andryyy
92e6c9daae
[Nginx] Fix SSL temp.
2017-09-11 17:37:25 +02:00
JOduMonT
b2b9731020
a little bit of security
...
Hide the version of NGINX, block XSS and more...
inspired by : https://gist.github.com/plentz/6737338
2017-09-09 23:10:36 +07:00
André Peters
78c363b7a5
Merge pull request #565 from mkuron/softreject
...
Forwarding hosts: treat soft reject like greylist
2017-09-09 10:43:41 +02:00
Michael Kuron
3d9c161be1
Forwarding hosts: treat soft reject like greylist
2017-09-09 10:30:26 +02:00
andryyy
cfd9316d74
Merge branch 'dev' of https://github.com/mailcow/mailcow-dockerized into dev
2017-08-30 21:43:45 +02:00
andryyy
b1213c51d7
[Rspamd] Dynamic ratelimit fixed, removed async redis request; Ready to implement per-user ratelimits via UI (tbd)
2017-08-30 21:42:39 +02:00
André Peters
29acfe85db
Merge pull request #536 from mkuron/patch-1
...
Rspamd user blacklist/whitelist improvements
2017-08-28 22:55:12 +02:00
Michael Kuron
8383ba5e9c
Rspamd user settings: fix From header match
...
The request_header regex appears to not be expected to be encapsulated in slashes and does not seem to accept flags.
2017-08-28 20:27:53 +02:00
Michael Kuron
fcd8cfa4f4
Rspamd user settings: don't print all email addresses of a domain
...
The ucl_rcpts function can already deal with domains, so lets use this capability.
2017-08-27 14:19:29 +02:00
Michael Kuron
93a092e627
Rspamd user settings: also match From header
2017-08-27 14:19:28 +02:00
Michael Kuron
e178ca36de
Rspamd user settings: make regexes case-insensitive
...
This is necessary because the user web UI normalizes to lowercase
2017-08-27 14:19:28 +02:00
andryyy
e47feeffd6
[Rspamd] Add custom directory for own files
2017-08-18 22:17:01 +02:00
andryyy
e5faee9037
[Nginx] Disable client_max_body_size
2017-08-09 10:17:32 +02:00
andryyy
d85352fa9a
[Dovecot] Use listescape
2017-07-31 12:41:18 +02:00
andryyy
aabcf65c69
[Nginx] Set server_names_hash_bucket_size 64
2017-07-30 21:39:35 +02:00
andryyy
9be3aa3334
[Rspamd] Disable monitored
2017-07-27 09:03:44 +02:00
andryyy
83d485dd94
[Web, Postfix, Compose] Allow to add relayhosts per domain (+ plain and login authentication)
2017-07-22 20:39:54 +02:00
andryyy
ed33cb5f57
[Rspamd] ARC: Disallow login/domain mismatch
2017-07-21 11:03:35 +02:00
andryyy
256c9d86dd
[Rspamd] Initial custom ratelimit support
2017-07-13 12:55:14 +02:00
andryyy
a31819fd6c
[SOGo] Log to a pipe to not keep logs in a container
2017-07-11 17:08:06 +02:00
andryyy
08b99c8d74
[Dovecot] Add doveadm service
2017-07-10 21:30:45 +02:00
andryyy
c5d90b821a
[Dovecot] Add extra.conf include to override Dovecot configuration changes
2017-07-10 09:19:12 +02:00
andryyy
56a652fbf3
[Rspamd] Set error_reporting to 0
2017-07-02 11:25:14 +02:00
andryyy
afc8c93c07
[Rspamd] Cleanup settings map
2017-07-01 23:14:27 +02:00
andryyy
6cd44b4136
Remove old code
2017-06-26 23:17:46 +02:00
andryyy
cbb4f51a9d
Fix Junk-E-Mail folder name
2017-06-25 11:32:21 +02:00
andryyy
3be99d7f89
Set IPv6 network as secure_ip range in Rspamd
2017-06-24 22:07:26 +02:00
andryyy
578011c78c
Move milter config, increase timeout for DNS
2017-06-21 10:18:52 +02:00
andryyy
036c51f053
Prefere ipv4 to fix problems on v4-only envs
2017-06-19 10:39:14 +02:00
andryyy
2a845a0d21
Less verbose
2017-06-18 20:57:54 +02:00
andryyy
9117c499ef
Do not break DNS replies....
