Commit Graph

1037 Commits (a7a7b3f3fdf359d69dbb098dd1eef3f6ecaddb36)

Author SHA1 Message Date
André Peters 29acfe85db Merge pull request #536 from mkuron/patch-1
Rspamd user blacklist/whitelist improvements
2017-08-28 22:55:12 +02:00
Michael Kuron 8383ba5e9c Rspamd user settings: fix From header match
The request_header regex appears to not be expected to be encapsulated in slashes and does not seem to accept flags.
2017-08-28 20:27:53 +02:00
Michael Kuron fcd8cfa4f4 Rspamd user settings: don't print all email addresses of a domain
The ucl_rcpts function can already deal with domains, so lets use this capability.
2017-08-27 14:19:29 +02:00
Michael Kuron 93a092e627 Rspamd user settings: also match From header 2017-08-27 14:19:28 +02:00
Michael Kuron e178ca36de Rspamd user settings: make regexes case-insensitive
This is necessary because the user web UI normalizes to lowercase
2017-08-27 14:19:28 +02:00
Michael Kuron 0ad870fffe Merge branch 'dev' into dns2 2017-08-24 21:52:39 +02:00
andryyy 66ae588445 [Web] Started work on ACL, fix notifications 2017-08-18 22:18:14 +02:00
andryyy e47feeffd6 [Rspamd] Add custom directory for own files 2017-08-18 22:17:01 +02:00
andryyy 7a2c0f2ee7 [Acme] Skip backup mx domains 2017-08-18 09:57:25 +02:00
andryyy e5faee9037 [Nginx] Disable client_max_body_size 2017-08-09 10:17:32 +02:00
André Peters 92eefc1288 Merge pull request #486 from mkuron/patch-1
Disable ClamAV phishing filter
2017-08-02 15:54:16 +02:00
Michael Kuron dec64eef32 Disable ClamAV phishing filter
ClamAV has a phishing filter built in, but it generates too many false positives. We can disable it without risk because rspamd also checks for phishing itself.
2017-08-02 14:42:53 +02:00
andryyy 2eed7c05a1 [Dovecot] Push version, fix cronjob (fixes #310) 2017-08-01 14:02:00 +02:00
andryyy d85352fa9a [Dovecot] Use listescape 2017-07-31 12:41:18 +02:00
andryyy c7484434dd [Dovecot] Remove master.pid if not running; Check for active imapsync besides lock file; Reconnect MySQL connection in imapsync_cron.pl 2017-07-31 08:19:02 +02:00
andryyy 10b2ae09b9 [Web] Remove dev file 2017-07-30 21:40:40 +02:00
andryyy aabcf65c69 [Nginx] Set server_names_hash_bucket_size 64 2017-07-30 21:39:35 +02:00
andryyy 66e06a0c0c [Web] Sync jobs can be created/viewed/edited by admins/domain admins; Various fixes or improvements 2017-07-29 10:32:17 +02:00
andryyy 9be3aa3334 [Rspamd] Disable monitored 2017-07-27 09:03:44 +02:00
andryyy 3bd7383bca [Web] Add relay host testing tool 2017-07-26 23:11:43 +02:00
andryyy b4892f043f [Web] Edit relayhost 2017-07-26 23:11:08 +02:00
andryyy 45ef561ac0 [Web] Add default rcpt for relay testing tool to variables 2017-07-26 23:10:18 +02:00
andryyy 9bce8f0501 [Web] Fix session timeout 2017-07-26 23:09:50 +02:00
andryyy 5a49748dd5 [Web] Add graphs and stats to JSON api 2017-07-26 23:09:15 +02:00
andryyy 379933a333 [Web] Added PHPMailer for relayhost testing tool 2017-07-26 23:07:46 +02:00
andryyy 33bf9f5c5d [Rspamd] Push image version 1.5, Rspamd 1.6.3 2017-07-26 23:07:01 +02:00
andryyy 8da02378b1 [Rspamd] Use Nginx IP in settings map 2017-07-26 23:04:49 +02:00
andryyy 03c614f749 [Postfix] Use Nginx IP in whitelist_forwardinghosts.sh 2017-07-26 23:04:27 +02:00
andryyy b629089ff8 [SOGo] Rename reconf-domains to bootstrap-sogo and exec sogod after a successful bootstrap; Wait for SOGo to die and free listener 2017-07-24 23:25:04 +02:00
