aef Merge remote-tracking branch 'origin/dev' into forwardinghosts 2017-04-22 18:13:58 +02:00
Michael Kuron 894d6234e9 Improvements to forwarding hosts in Postfix
- No more premature EOF and no more leaking of bash processes
- Log result
- Correctly treat non-CIDR entries
- Adapt to schema change from df71e97
- Correctly report SQL failure
2017-04-22 14:28:51 +02:00