2017-06-18 20:57:26 +02:00
andryyy
6fa19a37d8
Unbound changes
2017-06-18 20:23:26 +02:00
andryyy
ba3fc47d5f
Fix autodiscover, thanks to K2rool!
2017-06-15 23:03:10 +02:00
James Smith
bcdbbf0102
Make autodiscover case insensitive
2017-06-14 23:42:42 +01:00
andryyy
83cb686e33
Fix fix for Apple dav....
2017-06-14 23:17:31 +02:00
andryyy
495bf05fb8
Fix for Apple autoconfiguration (dav)
2017-06-14 23:14:41 +02:00
andryyy
e99fa9433e
Fix dav url detection for apple
2017-06-14 23:10:50 +02:00
andryyy
44197c410e
Do not add milter headers for authenticated users
2017-06-13 07:41:00 +02:00
André Peters
329ac40d95
Merge pull request #332 from mkuron/symlink
...
Replace symlink to PHP script
2017-06-08 20:57:51 +02:00
andryyy
663ea7815c
Use new milter interface
2017-06-06 22:01:41 +02:00
andryyy
a41cafac3e
Switch to Rspamds milter interface
2017-06-06 22:00:34 +02:00
andryyy
c9318ecf83
Switch to Rspamds milter interface
2017-06-06 21:59:44 +02:00
andryyy
e15795e112
Enable http2
2017-06-06 21:59:27 +02:00
Michael Kuron
062abb0ca7
Replace symlink to PHP script
2017-06-04 13:31:35 +02:00
andryyy
55071805f3
Execute after rmilter_headers (prio 10)
2017-05-29 21:53:47 +02:00
andryyy
d33399b3cb
Fix mismatch in env and from mime header when signing mail
2017-05-29 21:49:01 +02:00
andryyy
e159eb7522
Fix listener
2017-05-29 21:48:41 +02:00
Michael Kuron
eb9217a8b8
SOGo UI: per-user authentication failure rate-limiting
2017-05-28 16:02:34 +02:00
André Peters
fb6893f664
Add IPv6
2017-05-28 11:14:43 +02:00
andryyy
813207c694
Listen on internal IPv6
2017-05-25 10:59:57 +02:00
andryyy
fd92283fb8
Add missing ;
2017-05-24 10:03:06 +02:00
andryyy
258a8ee6e9
Add IPv6 listener to Nginx, fixes IO error in Rspamd logs
2017-05-23 22:24:30 +02:00
andryyy
466b8137e5
Add log_helper to Rspamd, add IPv6 for http maps in Nginx, make Bind listen on v6 and add acl for internal network
2017-05-23 22:23:34 +02:00
andryyy
21714bd054
Remove obsolete map
2017-05-23 21:50:33 +02:00
andryyy
f3a1d81347
Rate extensions
2017-05-23 21:50:05 +02:00
andryyy
e99db685e5
Change map watch interval, remove Mraptor
2017-05-20 14:28:05 +02:00
andryyy
9965ff10a7
Fix mynetworks: Add mailcow ipv6 network
2017-05-17 22:38:59 +02:00
andryyy
63324b0de8
Fix mynetworks: Add mailcow ipv6 network
2017-05-17 22:38:11 +02:00
Michael Kuron
759f21ac6b
Consistent symbol names for forwarding hosts
...
multimap.conf and force_actions weren't using the same name
2017-05-09 07:29:43 +02:00
andryyy
d64ed65575
Add multimap and forced actions for forwarded_hosts, removed from settings
2017-05-08 23:09:21 +02:00
André Peters
5861bec0c3
Merge pull request #256 from mkuron/forwardinghosts
...