andryyy 5d5646df0c [Compose, SOGo] Update SOGo, give SOGo more time for a graceful restart, autorestart on any exit code 2017-07-24 22:53:23 +02:00
André Peters 0a6eef83bd Merge pull request #449 from mkuron/autoconfig
Autoconfig/Autodiscover unification
2017-07-24 12:58:53 +02:00
André Peters 1b719a8668 Update autoconfig.php 2017-07-24 12:37:02 +02:00
André Peters 27c169dbe1 Update mobileconfig.php 2017-07-24 12:35:56 +02:00
André Peters bfa2e83803 Add more help text, remove obsolete variable 2017-07-24 12:35:04 +02:00
André Peters b295bedf53 Update autoconfig.php 2017-07-24 12:28:48 +02:00
Phoenix Eve Aspacio e26563d51e Enable Fail2ban in Autodiscover 2017-07-23 21:27:18 +08:00
Michael Kuron 53d44ed18d Merge branch 'dev' into autoconfig 2017-07-23 10:12:03 +02:00
Michael Kuron fcbbfe71bb Merge branch 'dev' into dns2 2017-07-23 10:10:36 +02:00
andryyy 83d485dd94 [Web, Postfix, Compose] Allow to add relayhosts per domain (+ plain and login authentication) 2017-07-22 20:39:54 +02:00
Michael Kuron 8fcaf407e6 Client configuration link 2017-07-22 12:37:39 +02:00
andryyy ed33cb5f57 [Rspamd] ARC: Disallow login/domain mismatch 2017-07-21 11:03:35 +02:00
andryyy f4db3a7a00 [Web] Allow multiple sync jobs with same username, fixes #464 2017-07-17 22:36:34 +02:00
andryyy 84ad579437 [Web] Initial ratelimit support, more API actions 2017-07-16 11:03:28 +02:00
andryyy 256c9d86dd [Rspamd] Initial custom ratelimit support 2017-07-13 12:55:14 +02:00
andryyy 5f5872f78b [Rspamd] Initial custom ratelimit support 2017-07-13 12:54:53 +02:00
andryyy e6727b1fd6 [ACME] Iterate alias domains, use hostname in subject field 2017-07-13 12:51:52 +02:00
andryyy 9e92c4a2ad [Dovecot] Do not keep persistent logs in a container 2017-07-11 17:09:31 +02:00
andryyy f8ae5158cb [Postfix] Do not keep persistent logs in a container 2017-07-11 17:09:20 +02:00
andryyy a31819fd6c [SOGo] Log to a pipe to not keep logs in a container 2017-07-11 17:08:06 +02:00
Michael Kuron 98be90c494 Remove SPF and DMARC checks 2017-07-10 21:41:45 +02:00
andryyy 08b99c8d74 [Dovecot] Add doveadm service 2017-07-10 21:30:45 +02:00
Michael Kuron 14d2b3d763 DNS diagnostics page 2017-07-10 21:17:40 +02:00
Michael Kuron 5abeb313ba Autoconfig harmonization
- use $autodiscover_config everywhere
- non-443 HTTPS ports in autoconfig etc.
- disabling POP service via SRV record
- fix display name in Outlook IMAP autodiscover
- allow multiple calls to TLSA generator and support Sieve STARTTLS
- iOS mobileconfig generator
2017-07-10 20:52:51 +02:00
andryyy c5d90b821a [Dovecot] Add extra.conf include to override Dovecot configuration changes 2017-07-10 09:19:12 +02:00
André Peters f37405d9fd Merge pull request #446 from mailcow/revert-444-dns
Revert "DNS diagnostics page"
2017-07-10 08:46:32 +02:00
André Peters beec3d47f7 Revert "Client configuration guides" 2017-07-10 08:46:20 +02:00
André Peters 4c1537c1c2 Revert "DNS diagnostics page" 2017-07-10 08:45:59 +02:00
André Peters c5acdd70fb Merge pull request #427 from mkuron/clientconfig2
Client configuration guides
2017-07-10 08:03:28 +02:00
André Peters b1dddd08e6 Merge pull request #444 from mkuron/dns
DNS diagnostics page
2017-07-10 07:53:29 +02:00
andryyy 51660589d4 [Rspamd] Push version 1.3 2017-07-09 22:28:36 +02:00
Michael Kuron c1a1f98ee5 DNS diagnostics page 2017-07-09 10:01:27 +02:00
andryyy fa2af1b286 [Web] Allow more bytes in concat queries, fixes #435 2017-07-06 17:34:51 +02:00
