Commit Graph

389 Commits (788e32b32859b584b8837c909835187f056eabf5)

Author SHA1 Message Date
André Peters bca8920679
Revert "[Postfix] Default SMTP server security grade for EECDH key exchange" 2018-06-27 23:28:54 +02:00
elcore c386dfc11d
[Postfix] Default SMTP server security grade for EECDH key exchange 2018-06-27 03:39:54 +02:00
André 5905a3919c [Dovecot] Minor changes to ciphers, still disallow insecure ciphers 2018-06-26 07:50:17 +02:00
André a5d40a4ab6 [Postfix] Re-enable TLS 1, 1.1 and some ciphers - real-world tests have shown this setup uses TOO MANY plain text sessions due to compatibility issues 2018-06-25 22:31:23 +02:00
André b8973648ff [Rspamd] Disable default authenticated user ratelimit 2018-06-24 11:40:31 +02:00
André 8bb24a9866 [Rspamd] Load additional settings defined in web ui 2018-06-23 23:48:06 +02:00
André aa6a136c1f [Dockerapi, Dovecot] Fix missing active user filter 2018-06-20 07:25:10 +02:00
André e79429beef [PHP-FPM, Nginx] Move some PHP parameters from Nginx to FPM configuration file 2018-06-10 14:31:24 +02:00
André 27d3388579 [Rspamd] Remove antivirus debugging 2018-06-10 14:30:30 +02:00
André f15f30d53e [Dovecot] Re-enable lz4 until 2.3.2 to verify replication fix 2018-06-08 09:09:31 +02:00
André 0a44ea1a4c [Dovecot] Lz4 compression sometimes leads to strange EOF errors when replicating
[Web] Cleanup JSON API
2018-06-05 00:31:27 +02:00
André 777e469958 [ClamAV] Remove deprecated AllowSupplementaryGroups 2018-05-30 20:28:23 +02:00
André 1b35376252 [Rspamd] Remove score for CTYPE_MIXED_BOGUS and ARC_REJECT, increase DNS timeout 2018-05-30 18:40:43 +02:00
apoc4lyps 918343865e
hardening http headers 2018-05-28 12:28:23 +02:00
Michael Kuron ea84004410
[rspamd] fix redis multimaps in version 1.7.5
The key's value was being used as symbol name instead of the symbol name defined in the config file
2018-05-25 18:58:37 +02:00
André 1f7a5d586c [Rspamd] Remove IP, fixes #1400 2018-05-19 00:14:30 +02:00
André 8ff4eb8076 [Rspamd] Slight changes to neural plugin 2018-05-18 21:39:25 +02:00
André 7a5d3af80b [Rspamd] Slight changes to neural 2018-05-17 11:15:46 +02:00
André 5e2d19ac62 [Rspamd] Add neural module and define its scores 2018-05-16 21:26:05 +02:00
André d167ade957 [Rspamd] Remove explict redis servers from statistic, add a name 2018-05-16 21:25:55 +02:00
André a8d9b4359e [Dovecot] Set vszlimits for some services to prevent oom situations, fixes #1203 2018-05-12 08:52:03 +02:00
André 7f72e44dac [Rspamd] Move symbols to corresponding groups 2018-05-11 10:40:26 +02:00
André 527e790620 [Web] Store session data in Redis 2018-05-08 12:55:19 +02:00
André 4c31adaa82 [Rspamd] Ratelimit: fix attempt to index a nil value when no authenticated user is found in a message 2018-05-01 22:44:03 +02:00
André 30cea1da9a [SOGo] Increase workers count to 20
[Postfix] Add extended TLS header
[Web] Increase timeout to 10 for docker API connections
[Postfix] Add perl package
2018-04-26 14:08:45 +02:00
André ef6644df34 [PHP-FPM] Delete old pool files
[Nginx] Remove dev code
2018-04-26 13:57:23 +02:00
André 7181ee4658 [Rspamd] Apply ratelimit against authenticated user instead of envelope from
[PHP-FPM] Create PHP-FPM listeners 9001 (system) and 9002 (web), drop 9000
[Rspamd] Parse quarantine messages as utf8
[Rspamd] Use new schema for Rspamd bayes hashes and expire them in Redis
[SOGo] Change default logo
[SOGo] Use different keyserver by default in Dockerfile
[Rspamd] Add bad ASN list (disabled by default)
[Watchdog] Change the way we check PHP-FPM, change SOGo check
[Nginx] Change ports according to new PHP-FPM listeners
[Update] Fix PHP-FPM ports for existing non-mailcow Nginx sites
2018-04-26 13:56:07 +02:00
André f53006f6ab [Dovecot] Dovecot 2.3.1, Pigeonhole 0.5.1
[ClamAV] 0.100.0, new log method without pipes
[Compose] New images for Dovecot and ClamAV, add persistent tty to clamd-mailcow
2018-04-26 12:36:13 +02:00
Michael Kuron ea3502f2a1
rspamd: Fix NO_LOG_STAT for everycloud monitoring 2018-04-02 19:26:15 +02:00
André Peters 8a7664f7d5 [Nginx] Add larger map bucket size, fixes 1112 2018-03-01 07:28:06 +01:00
André Peters b255ecd62b [Dovecot] Add, but disable auth_debug 2018-02-27 20:54:46 +01:00
André Peters 6b066c2891
Merge pull request #1090 from extremeshok/patch-5
Enable maildir compression
2018-02-26 18:54:04 +01:00
André Peters 410cbf55b6
Update dovecot.conf 2018-02-26 18:53:56 +01:00
André Peters bbbe52f560 [SOGo] Add blue (default) and red theme 2018-02-22 09:20:46 +01:00
André Peters f3896195d4
Update worker-controller-password.inc 2018-02-22 09:19:01 +01:00
André Peters eb4dd632ae [Web] Fix autodiscover triggering fail2ban implementation, fixes #1069 2018-02-22 09:16:16 +01:00
André Peters da48bd721f
Merge pull request #1056 from klausenbusk/nginx-deduplicate
[Nginx] Reduce config duplication
2018-02-19 13:12:46 +01:00
André Peters ff3328ea8c [SOGo] Use indigo theme, copy logo and theme.js to image 2018-02-19 12:56:45 +01:00
Kristian Klausen 63002cbb74 [Nginx] Reduce config duplication
It does not make sense having a seperate server block for both http
and https.