Optionally enable spam filter for forwarding hosts
2017-05-08 19:00:42 +02:00
andryyy
cdf7c87e20
Deleted two http maps, replaced by redis multimaps, much better tag system
2017-05-08 15:39:33 +02:00
Michael Kuron
7efc720d47
Merge remote-tracking branch 'origin/dev' into forwardinghosts
2017-05-08 07:39:30 +02:00
andryyy
aa98d86feb
Sieve rule for tags changed
2017-05-08 00:27:16 +02:00
Michael Kuron
ae6d7d63fc
Optionally enable spam filter for forwarding hosts
2017-05-07 08:50:28 +02:00
andryyy
fa3a47fde5
Log to syslog
2017-05-06 23:42:07 +02:00
andryyy
ecda4fb1d1
Change whitelist for forwarding hosts
2017-05-06 23:41:58 +02:00
andryyy
b3a161f930
Keep format
2017-05-06 08:09:40 +02:00
andryyy
1501df6e42
Use Redis for DKIM keys, define any selector, auto-merge old keys to Redis and fallback to files
2017-05-05 10:35:27 +02:00
andryyy
e3f9839410
Do not use sld for DKIM signing
2017-05-04 19:12:21 +02:00
andryyy
edc41b48d1
Add map for scheme...
2017-05-03 22:26:10 +02:00
andryyy
2f0129539b
Hopefully fix all Nginx reverse proxy issues, see documentation updates!
2017-05-03 18:05:13 +02:00
andryyy
8f213e8df9
Changes to api path
2017-04-29 16:36:41 +02:00
andryyy
a03b36e0c3
Add object to Nginx api configuration
2017-04-26 23:37:55 +02:00
andryyy
fd84b2ffa9
Change DKIM to new method, add clamav forced action when virus is found"
2017-04-25 20:32:36 +02:00
andryyy
e4310cafb3
Revert RP changes
2017-04-25 10:49:38 +02:00
Michael Kuron
f3fad4e7a2
Remove rspamd size limit
...
This ensures that the spam and antivirus filters cannot be evaded by making the message large enough.
Rspamd does not need a size limit on its own (e.g. for DoS protection) as Postfix already has a size limit (message_size_limit).
2017-04-24 19:49:41 +02:00
André Peters
0f3202109d
Merge pull request #212 from mkuron/reverseproxy
...
Fix CalDAV/CardDAV URLs displayed in SOGo web interface when used behind reverse proxy
2017-04-24 10:09:32 +02:00
andryyy
755da65426
Change path
2017-04-23 19:38:27 +02:00
andryyy
55f6384f2a
Change to hostname, connection is not important for container start
2017-04-23 17:43:29 +02:00
Michael Kuron
affa52edcf
Forwarding hosts: don’t add configuration if none are defined
2017-04-22 18:34:49 +02:00
Michael Kuron
08612f0aef
Merge remote-tracking branch 'origin/dev' into forwardinghosts
2017-04-22 18:13:58 +02:00
Michael Kuron
894d6234e9
Improvements to forwarding hosts in Postfix
...
- No more premature EOF and no more leaking of bash processes
- Log result
- Correctly treat non-CIDR entries
- Adapt to schema change from df71e97
- Correctly report SQL failure
2017-04-22 14:28:51 +02:00
andryyy
8adcc4fcd3
Force add mailcow_black/white
2017-04-21 10:19:45 +02:00
andryyy
be28877f68
Remove permanent moo symbol
2017-04-21 10:19:24 +02:00
andryyy
95cbfe3661
Move mail to spam when DKIM fails, ignore when white/blacklist and honor other actions
2017-04-21 10:19:07 +02:00
andryyy
babad4f137
Anti-Virus local configuration for Rspamd, container not enabled by default
2017-04-20 21:14:20 +02:00
Michael Kuron
