Commit Graph

306 Commits (92f8b4a09156c5b30d6f4fc49e82a38208d500a6)

Author SHA1 Message Date
andryyy 28c8c53a6e
[Rspamd] meta_exporter: return false if not matched
[Compose] Update Dovecot image
2019-05-01 22:50:38 +02:00
Howaner 17918b3e21 Added domain alias handling to quarantine mails and added recipients row to quarantine mail display
If a mail is sent to a domain alias domain and rejected, mailcow does not currently store the mail in quarantine.
This commit adds domain alias handling to the reject code and should fix this behavior.

Also added displaying of recipient addresses into the quarantine mail dialog to be able to see what mail address was "leaked".
2019-05-01 00:56:12 +02:00
andryyy 91af3d5c5a
[Rspamd] Much higher scores for DMARC failures 2019-04-30 14:00:47 +02:00
sriccio ef5cf81308 [rspamd] Allow to easily use custom rspamd lua plugins
Since rspamd 1.9.2 we'll be able to load custom modules from plugins.d
directory.

This allow to add and configure plugins easily from the
data/conf/rspamd/plugins.d

Also loading config for custom plugins need rspamd.conf.local or
optionally rspamd.conf.override.

I added support for this in the docker-compose.yml

Idea came while i was writing a custom plugin for Cyren antispam
gateway, which can be found here: https://github.com/sriccio/rspamd-plugins
2019-04-17 10:36:39 +02:00
andryyy 9f00d956f1 [Rspamd] Improve spoofing detection 2019-04-14 20:37:38 +02:00
andryyy c8047b9555 [Web] Change session timeout handling
[Rspamd] Add missing spamassassin.conf
2019-04-14 13:01:47 +02:00
André Peters 70c424caa2
[Web] Fix rejected mails not being quarantized properly if they are tagged 2019-03-12 11:26:33 +01:00
andryyy 1c3daedc39
[Rspamd] Remove headers var from dyn maps 2019-03-12 01:28:04 +01:00
Aaron Larisch 40a826a347 Fix rejected mails not being quarantized properly if they are tagged 2019-03-11 15:31:21 +01:00
andryyy 2443e956eb
[Rspamd] Remove buggy last-modified check 2019-03-08 12:43:05 +01:00
andryyy d124fa1d5b
[Rspamd] Check if filterconf table was changed and return Last-Modified accordingly 2019-03-07 11:44:38 +01:00
andryyy e04e15ed23
[Rspamd] Mime from and rcpt can now be checked by from_mime and rcpt_mime 2019-03-07 00:07:11 +01:00
andryyy c792bbcbab
[Rspamd] make upstream an object 2019-03-07 00:05:55 +01:00
andryyy bb065dbc22
[Rspamd] Add fuzzy worker with worker-fuzzy.inc 2019-03-06 15:14:25 +01:00
andryyy 6dc5318673
[Rspamd] Delete rspamd.conf.local 2019-03-06 15:08:18 +01:00
andryyy 108e808d06
[Rspamd] Reduce SOGO_CONTACT score to -99 2019-02-23 23:46:01 +01:00
andryyy 02b015a359
[Rspamd] Lower history nrows 2019-02-14 11:11:20 +01:00
andryyy 6f478ed2a3
[Rspamd] Set history lines to 10000 2019-02-05 00:02:56 +01:00
andryyy 8da54e5194
[Rspamd] Split global wl from to mime-from and smtp-from 2019-01-29 12:11:10 +01:00
andryyy d6efc2fcd3
[Rspamd] Fix metadata_exporter
[Web] Show subjet in quarantine
[Compose] Update Rspamd image
2019-01-17 22:00:18 +01:00
André Peters f3dfe346bf [Dovecot] Allow setting ACL_ANYONE in mailcow.conf 2019-01-16 19:08:19 +01:00
Aiko Appeldorn 4c176d3833 [rspamd] increased values for SPF, DKIM reject 2019-01-15 18:54:05 +01:00
andryyy 17222eac94
[Rspamd] Set max_size for AV
