cc1bf5d426
deliver CSS and JS as external request
2019-10-20 21:25:58 +02:00
f2b552c00d
Fix custom http redirects with TLS-SNI
...
Disable http listener for SNI ssl hosts in nginx. This allows the use of the following config again:
https://mailcow.github.io/mailcow-dockerized-docs/u_e-80_to_443/
However that documentation page should still be updated: https://github.com/mailcow/mailcow-dockerized-docs/pull/175/commits
2019-10-20 20:24:16 +02:00
05e7c95829
[SSL] fix wildcard compare for non-bash shell
2019-10-20 17:02:54 +02:00
dcd50b2245
[SSL] restore old nginx templates. fix possible issues with custom nginx sites
2019-10-20 16:41:53 +02:00
84c5f43438
[SSL] re-add nginx site.conf
2019-10-19 12:49:23 +02:00
2e35da6816
[SSL] create individual domain certificates, add SNI configs for Postfix/Dovecot/Nginx
2019-10-19 12:48:56 +02:00
a606f60b54
[Nginx] Modify site to catch failed logins to /rspamd
2019-10-12 13:16:49 +02:00
ee57b5921f
[Rspamd] Various fixes for Rspamd 2.0, neural network activated, autolearning activated (auto-keeps a ratio)
2019-10-12 13:14:34 +02:00
0cfa056faa
[Rspamd] Do not quaratine if symbol is GLOBAL_X_BL
2019-10-10 12:38:24 +02:00
1580e4b2a5
[Nginx, SOGo] Adjustments for EAS
2019-10-06 10:12:46 +02:00
a008855991
Merge pull request #2999 from ntimo/task/api-docs
...
[Nginx] Fix nginx config for API docs
2019-10-04 08:51:26 +02:00
8f7693ccdb
[Postfix] Update postscreen_access
2019-10-04 08:43:59 +02:00
37f6ddac2e
Merge pull request #2950 from friedPotat0/postwhite
...
update postscreen whitelist by using postwhite
2019-10-04 08:41:29 +02:00
6ab1304579
[Nginx] Make api docs browsable using /api and /api/ uri
2019-10-03 11:27:44 +02:00
7c43e2e120
[Nginx] Fix nginx config for API docs
2019-10-03 11:19:17 +02:00
0f5c930e48
Fix site
2019-10-03 11:15:53 +02:00
5cf74f6b85
[NGINX] Make API docs accessible using /api/
2019-10-02 22:13:47 +02:00
9f66b83a34
Merge pull request #2965 from phenomax/postfix-no-renegotiation
...
[Postfix] Add NO_RENEGOTIATION to tls_ssl_options
2019-09-28 22:17:32 +02:00
9b7668d912
[Nginx] Custom 502
2019-09-24 06:53:13 +02:00
a231ecaed5
[Rspamd] Fix ARC defaults, thanks to klausenbusk
2019-09-23 10:44:58 +02:00
287c577fc4
[Rspamd] Set !ARC_ALLOW to SPF FAIL check
2019-09-23 10:44:26 +02:00
bbe396d3c2
[Postfix] Add NO_RENEGOTIATION to tls_ssl_options
2019-09-22 17:38:03 +02:00
b5d169cf90
[Postfix] Fix anonymize headers...
2019-09-19 06:48:21 +02:00
1bbe1a2367
Merge pull request #2940 from ntimo/task/split-bad-words
...
[RSPAMD] Split bad words into multiple files per language
2019-09-18 18:35:11 +02:00
ea8c002eff
update postscreen whitelist
2019-09-18 15:30:43 +02:00
b3c2f683cb
[Postfix] Adjustments for RBL
2019-09-18 07:58:54 +02:00
58cbf2c9c8
update postscreen whitelist by using postwhite
2019-09-17 21:27:17 +02:00
ba6c5b7197
[Rspamd] Updated bad_word maps
2019-09-17 20:39:08 +02:00
3ca014ee79
[Rspamd] Added multimap config for bad_words_de.map
2019-09-16 18:18:56 +02:00
005ed2cadc
[Rspamd] Split bad words into multiple files per language
2019-09-15 11:53:04 +02:00
83cd62d46f
Merge pull request #2928 from MAGICCC/feature/remove-dnsbl-inps.de
...
[Postfix] Remove discontinued DNSBL dnsbl.inps.de
2019-09-10 18:07:03 +02:00
d1e56ab7bc
Update fishy_tlds.map
2019-09-10 16:48:40 +02:00
b272ed04a0
[Postfix] Remove DNSBL dnsbl.inps.de due to legal reasons
2019-09-09 21:37:49 +02:00
8f4d468209
Merge pull request #2916 from Thomas2500/patch-1
...
Disable SSL ticket support in dovecot
2019-09-09 07:47:37 +02:00
87e99e53d9
[Postfix] Fix anonymize headers
2019-09-08 10:29:06 +02:00
3983b3d393
Disable SSL ticket support in dovecot
...
Because tickets are normally only generated on service start, we should disable it to provide better PFS.