andryyy a324b1a385 [Rspamd] Fix DKIM siging (base64 hash line folding) 2017-07-06 15:57:33 +02:00
Michael Kuron 8946d69274 Fix merge conflict 2017-07-05 20:11:07 +02:00
andryyy 69da02c144 [Dovecot] Important fix for Pigeonhole (downgrade) 2017-07-05 19:13:07 +02:00
andryyy 7f47af1d60 Fix destination hash 2017-07-05 12:31:52 +02:00
andryyy 87cc5f54ff [Postfix] Fix redis log destination hash 2017-07-05 12:03:12 +02:00
andryyy 2fadfee61a [SOGo] Remove thunderbird plugin generation, will move to docs 2017-07-05 10:22:48 +02:00
andryyy de14d30e6b [ACME] Fix exit command (was using echo), fix for duplicate SAN (filter) 2017-07-04 21:32:58 +02:00
Michael Kuron b88190988e Autodiscover: Strip bind addresses off of port environment variables 2017-07-04 19:58:30 +02:00
andryyy dc463c3dda [Multiple] Push multiple logs to Redis channel for fail2ban-mailcow to read. Enables Fail2ban independently of used Docker logging driver. 2017-07-04 18:08:20 +02:00
andryyy ed11e7586e [Clamd] Add SKIP_CLAMD variable to disable Clamd start 2017-07-04 18:05:44 +02:00
andryyy a2f1c09a84 [Web] Style changes to DKIM import section, push login errors to Redis channel 2017-07-04 18:05:04 +02:00
andryyy ace247b3b9 [ACME] Unset name arrays before reusing them 2017-07-03 10:20:09 +02:00
andryyy d4311a806b Fix Rspamd logs date 2017-07-03 08:10:11 +02:00
andryyy 2cf9f71613 [ACME] Revert fix for empty additional_san, fix skip_ip_check in ACME 2017-07-02 20:18:22 +02:00
Michael Kuron 96ed94dedd Client configuration guides
- iOS mobileconfig generator
- non-443 HTTPS ports in autoconfig etc.
- disabling POP service via SRV record
- fix display name in Outlook IMAP autodiscover
- allow multiple calls to TLSA generator and support Sieve STARTTLS
2017-07-02 16:29:42 +02:00
andryyy 56a652fbf3 [Rspamd] Set error_reporting to 0 2017-07-02 11:25:14 +02:00
andryyy cf902854d7 Merge, conflict fixed 2017-07-02 11:22:35 +02:00
andryyy b7cb4ac9d5 [Fail2ban] Added more regex to match failed or disallowed logins to Dovecot, changed Mailcow to mailcow 2017-07-02 11:10:35 +02:00
andryyy afc8c93c07 [Rspamd] Cleanup settings map 2017-07-01 23:14:27 +02:00
andryyy 60ce236738 [Web] Language strings for DKIM import tool 2017-07-01 23:12:14 +02:00
andryyy 744784cb62 [UI] Initial: Import private keys for DKIM/ARC 2017-06-30 21:50:21 +02:00
andryyy ae5ce6568d [Dovecot] Dovecot 2.2.31, Pigeonhole 0.4.19 2017-06-30 20:30:30 +02:00
andryyy 5ab11c0c1e [ACME] Show err instead of empty var when IP lookup failed 2017-06-30 20:29:55 +02:00
andryyy d2048ccf20 [ACME] Be more verbose about IP address 2017-06-29 21:22:01 +02:00
andryyy a6b60aebb8 [Fai2ban] Added auto-detection for container names; Allow multiple rules for each container; log rule id and container on match 2017-06-29 11:30:14 +02:00
andryyy 372da9b557 [Web] Move Fail2ban function, add lang strings 2017-06-29 10:30:25 +02:00
andryyy 6c64ffbd49 [acme-mailcow] Auto-detect container ids for restart; Restart containers after restore 2017-06-29 10:29:56 +02:00
andryyy 9040d456ed [acme-mailcow] Auto-detect container ids for restart; Restart containers after restore 2017-06-29 10:25:32 +02:00
andryyy 3d652dd3d0 Added more checks for acme-mailcow 2017-06-29 00:56:51 +02:00
andryyy 6d8438c01c - More checks for acme-mailcow (verify hashes)
- Autodiscover configuration file: Merge array from vars.local.inc.php
- Push acme-mailcow to 1.6
2017-06-28 23:22:51 +02:00