[Rspamd] Set higher/lower scores for local fuzzy matches
2019-01-13 23:02:09 +01:00
Michael Kuron 2b0065d5ab
Do not apply SOGO_CONTACT for hard SPF failures
Fixes #1983 more completely
2019-01-13 10:28:21 +01:00
andryyy 94d7952802
[Rspamd] Scan the whole message to be able to trigger Sanesecurity rules
[Rspamd] Increase add_header and greylist score
2019-01-08 13:00:56 +01:00
andryyy 2baf407331
[Rspamd] preg_quote filter objects, only translate * to .* - fixes #2152 2019-01-08 12:58:27 +01:00
andryyy ed763cd668 [Rspamd] Use meta exporter to pipe meta data of ratelimited msg to Redis 2018-12-15 21:23:42 +01:00
andryyy e7427eddf3 [Rspamd] Updated values of default ratelimit settings, add info_symbol 2018-12-15 21:22:59 +01:00
andryyy 3a39937baf [Rspamd] Do not apply SOGO_CONTACT for SPF fails and when sending from whitelisted host 2018-12-10 13:26:18 +01:00
andryyy e43c696204 [Rspamd] Remove SOGO_CONTACT for header from 2018-12-10 13:25:38 +01:00
andryyy 968f6f4157 [Rspamd] use boolean for one_shot, fixes #2066 2018-12-04 08:31:56 +01:00
andryyy e02c51b1d1 [Rspamd] Fix examples for global white/blacklist 2018-11-29 21:51:09 +01:00
root d445d7d2e7 [Web] Allow actions in quarantine modal, fixes #1991
[Web] Fixes for Source Sans Pro font
[Rspamd] Add global rcpt blacklist and whitelist
[Compose] New Rspamd image
2018-11-27 10:20:42 +01:00
andryyy f76c3ee7f3 [Dovecot] Unsupported examples for IMAP auth via LDAP
[Rspamd] Globel whitelist/blacklist from via multimap
2018-11-26 09:06:51 +01:00
andryyy 869e01a9a7 [Rspamd] Add fuzzy hash to msg 2018-11-12 09:57:25 +01:00
andryyy 4f7f493490 [Rspamd] Add SOGo contacts to whitelist 2018-11-12 09:56:54 +01:00
Michael Kuron 4ee546c04a
Reduce rspamd DNS timeout
Fixes #1957
2018-10-29 19:55:24 +01:00
andryyy f92b20c9ad [Rspamd] Change log level to silent (see docs) 2018-10-27 13:55:55 +02:00
andryyy 42fe16250b [Rspamd] Adjust default values for (perm) failures of DKIM and SPF 2018-10-26 20:04:41 +02:00
André Peters 68f2a1c5fc
[Rspamd] Properly close additional Rspamd maps 2018-10-19 11:12:58 +02:00
André 73b48fc13e [Rspamd] Remove deprecated attachments_only in AV module
[Rspamd] Remove old symbol score
2018-10-16 22:59:25 +02:00
André 32f7ae1d2e [Rspamd] Prefix quarantine error_log messages with "QUARANTINE"
[Rspamd] Fix quarantine max size check (it was ignored)
2018-10-11 11:55:52 +02:00
André a054182246 [Rspamd] Add desc to high spam networks 2018-09-30 18:56:35 +02:00
André b008211f52 [Rspamd] Controller password placeholder 2018-09-30 09:55:50 +02:00
André 8439daea7e [Rspamd] Revert adding worker-controller-password... 2018-09-30 09:54:19 +02:00
André 4396be2938 [Rspamd] Place socket in _rspamd home and fix permissions
[Compose] Remove volume for Rspamd socket
[Web] Do not exit loop on fuzzy errors when learning a message as spam
2018-09-30 09:53:25 +02:00
André 73b10350d0 [Rspamd] Ignore sa-rules-heinlein file, remove from index 2018-09-29 22:03:48 +02:00
André 0fb43f4916 [Docker API] Use TLS encryption for communication with "on-the-fly" created key paris (non-exposed)
[Docker API] Create pipe to pass Rspamd UI worker password
[Dovecot] Pull Spamassassin ruleset to be read by Rspamd (MANY THANKS to Peer Heinlein!)
