FreddleSpl0it
8316e763fa
[WebAuthn] remove old u2f functions
2022-01-18 10:14:18 +01:00
FreddleSpl0it
a849d03a00
[WebAuthn] show user deprecated warning
2022-01-18 10:14:18 +01:00
FreddlePat
d1d134038f
migrating from u2f-api.js to webauthn
2022-01-12 21:09:18 +01:00
jkellerer
9946bb3427
[Web] Display app password name in last login ( #4304 )
2021-10-30 16:51:26 +02:00
andryyy
f0aae22f77
[Dovecot, Web] Fix remaining issues of app password enhancements from #4296
2021-10-30 14:34:33 +02:00
andryyy
514340b2a7
[Web] Minor fix
2021-10-28 22:05:28 +02:00
andryyy
e13bc242a4
[Web, Dovecot] Allow to define scope of services for app passwords
2021-10-28 21:57:19 +02:00
Jürgen Kellerer
2ac5294d55
Supporting app-passwds in cal/carddav & ActiveSync
2021-10-24 17:29:35 +02:00
andryyy
8769a91388
[Web] Allow multiple TOTP
2021-10-23 17:14:43 +02:00
andryyy
d6eb21f7a6
[Web] Fix some empty responses in alert box
2021-08-15 20:19:28 +02:00
André Peters
639e751678
Revert "[Web] Fix broken autoconfig ports, fixes #4221 ( #4223 )" ( #4226 )
...
This reverts commit 9afea99189
.
2021-08-10 09:05:01 +02:00
Kristian Feldsam
9afea99189
[Web] Fix broken autoconfig ports, fixes #4221 ( #4223 )
...
Refactored to use function, moved another function
Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
2021-08-10 02:08:04 +02:00
andryyy
2cd0b56b14
[Web] Various PHP 8 fixes, partly fixes #4219
2021-08-09 08:28:22 +02:00
andryyy
cf8fdae277
[Web] Some minor fixes and improvements for PHP 8
2021-08-08 16:06:55 +02:00
Shea Ramage
08dfc0220e
[Web] Remove redundant password hash checks ( #4180 )
...
Co-authored-by: Thomas Ramage <tramage@eucmail.com>
2021-07-09 09:54:35 +02:00
andryyy
78084c5e7b
[Web] Log only latest datetime of a unique datetime, service and ip combination
2021-07-01 06:44:37 +02:00
andryyy
8b08d09ca2
[Web] Remove XMPP options
...
[Web] Add Rspamd preset #4
[Web] Do not show failed SASL logins (and also remove them from db)
2021-06-30 10:13:29 +02:00
andryyy
d156a93a84
[Web] Various fixes; Allow users to login with FIDO2, SOGo SSO is a wip
2021-06-22 07:17:55 +02:00
andryyy
9773d3549e
[Web] Fix password policy for mailbox user; minor Solr status fix
2021-06-17 07:07:48 +02:00
andryyy
05c85b4140
[Web] Fix alias verification
2021-06-09 11:03:48 +02:00
andryyy
47b57df3a2
[Web] Show users last PW change, allow to select n days for last logins
2021-06-09 07:19:57 +02:00
andryyy
da20d5dc38
[Web] Replace country flags, improve flags for last logins, add info about last password change of a user
2021-06-08 13:16:10 +02:00
andryyy
08d666985f
[Web] Improve last logins, switch to country name (workaround, fix in progress)
2021-06-06 21:00:48 +02:00
andryyy
a89fe53e4a
[Web] Show country of sasl ips
2021-06-06 11:57:15 +02:00
andryyy
7050d7c259
[Web] Fix BCC validation for aliases
2021-06-05 08:40:55 +02:00
andryyy
2d55b54904
[Web] Show users the last known connections for SASL authentication
...
[Web] Feature: Log SASL authentication
2021-06-04 14:29:39 +02:00
andryyy
735bcb2f55
[Web] Allow to select aliases for BCC
2021-06-03 08:00:59 +02:00
andryyy
5065667ae4
[Postfix] Allow to set and override a relayhost per mailbox
...
[Web] Replace recycle icon with trash (this one made me a bit sad)
[Web] Various small fixes
[Web] Allow or disallow a domain admin to change relayhost settings (default is off, as previous default)
2021-05-26 14:02:27 +02:00
andryyy
e21e0b9dbf
[Web] Time limited aliases: show create date; create aliases with 1yr retention by default; create temp alias in alias domain; better random names; accept any validity time
...