According to the nginx doc [1], using the same server block for both
should work.

[1] http://nginx.org/en/docs/http/configuring_https_servers.html#single_http_https_server
2018-02-15 21:23:07 +01:00
eXtremeSHOK 1e40472017
Enable maildir compression
Currently the plugin is loaded, but actual compression is not enabled.

https://wiki.dovecot.org/Plugins/Zlib
2018-02-14 14:38:06 +02:00
André Peters 0bfd0838c2 [SOGo] Increase workers again 2018-02-14 11:26:55 +01:00
André Peters e186e350ef [Nginx] Fixes #1033 2018-02-14 09:09:17 +01:00
André Peters 993c998716
Merge pull request #995 from Alireza2n/master
SOGO & Rspamd interface: adding "expire" header to static files, allowing browser to be able to cache them
2018-02-14 07:50:22 +01:00
André Peters 943598f705 [Nginx] Fix EAS... 2018-02-13 09:12:54 +01:00
André Peters fb92619aac [Nginx] Fix EAS... 2018-02-13 09:12:21 +01:00
André Peters 458dfc8418 [Nginx] Remove unused file 2018-02-13 09:11:13 +01:00
André Peters 406e7ebd07 [Nginx] Fix EAS 2018-02-13 09:10:41 +01:00
André Peters 21e8edae43 [Nginx] Fix EAS 2018-02-13 09:09:41 +01:00
André Peters 63f7e5930d [Nginx] Fix EAS 2018-02-13 09:07:44 +01:00
André Peters e85cd38945 [SOGo] SOGo refuses to bind to IPv6, so force IPv4 in proxy_pass, fixes #1006 2018-02-12 21:34:59 +01:00
André Peters 74c804b9a3 [SOGo] SOGo refuses to bind to IPv6, so force IPv4 in proxy_pass, fixes #1006 2018-02-12 21:32:49 +01:00
André Peters 5030ce7547 [Web] More and more fixes for #1017 2018-02-11 15:59:35 +01:00
André Peters 07a05b9363 [Rspamd] Enable more modules 2018-02-09 10:32:42 +01:00
André Peters e5031accbb [Nginx] Remove auto-redirect to not break rp 2018-02-09 09:59:35 +01:00
André Peters 3a1e7b4ee1 [Nginx] Pass args when redirecting to https 2018-02-09 09:11:59 +01:00
André Peters 557fa4385c [Rspamd] Also listen on socket for internal communication 2018-02-08 22:55:34 +01:00
André Peters a50036477e [Web] Mind was set to french, reverting to english 2018-02-08 20:13:36 +01:00
andre.peters e8fe5282b2 [Dovecot] Inconsistent view fix 2018-02-05 21:55:37 +01:00
andre.peters dda2768f10 [Dovecot] Enable IMAP metadata 2018-02-05 21:42:23 +01:00
Alireza 781a5eb69a Added expires directive and map to nginx, allowing browser to cache SOGO JS,CSS,WOFF files. 2018-02-02 18:38:18 +03:30
Alireza 1b898b1c7b Added expires directive and map to nginx, allowing browser to cache rspamd JS,CSS and image files. 2018-02-02 17:46:49 +03:30
Alireza 64fbc73582 Added expires directive and map to nginx, allowing browser to cache rspamd JS,CSS and image files. 2018-02-02 17:42:19 +03:30
andre.peters d6cbe5b10a [Unbound] Fix IPv6 subnet 2018-02-01 13:37:50 +01:00
andre.peters 36cb6d288d [Rspamd] Fix IPv6 subnet 2018-02-01 13:36:24 +01:00
andre.peters 70ac65d794 [Nginx] Fix IPv6 subnet, only rewrite to HTTPS when request is not internal 2018-02-01 13:36:01 +01:00
andre.peters 03ad0f22c4 [PHP-FPM] Add bind for upload.ini 2018-01-30 09:00:34 +01:00
André Peters 4405cb3e74
Merge pull request #953 from mkuron/recipient_map
Expose Postfix's recipient_canonical_maps through web UI
2018-01-28 11:09:22 +01:00
andre.peters 1f08e9a7b7 [Postfix] Fixes #967 (assign correct local network range for mynetworks) 2018-01-27 18:13:35 +01:00