[Dovecot] Garbage collector for deleted maildirs (set keep time via MAILDIR_GC_TIME which defaults to 1440 minutes)
[Web] Flush memcached after mailbox item changes, fixes #1808
[Web] Fix duplicate IDs, fixes #1792
[Compose] Use SQL sockets
[PHP-FPM] Update APCu and Redis libs
[Dovecot] Encrypt maildir with global key pair in crypt-vol-1 (BACKUP!), also fixes #1791
[Web] Fix deletion of spam aliases
[Helper] Add "crypt" to backup script
[Helper] Override file for external SQL socket (not supported!)
[Compose] New images for Rspamd, PHP-FPM, SOGo, Dovecot, Docker API, Watchdog, ACME, Postfix
2018-09-29 22:01:23 +02:00
André c7cef3241f [Rspamd] Controller worker count == 1, fixes #1716 2018-09-12 20:32:59 +02:00
André 1b5409f3fa [Rspamd] Check if ip is valid (KEEP_SPAM symbol), fixes #1759 2018-09-12 15:50:42 +02:00
André 1499094b61 [PHP-FPM] Increase PHP memory limit for "web" to 512M
[Helper] Nextcloud 14
[Rspamd] Fix KEEP_SPAM lua script: skip check if ip is false
2018-09-11 19:35:21 +02:00
André afc18fd469 [Rspamd] Update bad asn, move KEEP_SPAM to a custom lua function 2018-09-09 09:47:47 +02:00
André b007975a04 [Rspamd] Rename -disable_monitored > disable_monitoring 2018-08-03 11:56:39 +02:00
André 59c4cc054e [Rspamd] Deactivate neural but use a more aggressive learning method (no autolearn) 2018-07-29 23:03:49 +02:00
André d8f86ae488 [Rspamd] Add local fuzzy worker 2018-07-29 00:34:36 +02:00
André e2ed2eab53 [Rspamd] Remove per_user settings as they were pretty much useless, some minor changes to bayes" 2018-07-25 01:06:12 +02:00
André a83adc4d31 [Rspamd] Remove unused user_keywords and dynamic_rates from ratelimit module 2018-07-15 12:02:37 +02:00
André 882ee5fee6 [Rspamd] Re-use fixed new ratelimit 2018-07-15 12:01:28 +02:00
André 353af8e3a4 [Rspamd] Set start and end to rcpt matching regex 2018-07-12 23:18:49 +02:00
André 37fbce855e [Rspamd] Remove autolearn from Rspamd 2018-07-03 23:24:11 +02:00
André d6a74e82e3 [ACME] Fix for CNAME response on AAAA dig request 2018-06-28 20:41:44 +02:00
André 9dc250c9f2 [Rspamd] Important fix for settings map 2018-06-28 11:48:23 +02:00
André b8973648ff [Rspamd] Disable default authenticated user ratelimit 2018-06-24 11:40:31 +02:00
André 8bb24a9866 [Rspamd] Load additional settings defined in web ui 2018-06-23 23:48:06 +02:00
André 27d3388579 [Rspamd] Remove antivirus debugging 2018-06-10 14:30:30 +02:00
André 777e469958 [ClamAV] Remove deprecated AllowSupplementaryGroups 2018-05-30 20:28:23 +02:00
André 1b35376252 [Rspamd] Remove score for CTYPE_MIXED_BOGUS and ARC_REJECT, increase DNS timeout 2018-05-30 18:40:43 +02:00
Michael Kuron ea84004410
[rspamd] fix redis multimaps in version 1.7.5
The key's value was being used as symbol name instead of the symbol name defined in the config file
2018-05-25 18:58:37 +02:00
André 1f7a5d586c [Rspamd] Remove IP, fixes #1400 2018-05-19 00:14:30 +02:00
André 8ff4eb8076 [Rspamd] Slight changes to neural plugin 2018-05-18 21:39:25 +02:00