d350c009b9
Fix login redirect behind reverse proxy
2017-04-20 19:53:56 +02:00
Michael Kuron
06e64c585c
Fix CalDAV/CardDAV URLs displayed in SOGo web interface when used behind a reverse proxy
2017-04-18 20:24:43 +02:00
Michael Kuron
a75d916b74
Forwarding hosts in postscreen
2017-04-17 15:51:50 +02:00
Michael Kuron
8822eb57c8
Forwarding hosts in rspamd
2017-04-17 15:51:50 +02:00
andryyy
d0d87ead49
Zeyple is not enabled by default
2017-04-10 13:16:40 +02:00
andryyy
06100c30ca
mail_crypt is not enabled by default
2017-04-10 13:15:48 +02:00
andryyy
c460636a70
mail_crypt is not enabled by default
2017-04-10 13:09:33 +02:00
andryyy
7f8d6556b8
imapsync: added option to delete from source after transfer
2017-04-10 13:07:45 +02:00
andryyy
b0d8b1344a
Remove obsolete parameters, use imapsieve instead of deprecated antispam module, use mail_crypt per default
2017-04-05 22:22:43 +02:00
andryyy
96c1a7c225
Open 10026 for Zeyple
2017-04-05 22:21:20 +02:00
andryyy
34bc242554
Add Zeyple filter
2017-04-05 22:19:01 +02:00
andryyy
8b7e3c718d
API format changes
2017-03-28 11:51:31 +02:00
andryyy
60fa9ab9dd
Fall back to dkim.conf
2017-03-26 11:08:07 +02:00
andryyy
16d90b86d5
Use Redis history in Rspamd
2017-03-21 23:50:00 +01:00
andryyy
f384759282
Add all defaults to ratelimit module config in Rspamd
2017-03-21 11:20:04 +01:00
André Peters
4f72ed4509
Merge branch 'dev' into footable
2017-03-21 10:06:46 +01:00
André P
8d1784a1c4
Reset ratelimit
2017-03-21 10:05:26 +01:00
André P
d8cf921e35
Add ignore
2017-03-21 10:04:26 +01:00
root
892f2197cb
Add footable
2017-03-21 10:02:23 +01:00
root
51230f780f
Local
2017-03-21 08:11:06 +01:00
andryyy
7e6fc8568f
Move DKIM signing to new dkim_signing.conf
2017-03-19 21:55:03 +01:00
andryyy
2fcbce4f2e
Fix: return true
2017-03-17 19:23:25 +01:00
andryyy
509a804acd
Deprecated lua function replaced, better tag handling when spam
2017-03-16 13:42:56 +01:00
andryyy
9f4a5b1834
Fix symbol check
2017-03-12 17:25:30 +01:00
andryyy
09850a76e5
Use Rspamds new tag symbol
2017-03-12 14:38:20 +01:00
andryyy
7a2427bf9b
Add Junk-E-Mail as special use junk
2017-03-10 15:34:23 +01:00
andryyy
4c8288f85e
Use tag settings for alias addresses
2017-03-09 17:06:58 +01:00
andryyy
276e370989
Rspamd tag check for non-spam only (post-filter), remove sql files from repository"
2017-03-08 17:58:00 +01:00
andryyy
2d086424fa
Fix settings for aliases, alias domains
2017-03-04 14:05:06 +01:00
andryyy
285e295d91
Fix for settings
2017-03-04 00:27:57 +01:00
andryyy
8c2416b711
Never return empty map
2017-03-04 00:23:38 +01:00
andryyy
211e4158a2
Always return settings
2017-03-04 00:19:10 +01:00
andryyy
cad084598d
Remove old files, fix tagging
2017-03-03 19:01:33 +01:00
andryyy
579b5483ab
Do not return empty map
2017-03-03 17:31:50 +01:00
andryyy
92b5a8e6dd
Change map variable
2017-03-03 15:39:12 +01:00
andryyy
279210a524
Tab size
2017-03-03 04:48:28 +01:00
andryyy
c21623b482
Important fix for Rspamd score settings, LUA tag handling changes
2017-03-03 04:44:51 +01:00
andryyy
8175a0387f
Change wording
2017-03-02 09:12:43 +01:00