2019-09-06 12:39:33 +02:00
8608ded0ed
[Postfix] Replace Postcow header, remove authed user
2019-09-06 08:02:52 +02:00
f87beded34
Update fishy_tlds.map
2019-09-05 14:32:04 +02:00
0d5df21ffc
[Postfix] Route watchdog@localhost to local7 discard
2019-09-04 23:07:35 +02:00
8d0b2678fe
[Rspamd] Remove some TLDs from fishy map
2019-09-04 08:14:35 +02:00
1495bda2e1
[Postfix] Add info about extra.cf
2019-09-02 18:39:08 +02:00
1bdf861177
[Postfix] Add comments to config files, cleanup a bit
2019-09-02 09:31:30 +02:00
9c714b34a4
[Rspamd] Bad word update and score change
2019-08-30 19:30:38 +02:00
569296dcdc
[Rspamd] More bad words - todo: split by language
2019-08-30 18:54:54 +02:00
5a89dc114d
[Rspamd] Minor changes to fishy tlds and bad words
2019-08-29 18:57:37 +02:00
6e82a35929
[Rspamd] Important fix for fishy maps
2019-08-28 15:04:53 +02:00
1414e9df00
[Rspamd] Reduce fishy tld score
...
[Compose] Update Dovecot image
2019-08-28 14:37:04 +02:00
a5d569e0ca
[Rspamd] Reduce fishy tld score
2019-08-28 14:26:01 +02:00
01fe856d05
[Rspamd] Fix a domain name
2019-08-28 13:05:42 +02:00
23ae0c3cc1
[Rspamd] Filter 'em bad words from 'em bad tlds
2019-08-28 13:03:15 +02:00
abf33b75f4
[Postfix] Remove Zeyple config
2019-08-25 16:00:33 +02:00
e342016534
[Rspamd] Fix scores of UCE
2019-08-22 22:08:22 +02:00
084eb008a1
[Rspamd] Add UCE to RBL
2019-08-22 16:34:03 +02:00
9bbf9dc68e
[Rspamd] Fix and improve settings map
2019-08-21 21:07:51 +02:00
3a26365b51
[Rspamd] Change SA ruleset name
2019-08-21 14:37:30 +02:00
a2386434fd
[Postfix] More RBLs, lower thresholds
2019-08-16 22:17:28 +02:00
217da8c7fc
[Postfix] Reduce threshold to 4, format list
2019-08-16 07:55:17 +02:00
1b3a5d54ca
[Postfix] Reduce RBL threshold
...
We should move more RBL checks to Postfix
2019-08-16 07:46:19 +02:00
9e0381185c
[Postfix] Disable UTF8 SMTP as Dovecots LMTP does not support it, also disable Zeyple
2019-08-09 14:10:31 +02:00
5fda67223d
[Dovecot] Fix pathes
2019-07-28 21:36:09 +02:00
e00a18ab95
Update anonymize_headers.pcre
2019-07-26 07:18:58 +02:00
9de821c3b0
[Postfix] Don't remove authed header from Received
...
[Compose] New watchdog image
2019-07-26 06:53:29 +02:00
db0719f068
[Rspamd] Fix IP whitelist
2019-07-22 13:50:05 +02:00
71df10892c
[Rspamd] Add custom IP whitelist template
2019-07-22 13:38:47 +02:00
83136c7876
Merge pull request #2789 from patschi/patch-6
...
Remove DMARC descriptions from polices_group
2019-07-16 21:30:44 +02:00
197f27b705
Remove DMARC descriptions from polices_group
...
Remove descriptions as they are inherited from the default rspamd configuration anyway
2019-07-16 20:15:11 +02:00
cecbbe9e82
Remove score from R_DKIM_PERMFAIL
...
This error happens when there is no public key in DNS for that selector.
2019-07-16 20:03:37 +02:00
3c3bcf8c82
[Postfix] Set compatibility_level to 2
2019-07-13 14:44:17 +02:00
eb760543d9
Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized
2019-07-13 09:23:51 +02:00
568e166478
[Unbound] Update base to Alpine 3.10 to use Unbound 1.9
...
[Unbound] Set unwanted-reply-threshold: 10000
2019-07-13 09:22:03 +02:00
2898aa6918
[Postfix] Remove unused alias domain catch all map
2019-07-13 08:59:32 +02:00
84f4f43b27
Update policies_group.conf
2019-07-12 23:15:27 +02:00
2efd27e40e
[Olefy] A new container is born, thanks to @c-rosenberg
...
[ACME] Autoconfig is back (re-added to SAN list by default for all mail domains)
[Rspamd] Added comment to composite
2019-06-25 18:52:05 +02:00
f2d1a56104
[Rspamd] Increase OLEFY_MACRO score
2019-06-20 10:18:43 +02:00
04940429ba
[Rspamd] Add oletools via olefy, big thanks to @c-rosenberg
2019-06-16 17:35:58 +02:00
6f99f06c6d
[Rspamd] Add OLEFY_MACRO symbol
2019-06-16 17:35:24 +02:00
9c347e36fc
[Rspamd] Less aggressive bayes
2019-06-16 17:34:58 +02:00
e43951331c
[Rspamd] Sign ARC inbonud, thanks to @Kraeutergarten
2019-06-11 11:41:59 +02:00
ffb008f72a
Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized
2019-06-09 16:50:04 +02:00
de3a89ac7a
[Postfix] Remove duplicate proxy read maps, add resource maps
2019-06-09 16:49:02 +02:00
fa4c4b138e
Update main.cf
...