André 7a5d3af80b [Rspamd] Slight changes to neural 2018-05-17 11:15:46 +02:00
André 5e2d19ac62 [Rspamd] Add neural module and define its scores 2018-05-16 21:26:05 +02:00
André d167ade957 [Rspamd] Remove explict redis servers from statistic, add a name 2018-05-16 21:25:55 +02:00
André 7f72e44dac [Rspamd] Move symbols to corresponding groups 2018-05-11 10:40:26 +02:00
André 4c31adaa82 [Rspamd] Ratelimit: fix attempt to index a nil value when no authenticated user is found in a message 2018-05-01 22:44:03 +02:00
André 7181ee4658 [Rspamd] Apply ratelimit against authenticated user instead of envelope from
[PHP-FPM] Create PHP-FPM listeners 9001 (system) and 9002 (web), drop 9000
[Rspamd] Parse quarantine messages as utf8
[Rspamd] Use new schema for Rspamd bayes hashes and expire them in Redis
[SOGo] Change default logo
[SOGo] Use different keyserver by default in Dockerfile
[Rspamd] Add bad ASN list (disabled by default)
[Watchdog] Change the way we check PHP-FPM, change SOGo check
[Nginx] Change ports according to new PHP-FPM listeners
[Update] Fix PHP-FPM ports for existing non-mailcow Nginx sites
2018-04-26 13:56:07 +02:00
Michael Kuron ea3502f2a1
rspamd: Fix NO_LOG_STAT for everycloud monitoring 2018-04-02 19:26:15 +02:00
André Peters f3896195d4
Update worker-controller-password.inc 2018-02-22 09:19:01 +01:00
André Peters eb4dd632ae [Web] Fix autodiscover triggering fail2ban implementation, fixes #1069 2018-02-22 09:16:16 +01:00
André Peters 5030ce7547 [Web] More and more fixes for #1017 2018-02-11 15:59:35 +01:00
André Peters 07a05b9363 [Rspamd] Enable more modules 2018-02-09 10:32:42 +01:00
André Peters 557fa4385c [Rspamd] Also listen on socket for internal communication 2018-02-08 22:55:34 +01:00
André Peters a50036477e [Web] Mind was set to french, reverting to english 2018-02-08 20:13:36 +01:00
andre.peters 36cb6d288d [Rspamd] Fix IPv6 subnet 2018-02-01 13:36:24 +01:00
andre.peters c7729f195b [Rspamd] Fixes #960 2018-01-26 18:56:19 +01:00
andre.peters 7149350973 [Rspamd] Allow internal IPv6 networks 2018-01-24 08:37:49 +01:00
andre.peters 83a21259f7 [Rspamd] Use names instead of IPs 2018-01-21 15:00:05 +01:00
André Peters 5648ec6d39
Merge pull request #915 from tiirex9/master
Adds 'do nothing' as default for sub-addressing
2018-01-18 10:27:14 +01:00
andre.peters 003e6ef5cd [Web] Important fixes for quarantaine; other minor changes 2018-01-17 15:22:11 +01:00
andre.peters 0019502069 [Rspamd] Increase spam scores for SPF failures 2018-01-16 21:02:45 +01:00
andre.peters c6bcf322ff [Rspamd] Force-add metadata_exporter 2018-01-16 18:58:29 +01:00
Tii d58b89528f rspamd multimap redis stuff doesn't work as expected... 2018-01-16 16:31:37 +01:00
Tii 2291bdbeed Added 'do nothing' option as default for sub-addressing 2018-01-16 13:13:04 +01:00
Tii cd2c242540 Added 'do nothing' option as default for sub-addressing 2018-01-16 12:47:59 +01:00
andre.peters 5fd3d986c7 [Rspamd] Fix settings map regex 2018-01-16 12:42:09 +01:00