andryyy
41d771e780
Aliases do not match alias domains
2017-03-01 17:59:46 +01:00
andryyy
50eb49ab71
Better autodiscover/autoconfig config in Nginx, add new ignores
2017-02-28 14:27:19 +01:00
andryyy
6d7c3423ba
Change Nginx templates
2017-02-28 10:12:18 +01:00
andryyy
2fea636a01
Add Nginx HTTP listener
2017-02-28 10:02:02 +01:00
andryyy
4db74f6734
Fix bind9 config
2017-02-23 16:23:16 +01:00
andryyy
1c12799091
Add bind9 and replace pdns
2017-02-23 16:06:28 +01:00
andryyy
26906caa07
Pass IP even if behind (second) reverse proxy, add new SOGo resource path
2017-02-23 16:05:42 +01:00
andryyy
f13df1ec46
Add mraptor to rspamd
2017-02-18 20:29:15 +01:00
andryyy
f6241619df
Reset first
2017-02-16 20:20:27 +01:00
carazzim0
d295435cad
use ip address instead of alias name
2017-02-16 19:55:07 +01:00
andryyy
4e311d7738
Read mime to field when env has no tag
2017-02-14 21:55:58 +01:00
andryyy
15bffcd447
Display keys inline, also read domain aliases for tagging option
2017-02-14 21:54:09 +01:00
André Peters
a6c6e34fe9
Update mysql_virtual_sender_acl.cf
2017-02-12 19:28:52 +01:00
andryyy
c73cc42a95
Handle alias domains the same way as their parents in sender_acl, thanks to @tehXor
2017-02-11 20:54:14 +01:00
andryyy
8883960d5a
Add mime types and full path to fcgi params
2017-02-08 19:11:25 +01:00
andryyy
7c3a8a5819
Use IPs to not emerg Nginx when host does not exist
2017-02-02 10:09:44 +01:00
andryyy
5e39bcf5e4
Fix settings
2017-01-29 13:56:24 +01:00
andryyy
6e196eeb6e
Remove kind where field
2017-01-29 12:33:36 +01:00
andryyy
13a8e6bf28
Exclude resources
2017-01-28 09:53:12 +01:00
andryyy
0630c882ee
When TLS is enforced for incoming mails, allow mynetworks and sasl authenticated users
2017-01-25 19:04:31 +01:00
andryyy
a294cd04e5
Add charset
2017-01-25 19:04:01 +01:00
andryyy
54de192334
Add mydestination to prevent hostname == domain situations
2017-01-23 08:23:59 +01:00
andryyy
3ece7cc7fd
Get SOGo web resources from SOGo httpd, enable caching
2017-01-21 11:46:56 +01:00
andryyy
30c4396c31
Change var names
2017-01-18 21:33:11 +01:00
andryyy
683e24c7f6
Still needs rework... but is ok right now
2017-01-18 21:26:49 +01:00
andryyy
308c2f7e03
Fix EAS for SOGo
2017-01-15 17:37:25 +01:00
andryyy
89b5d9bde6
Easier container names, allow to set HTTPS port, Typo fix
2017-01-12 21:40:42 +01:00
andryyy
33a0357634
Log to mail.log, add postlogin script to give master user full permissions
2017-01-12 20:15:05 +01:00
andryyy
86a8dc195e
Change ciphers
2017-01-09 20:22:44 +01:00
andryyy
621235d8da
Lowercase tag name "eXaMpLe" to "example" if folder "eXaMpLe" does not exist, else move to folder "eXaMpLe"
2017-01-09 12:37:39 +01:00
andryyy
be7693a8e1
Sieve tag handling changes
2017-01-09 11:39:27 +01:00
andryyy
49a98a30b5
Add ability to set tag handling, add domain map
2017-01-09 11:05:33 +01:00
andryyy
ebfc45df9f
Set huge timeout in PHP for SOGo childs to stop
2017-01-03 11:47:09 +01:00
andryyy
4adcb287bb
Fix rspamd dynamic map
2016-12-29 21:12:19 +01:00
andryyy
d486a9bb70
Fix Dav discovery on iOS, thanks Brad!