Michael Kuron c30448c4d8 Merge branch 'master' of https://github.com/andryyy/mailcow-dockerized into recipient_map
Conflicts:
	data/web/inc/init_db.inc.php
2018-01-27 17:22:08 +01:00
andre.peters f0bc580ceb [PHP-FPM] Fix port... 2018-01-27 12:09:25 +01:00
andre.peters c33ec7e989 [PHP-FPM] Fix duplicate listen 2018-01-27 10:33:50 +01:00
andre.peters c7729f195b [Rspamd] Fixes #960 2018-01-26 18:56:19 +01:00
andre.peters 7149350973 [Rspamd] Allow internal IPv6 networks 2018-01-24 08:37:49 +01:00
andre.peters c9b3044d5d [Postfix] Allow internal IPv6 networks 2018-01-24 08:37:27 +01:00
andre.peters 7efe67daaf [ClamAV] Mount ClamAV config files 2018-01-24 08:36:56 +01:00
andre.peters 696b52b5eb [Unbound] Allow internal networks in access-control 2018-01-24 08:36:37 +01:00
andre.peters 67ddc710a7 [Nginx] Set real IP from internal networks 2018-01-24 08:36:19 +01:00
andre.peters 40a9389295 [SOGo] Reduce workers to 7 by default 2018-01-24 08:30:25 +01:00
Michael Kuron e86565e283 Expose Postfix's recipient_canonical_maps through web UI 2018-01-23 20:02:31 +01:00
andre.peters a50f85026a [PHP-FPM] Mount php configs into container 2018-01-21 15:00:28 +01:00
andre.peters 83a21259f7 [Rspamd] Use names instead of IPs 2018-01-21 15:00:05 +01:00
andre.peters 83fb8c0fd8 [Nginx] Use names instead of IPs 2018-01-21 14:59:45 +01:00
André Peters 5648ec6d39
Merge pull request #915 from tiirex9/master
Adds 'do nothing' as default for sub-addressing
2018-01-18 10:27:14 +01:00
andre.peters 003e6ef5cd [Web] Important fixes for quarantaine; other minor changes 2018-01-17 15:22:11 +01:00
andre.peters 0019502069 [Rspamd] Increase spam scores for SPF failures 2018-01-16 21:02:45 +01:00
andre.peters c6bcf322ff [Rspamd] Force-add metadata_exporter 2018-01-16 18:58:29 +01:00
Tii d58b89528f rspamd multimap redis stuff doesn't work as expected... 2018-01-16 16:31:37 +01:00
Tii 2291bdbeed Added 'do nothing' option as default for sub-addressing 2018-01-16 13:13:04 +01:00
Tii cd2c242540 Added 'do nothing' option as default for sub-addressing 2018-01-16 12:47:59 +01:00
andre.peters 5fd3d986c7 [Rspamd] Fix settings map regex 2018-01-16 12:42:09 +01:00
andre.peters 5d5d36fc60 [Dovecot] Revert to 2.2 to fix various errors 2018-01-14 10:44:06 +01:00
andre.peters 0d8c7e446a [Dovecot] Update config to fit Dovecot 2.3 2018-01-09 11:28:12 +01:00
andre.peters 868abc15bd [Rspamd] Fix worker-controller-password placeholder 2018-01-02 18:15:33 +01:00
Amir Zarrinkafsh 65386d4ccf Included folder mapping for iOS Mail Trash folder. 2017-12-30 13:58:17 +11:00
andre.peters eb57fce38f [Dovecot] Possibly fixes #722 2017-12-25 10:25:50 +01:00
andre.peters ae56c3b59e Fix quarantaine 2017-12-11 10:44:46 +01:00
andre.peters d71b6f0ad1 Add placeholder for Rspamd controller password written via UI 2017-12-11 09:41:29 +01:00
andre.peters 873222d5f8 [Rspamd] Remove DKIM forced action, move ratelimit lua, add meta exporter 2017-12-09 09:08:23 +01:00
andre.peters c8f41cdae2 [Postfix] Listener for quarantaine, remove excluded Docker gw from mynetworks 2017-12-09 09:07:06 +01:00
andre.peters 21a677e024 [MariaDB] Move config to my.cnf, removed from yml 2017-12-09 09:06:04 +01:00