Added the delay_warning_time (http://www.postfix.org/postconf.5.html#delay_warning_time ) with 4 hours as setting. Postfix will inform the user that the e-mail has not been delivered, but that it will try for the next 5 days.
There is also a setting called confirm_delay_cleared (http://www.postfix.org/postconf.5.html#confirm_delay_cleared ), but according to the Postfix this can lead to a sudden burst of notifications at the end of a prolonged network outage.
2019-06-09 07:39:36 +02:00
d5eeb3e8af
Update main.cf
...
I was looking into creating a backup mx server for a high availability mailcow setup. It seems that this is not easily done. While researching to find out how long an average SMTP server keeps trying to send to a server that is down I found that RFC 5321 advises at least 4 to 5 days. Mailcow has a custom setup of 1 day, which is very short. The user will be unaware for 5 days that his mail has not been delivered, which can be negative. But I still would like to follow the advice of the RFC.
RFC 5321, in section 4.5.4.1, has this to say:
Retries continue until the message is transmitted or the sender up; the give-up time generally needs to be at least 4-5 days. It MAY be appropriate to set a shorter maximum number of retries for non-delivery notifications and equivalent error messages than for standard messages.
Postfix default is also 5 days: http://www.postfix.org/postconf.5.html
https://tools.ietf.org/html/rfc5321#section-4.5.4
2019-06-08 15:10:46 +02:00
af46a93e76
[Postfix] Remove authed user from header
2019-06-01 22:14:48 +02:00
dcacf85a5d
[Dovecot] Rename sieve_after to global_sieve_after and create a global_sieve_before file
2019-06-01 13:53:24 +02:00
aaf0d521a2
[Postfix] Add UA header check, not enabled by default
2019-06-01 08:29:53 +02:00
395f0f7a3d
[Rspamd] Remove authenticated user from auth results header
...
[Dovecot] Fix permissions of console
[Compose] New Dovecot image
2019-05-29 18:02:14 +02:00
2757c6b5fe
[Postfix] Do not allow DSN for postscreen
2019-05-27 19:32:41 +02:00
ba14f0f113
[Rspamd] Fix spoofing detection
2019-05-20 15:14:42 +02:00
1f365f5cff
[Dovecot] Remove shared namespace
2019-05-18 23:01:23 +02:00
3ffa7e1f33
[Rspamd] Add SIEVE_HOST map and skip spoof check for these IPs
2019-05-18 22:44:06 +02:00
45359bb6cf
[Rspamd] Do not apply SPOOFED_UNAUTH on ARC_ALLOW
...
[Dovecot] Set sieve_redirect_envelope_from to rcpt
2019-05-18 09:18:00 +02:00
5c07cca529
[Rspamd] Change spoofed mail handling
2019-05-09 11:48:38 +02:00
456e92c830
[Rspamd] Set to to_ip to_ip_from rate buckets to 100 / 1s
2019-05-09 11:32:16 +02:00
61433a4488
Merge pull request #2541 from sriccio/master
...
Allow to easily add custom plugins to rspamd
2019-05-05 22:33:32 +02:00
28c8c53a6e
[Rspamd] meta_exporter: return false if not matched
...
[Compose] Update Dovecot image
2019-05-01 22:50:38 +02:00
17918b3e21
Added domain alias handling to quarantine mails and added recipients row to quarantine mail display
...
If a mail is sent to a domain alias domain and rejected, mailcow does not currently store the mail in quarantine.
This commit adds domain alias handling to the reject code and should fix this behavior.
Also added displaying of recipient addresses into the quarantine mail dialog to be able to see what mail address was "leaked".
2019-05-01 00:56:12 +02:00
91af3d5c5a
[Rspamd] Much higher scores for DMARC failures
2019-04-30 14:00:47 +02:00
9b303dcc0e
[Dovecot] Set default_vsz_limit = 1024 M
...
[Web] Form cache for user passwd change modal disabled
2019-04-24 14:46:45 +02:00
ef5cf81308
[rspamd] Allow to easily use custom rspamd lua plugins
...
Since rspamd 1.9.2 we'll be able to load custom modules from plugins.d
directory.
This allow to add and configure plugins easily from the
data/conf/rspamd/plugins.d
Also loading config for custom plugins need rspamd.conf.local or
optionally rspamd.conf.override.
I added support for this in the docker-compose.yml
Idea came while i was writing a custom plugin for Cyren antispam
gateway, which can be found here: https://github.com/sriccio/rspamd-plugins
2019-04-17 10:36:39 +02:00
9f00d956f1
[Rspamd] Improve spoofing detection
2019-04-14 20:37:38 +02:00
tinect
Marcel Hofer
Marcel Hofer
andryyy
ntimo
Max Uetrecht
friedPotat0
MAGIC
Thomas Bella
Patrik Kernstock
Michael Kuron
dofl
dofl
Howaner
sriccio