2016-12-27 20:28:30 +01:00
andryyy
b514ffb368
Remove creds file
2016-12-23 11:04:48 +01:00
andryyy
5d0081a0ec
Base all on xenial to save some space loading chunks, clean-up images
2016-12-23 10:27:48 +01:00
andryyy
b0db732e87
Needs lowercase master user with SHA1
2016-12-23 07:07:50 +01:00
andryyy
184a35da24
Format
2016-12-22 12:20:26 +01:00
andryyy
b6c95e2bd6
Add local networks
2016-12-22 12:20:17 +01:00
andryyy
2783510bef
DKIM sign auto-responder messages by using mime from field
2016-12-21 20:55:38 +01:00
andryyy
49e09d3ca0
Add autodiscover and autoconfig
2016-12-21 12:16:05 +01:00
andryyy
036d547415
Fix forwarding in sieve
2016-12-21 09:50:54 +01:00
andryyy
ed9d64bab4
Add random created master at each startup to handle SOGo features
2016-12-21 08:25:11 +01:00
andryyy
85b243a15b
SOGo multi-domain setup
2016-12-20 15:24:33 +01:00
andryyy
7a2abe6ada
Add default sieve_after handler
2016-12-19 15:20:30 +01:00
andryyy
98e803e6ef
Back to utf8mb4...
2016-12-19 12:24:31 +01:00
andryyy
31911c7ed8
Remove unused table, rename table
2016-12-18 22:25:02 +01:00
andryyy
7b18f7881a
Remove unused table, rename table
2016-12-18 22:24:48 +01:00
andryyy
a47625a34a
Remove unused table, rename table
2016-12-18 22:24:22 +01:00
andryyy
608820a728
Use UTF8, MySQL 5.7 is the only docker image to use innodb default row format, but is broken and segfaults on many machines
2016-12-18 15:50:57 +01:00
andryyy
861fc190ca
Use UTF8, MySQL 5.7 is the only docker image to use innodb default row format, but is broken and segfaults on many machines
2016-12-18 15:50:13 +01:00
andryyy
fa2da040ea
Remove debugging
2016-12-18 13:43:11 +01:00
andryyy
380fe11f7f
Waiting for bug fix from SOGo for alarms folder
2016-12-18 12:50:45 +01:00
andryyy
73ae15790a
Set sql mode and timezone
2016-12-18 12:41:45 +01:00
andryyy
04830141e4
Be more quiet
2016-12-18 12:41:29 +01:00
andryyy
defe57d24d
Changes
2016-12-18 00:24:05 +01:00
andryyy
220ea526f7
Thanks to https://gist.github.com/croessner/64ae8150b3fa3636ec002b812c4ab2ff
2016-12-16 12:23:04 +01:00
andryyy
8559de7ae6
Fix rspamd settings and dynamic configuration
2016-12-16 08:15:20 +01:00
andryyy
5afda018ce
Log some infos, sign using dkim separator
2016-12-15 10:04:56 +01:00
andryyy
1aa5280fc2
Use memcached and changed title
2016-12-15 10:04:32 +01:00
andryyy
774320d5e8
Use env vars for PHP app
2016-12-14 21:10:11 +01:00
andryyy
9e8a003508
Remove old file
2016-12-14 15:56:30 +01:00
andryyy
5d410c1a39
Change SOGo Dockerfile
2016-12-14 09:25:54 +01:00
andryyy
61da76db4e
Enable DNSSEC for resolver in rspamd
2016-12-13 13:55:57 +01:00
andryyy
b93c4e4102
Fix dovecot antispam plugin parameters
2016-12-13 13:38:31 +01:00
andryyy
855efcf542
Random
2016-12-13 12:32:16 +01:00
andryyy
7e25826d4e
Antispam plugin for Dovecot + rspamd pipe script
2016-12-13 12:26:10 +01:00
andryyy
5e883b6f51
Some last changes
2016-12-12 21:53:58 +01:00
andryyy
bbd17a7e91
Remove vars from main.cf
2016-12-12 09:25:37 +01:00
andryyy
47a5166383
Add pdns resolver, changed some other files
2016-12-11 18:58:29 +01:00
andryyy
e3f0058f4f
Changes...
2016-12-11 14:13:17 +01:00
andryyy
42a64b45d7
Fixes, working rspamd settings, generate DKIM keys in PHP
2016-12-10 21:49:41 +01:00
andryyy
7d6c5ff071
First commit for rspamd settings
2016-12-10 00:39:27 +01:00
andryyy
e9b97e98ec
Some changes
2016-12-09 21:10:11 +01:00