andryyy 234baf1cb9 Readd 2017-06-28 18:59:15 +02:00
andryyy aa5b03dd99 Merge branch 'dev'
Conflicts:
	data/web/autodiscover.php
2017-06-28 18:57:22 +02:00
andryyy b0584c3622 Use , as IFS for additional san 2017-06-28 10:50:51 +02:00
andryyy f7bce8b81a Copy dhparams if not found 2017-06-27 20:15:53 +02:00
andryyy e9ea0712f2 Add SKIP_FAIL2BAN var 2017-06-27 10:26:48 +02:00
andryyy 433e0c8f9a Allow /0 to whitelist all, push f2b version in yml 2017-06-27 09:32:57 +02:00
andryyy a6677983af Merge branch 'dev' of https://github.com/mailcow/mailcow-dockerized into dev 2017-06-26 23:18:15 +02:00
andryyy b9ffcf2bf8 Add whitelist function to Fail2ban 2017-06-26 23:18:05 +02:00
andryyy 6cd44b4136 Remove old code 2017-06-26 23:17:46 +02:00
Phoenix Eve Aspacio 0488c9a250 Update edit.css 2017-06-26 07:34:41 +08:00
Phoenix Eve Aspacio 38c74e5e24 Update mailbox.css 2017-06-26 07:34:21 +08:00
Phoenix Eve Aspacio d4f4c0f0c9 Update user.css 2017-06-26 07:33:53 +08:00
Phoenix Eve Aspacio a08ad04708 Update admin.css 2017-06-26 07:33:33 +08:00
Phoenix Eve Aspacio 48557a4de9 Update admin.css 2017-06-26 07:23:48 +08:00
Phoenix Eve Aspacio c4f25b7dde Update mailbox.css 2017-06-26 07:23:17 +08:00
Phoenix Eve Aspacio 877bc74dbe Update user.css 2017-06-26 07:22:58 +08:00
Phoenix Eve Aspacio 2d7224e869 Update edit.css 2017-06-26 07:22:41 +08:00
andryyy 4f93bfd04f Initial commit: Set fail2ban parameters in UI 2017-06-25 21:33:26 +02:00
andryyy 468b74c860 Changes to syntax 2017-06-25 20:17:31 +02:00
andryyy 170e030dd6 Configure autodiscover in vars.inc.php 2017-06-25 18:10:29 +02:00
andryyy b6bc1eaf0a Fix autodiscover, pass ports to phpfpm-mailcow for further features and autodiscover 2017-06-25 18:09:42 +02:00
Michael Kuron 18386125b6 Fix EAS autodiscover for certain Outlook variants 2017-06-25 14:19:44 +02:00
andryyy cbb4f51a9d Fix Junk-E-Mail folder name 2017-06-25 11:32:21 +02:00
andryyy 8590cc577b Move folder names to match image names 2017-06-25 00:21:24 +02:00
andryyy 3be99d7f89 Set IPv6 network as secure_ip range in Rspamd 2017-06-24 22:07:26 +02:00
andryyy 47eb11338c Push fail2ban version to 1.2 2017-06-24 20:06:23 +02:00
andryyy c4c1bdf477 Add a retry window for fail2ban-mailcow, add priority to logging, added window time to logging string" 2017-06-24 20:04:12 +02:00
andryyy a2f8f5c908 Fix id 2017-06-24 10:32:24 +02:00
andryyy 1bf8cc13ba Fixes #398 2017-06-24 10:32:10 +02:00
andryyy c75ce5124c Fixes: First line was missing in logs. Adds support for Fail2ban container 2017-06-24 00:07:53 +02:00
andryyy b8e9b3d879 fail2ban:1.1, use Redis, add logging, ban time and max attempts to be configured via UI soon 2017-06-24 00:07:18 +02:00
andryyy 112e056fda Add function to generate 3 1 1 TLSA digest 2017-06-23 14:23:12 +02:00
andryyy 2104034156 cp -n is unknown 2017-06-23 14:22:54 +02:00
andryyy 59623a639e Keep key when issuing new certificate to not break TLSA records with options 3 1 1 2017-06-23 08:40:05 +02:00
andryyy 18e52ab27d More debug output, keep key for TLSA 3 1 1, other minor changes 2017-06-23 08:33:07 +02:00
andryyy 85a9239ae9 Move account key 2017-06-22 21:44:10 +02:00
andryyy 0c07ff59c3 Fix skip le test... 2017-06-22 21:31:14 +02:00
Michael Kuron 1f9b5cb16e ACME: support CNAME in domain checks 2017-06-22 20:36:03 +02:00
andryyy 4066f3507c New Rspamd image, also fixes #386 2017-06-22 17:12:13 +02:00
andryyy 856b05147c Skip LE with configuration parameter 2017-06-22 09:06:24 +02:00