andre.peters 868abc15bd [Rspamd] Fix worker-controller-password placeholder 2018-01-02 18:15:33 +01:00
andre.peters d71b6f0ad1 Add placeholder for Rspamd controller password written via UI 2017-12-11 09:41:29 +01:00
andre.peters 873222d5f8 [Rspamd] Remove DKIM forced action, move ratelimit lua, add meta exporter 2017-12-09 09:08:23 +01:00
André c2d9928f8f [Rspamd] Set task timeout to 12s 2017-11-10 19:58:56 +01:00
André b16684ce20 [Rspamd] Slightly reduce map watch interval 2017-11-03 20:26:36 +01:00
André 1e9bc49f2c [Rspamd] Echo dummy for fowardingshosts map; Use higher map reading interval;
[Dockerapi] Exit on sigterm;
[Watchdog] Wait for dockerapi-mailcow to be online
2017-10-27 11:22:39 +02:00
André 083174a9bd [Rspamd] Do not try to index nil value 2017-10-26 22:25:13 +02:00
André 4156b4cdf8 [Rspamd] Disable spoofed sender check 2017-10-26 10:29:13 +02:00
André 988978b351 [Rspamd] Remove log helper and disable fann redis 2017-10-25 20:55:11 +02:00
André f7cd7cc123 [Rspamd] Redis history is enabled by default 2017-10-21 10:09:53 +02:00
Michael Kuron a4ccd780c6 rspamd: disable greylisting for forwarding hosts 2017-10-14 16:40:44 +02:00
andryyy fc18d153cd [Compose, DockerAPI, Web, Watchdog] Watchdog may send notification mails (todo: docs), DockerAPI via Flesk for limited access 2017-10-05 23:38:33 +02:00
andryyy 073c6c6e73 [Postfix/Rspamd] Do not reject unauthenticated sender mismatches but rewrite their subject and assign symbol SPOOFED_SENDER with score 1.0 2017-10-04 23:16:39 +02:00
andryyy f257ed92f5 [Rspamd] Add missing ratelimit.conf 2017-09-21 22:21:11 +02:00
andryyy fd3b2e5f16 [Rspamd] Changes to ignore watchdog checks 2017-09-21 19:25:17 +02:00
Michael Kuron a411a357b9 rspamd: exclude Mail Flow monitoring from logs and stats 2017-09-20 15:21:02 +02:00
andryyy a8fb1d3f4f Add experimental watchdog 2017-09-20 10:56:49 +02:00
Michael Kuron e4f13568d1 Rspamd user settings: fix matching From header 2017-09-16 18:46:28 +02:00
André Peters 78c363b7a5 Merge pull request #565 from mkuron/softreject
Forwarding hosts: treat soft reject like greylist
2017-09-09 10:43:41 +02:00
Michael Kuron 3d9c161be1 Forwarding hosts: treat soft reject like greylist 2017-09-09 10:30:26 +02:00
andryyy cfd9316d74 Merge branch 'dev' of https://github.com/mailcow/mailcow-dockerized into dev 2017-08-30 21:43:45 +02:00
andryyy b1213c51d7 [Rspamd] Dynamic ratelimit fixed, removed async redis request; Ready to implement per-user ratelimits via UI (tbd) 2017-08-30 21:42:39 +02:00
André Peters 29acfe85db Merge pull request #536 from mkuron/patch-1
Rspamd user blacklist/whitelist improvements
2017-08-28 22:55:12 +02:00
Michael Kuron 8383ba5e9c Rspamd user settings: fix From header match
The request_header regex appears to not be expected to be encapsulated in slashes and does not seem to accept flags.
2017-08-28 20:27:53 +02:00
Michael Kuron fcd8cfa4f4 Rspamd user settings: don't print all email addresses of a domain
The ucl_rcpts function can already deal with domains, so lets use this capability.