[Web] Replace spam score slider by nouislider and rework table a bit
2021-05-21 12:48:24 +02:00
andryyy
eb1d5dd134
[Web] Remove debugging points
2021-04-18 12:53:59 +02:00
andryyy
5ea649b292
[Web] Feature: Add password policy
2021-04-09 13:46:17 +02:00
Shea Ramage
4feceb08da
Refactor support for pre-hashed passwords ( #4024 )
2021-03-10 21:06:32 +01:00
andryyy
04bd21663c
[Web] Minor fixes
2021-02-11 14:41:00 +01:00
Felix Kaechele
31805f1656
[Web] Implement all supported dovecot password schemas ( #3974 )
...
When migrating from other Dovecot based installations it can be very
convenient to just copy over existing hashed passwords.
However, mailcow currently only supports a limited number of password
schemes.
This commit implements all password schemes that do not require
challenge/response or OTP mechanisms.
A convenient way to generate the regex with all supported schemas is
`docker-compose exec dovecot-mailcow doveadm pw -l | awk -F' ' '{printf
"/^{("; for(i=1;i<=NF-1;i++){printf "%s%s", sep, $i; sep="|"}; printf
")}/i\n"}'`
Note that this will also include unsupported challenge/response and OTP
schemas.
Furthermore this increases the vsz_limit for the dovecot auth service to
2G for the use of ARGON2I and ARGON2ID schemas.
Signed-off-by: Felix Kaechele <felix@kaechele.ca>
2021-02-11 09:31:53 +01:00
andryyy
02b10b0ed4
[Web] Add SSHA
2020-12-07 07:58:50 +01:00
Balázs Dura-Kovács
dd1b25fa61
[Web] Optional HTML in system mails ( #3879 )
...
* HTML in system mails
* Update functions.inc.php
* Update functions.inc.php
Co-authored-by: André Peters <andre.peters@debinux.de>
2020-11-30 07:43:48 +01:00
andryyy
ba20db2e08
[Web] Allow a user to choose notification categories (junk folder, rejected mail, both/all) + user ACL
2020-11-28 17:41:48 +01:00
andryyy
8d05d4a51d
[Web] Cleanup Rspamd, other fixes
2020-11-25 16:10:33 +01:00
andryyy
4a355f242f
[Web] Some fido2 fixes, table view for fido2 keys, fix renaming keys with the same subject
2020-11-17 13:38:28 +01:00
andryyy
9dec340434
Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized
2020-11-15 20:22:46 +01:00
Lukas Schreiner
d96bf91a0d
Support of different default pass schemes + support of BLF-CRYPT ( #3832 )
...
* Introduce MAILCOW_PASS_SCHEME in order to support blowfish (cf. mailcow/mailcow-dockerized#1019 )
* Furthermore added dovecot to support new environment varible for MAILCOW_PASS_SCHEME defaulted to SSHA256
* Revert changes regarding gitignore.
* Added fallback to SSHA256 if environment is not proper prepared.
* No fallback within management frontend, as it must match to other components.
* Unified and corrected alignment; implemented support of SSHA512
* Currently, password_hash of PHP is using by default bcrypt (BLF). As this might change later, we must ensure, that BLF is still used after PHP changes its default.
* Switched to BLF-CRYPT by default (even on update)
* Switched to BLF-CRYPT by default (even on update)
* Adding information in config generation / update with link to supported hash algorithm
* Bump sogo version to 1.92
* Fallback to BLF-CRYPT in case password scheme is not proper defined for Mailcow administration.
2020-11-15 20:22:35 +01:00
andryyy
c150ac7b37
[Web] Feature (beta): Add WebAuthn support for administrators and domain administrators
2020-11-15 19:32:37 +01:00
andryyy
f3c72832f2
[Web] Add rspamd-stats route to API
2020-09-06 08:54:09 +02:00
Miro Rauhala
6bff958ab4
[Web] Clean PHP code by removing unused variables ( #3646 )
...
* [WEB] $lang is not used in this context
* [Web] $stmt variable is not used
2020-07-11 13:20:38 +02:00
andryyy
48b74d77a0
[Web] Fix PHPMailer, minor style change for quarantine rcpts
2020-06-07 10:45:40 +02:00
andryyy
a6af7cbc2e
[Web] Expand IPv6 addresses for better comparison
2020-05-26 20:04:22 +02:00
andryyy
ccc56c54a9
[Web] Merge same notification types
2020-05-20 20:37:52 +02:00
andryyy
e824239dee
[Web] Disallow web UI login, when domain is disabled
2020-05-17 09:41:38 +02:00
andryyy
aef15f004a
[Web] Allow CIDR as allowed API networks; other minor fixes
2020-05-04 07:51:50 +02:00
andryyy
a6247fc13f
[Web] Do not try to update sogo static view with skip_sogo y
2020-04-29 21:09:13 +02:00