2017-08-27 14:19:29 +02:00
Michael Kuron 93a092e627 Rspamd user settings: also match From header 2017-08-27 14:19:28 +02:00
Michael Kuron e178ca36de Rspamd user settings: make regexes case-insensitive
This is necessary because the user web UI normalizes to lowercase
2017-08-27 14:19:28 +02:00
andryyy e47feeffd6 [Rspamd] Add custom directory for own files 2017-08-18 22:17:01 +02:00
andryyy 9be3aa3334 [Rspamd] Disable monitored 2017-07-27 09:03:44 +02:00
andryyy ed33cb5f57 [Rspamd] ARC: Disallow login/domain mismatch 2017-07-21 11:03:35 +02:00
andryyy 256c9d86dd [Rspamd] Initial custom ratelimit support 2017-07-13 12:55:14 +02:00
andryyy 56a652fbf3 [Rspamd] Set error_reporting to 0 2017-07-02 11:25:14 +02:00
andryyy afc8c93c07 [Rspamd] Cleanup settings map 2017-07-01 23:14:27 +02:00
andryyy 6cd44b4136 Remove old code 2017-06-26 23:17:46 +02:00
andryyy 3be99d7f89 Set IPv6 network as secure_ip range in Rspamd 2017-06-24 22:07:26 +02:00
andryyy 578011c78c Move milter config, increase timeout for DNS 2017-06-21 10:18:52 +02:00
andryyy 44197c410e Do not add milter headers for authenticated users 2017-06-13 07:41:00 +02:00
André Peters 329ac40d95 Merge pull request #332 from mkuron/symlink
Replace symlink to PHP script
2017-06-08 20:57:51 +02:00
andryyy a41cafac3e Switch to Rspamds milter interface 2017-06-06 22:00:34 +02:00
Michael Kuron 062abb0ca7 Replace symlink to PHP script 2017-06-04 13:31:35 +02:00
andryyy 55071805f3 Execute after rmilter_headers (prio 10) 2017-05-29 21:53:47 +02:00
andryyy d33399b3cb Fix mismatch in env and from mime header when signing mail 2017-05-29 21:49:01 +02:00
andryyy fd92283fb8 Add missing ; 2017-05-24 10:03:06 +02:00
andryyy 466b8137e5 Add log_helper to Rspamd, add IPv6 for http maps in Nginx, make Bind listen on v6 and add acl for internal network 2017-05-23 22:23:34 +02:00
andryyy 21714bd054 Remove obsolete map 2017-05-23 21:50:33 +02:00
andryyy f3a1d81347 Rate extensions 2017-05-23 21:50:05 +02:00
andryyy e99db685e5 Change map watch interval, remove Mraptor 2017-05-20 14:28:05 +02:00
Michael Kuron 759f21ac6b Consistent symbol names for forwarding hosts
multimap.conf and force_actions weren't using the same name
2017-05-09 07:29:43 +02:00
andryyy d64ed65575 Add multimap and forced actions for forwarded_hosts, removed from settings 2017-05-08 23:09:21 +02:00
André Peters 5861bec0c3 Merge pull request #256 from mkuron/forwardinghosts
Optionally enable spam filter for forwarding hosts
2017-05-08 19:00:42 +02:00
andryyy cdf7c87e20 Deleted two http maps, replaced by redis multimaps, much better tag system 2017-05-08 15:39:33 +02:00
Michael Kuron ae6d7d63fc Optionally enable spam filter for forwarding hosts 2017-05-07 08:50:28 +02:00
andryyy ecda4fb1d1 Change whitelist for forwarding hosts 2017-05-06 23:41:58 +02:00
andryyy b3a161f930 Keep format 2017-05-06 08:09:40 +02:00
andryyy 1501df6e42 Use Redis for DKIM keys, define any selector, auto-merge old keys to Redis and fallback to files 2017-05-05 10:35:27 +02:00