andryyy cbfe5e879e Fix error when adding alias with multiple alias addresses 2017-06-21 23:27:01 +02:00
NuVivo314 601f3b6947 Change select Priority
Simple change, for Select Older
2017-06-21 11:54:03 +02:00
andryyy 578011c78c Move milter config, increase timeout for DNS 2017-06-21 10:18:52 +02:00
andryyy 05fc733091 Merge branch 'dev' of https://github.com/mailcow/mailcow-dockerized into dev 2017-06-20 20:07:30 +02:00
andryyy c82c9524b0 Delete certificate if SANs were removed 2017-06-20 20:06:54 +02:00
andryyy 428140d34f Version update 2017-06-20 20:06:35 +02:00
andryyy 0e501acd7d Base on stretch 2017-06-20 20:06:24 +02:00
Michael Kuron 987d83e104 Make Thunderbird plugin download more resilient
- use specific GitHub API version
- use only-matching grep
- remove hard-coded version number
- use Mozilla Addons API
2017-06-19 20:48:56 +02:00
André Peters beac3035f6 Merge pull request #372 from lazyfrosch/sync-password
data/web: Update syncjob password input to type password
2017-06-19 17:12:49 +02:00
Markus Frosch 4be67ccd64 dovecot/imapsync_cron: Use passfiles to hide passwords from ps 2017-06-19 11:43:07 +02:00
Markus Frosch 0f8bf53d9c data/web: Update syncjob password input to type password
So the password is not readable in clear text.
2017-06-19 11:22:19 +02:00
andryyy 036c51f053 Prefere ipv4 to fix problems on v4-only envs 2017-06-19 10:39:14 +02:00
andryyy 68d455e154 Just start reconf-sogo to also trigger SOGos restart after a successful reconfiguration 2017-06-19 10:30:11 +02:00
andryyy fbf33e475a SOGo will be started after reconf script to prevent race conditions 2017-06-19 10:19:16 +02:00
andryyy 624e52e198 mysqladmin uses ping on static IPv4, supervisor does no more autostart SOGo 2017-06-19 10:18:53 +02:00
andryyy 5efe0b9a88 Ignore tar.gz 2017-06-19 10:17:37 +02:00
andryyy 10d83017e1 Declare correct arrays 2017-06-19 08:59:47 +02:00
André Peters 2d59e61c6b Merge pull request #370 from mkuron/patch-2
Autodiscovery for eM Client and Outlook 2007/2010
2017-06-19 08:54:59 +02:00
andryyy 2a845a0d21 Less verbose 2017-06-18 20:57:54 +02:00
andryyy 9117c499ef Do not break DNS replies.... 2017-06-18 20:57:26 +02:00
andryyy 6fa19a37d8 Unbound changes 2017-06-18 20:23:26 +02:00
Michael Kuron 08506f7c81 Autodiscovery: send display name to IMAP client 2017-06-18 16:07:56 +02:00
Michael Kuron 4a379d0540 Satisfy Microsoft Remote Connectivity Analyzer 2017-06-18 16:04:13 +02:00
Michael Kuron b34d650f97 Autodiscovery for arbitrary clients. EAS only for Outlook 2013+
Mobile and Desktop clients can be differentiated based on the response scheme they request. Mobile clients and Outlook 2013+ get EAS, others get IMAP
2017-06-18 13:09:28 +02:00
Michael Kuron 646957efee Autodiscovery for eM Client
It can be identified by its lack of user agent header. Through additional Protocol tags, it can also have CalDAV and CardDAV configured.
2017-06-18 12:11:02 +02:00
andryyy 44c4074773 Add err priority to danger class 2017-06-17 20:57:23 +02:00
andryyy 5aba885b58 Skip ACME client for other certificates than LE 2017-06-17 10:08:12 +02:00
andryyy 08edc1d1d3 Remove obsolete file, add {} 2017-06-16 23:27:16 +02:00
andryyy 812b9b617a Cannot spawn as proc in sub shell. Breaks SOGo restart. 2017-06-16 23:26:43 +02:00
Michael Kuron b3b5313336 SOGo Integrator: match some preferences to SOGo web defaults 2017-06-16 17:00:46 +02:00
Michael Kuron d8fa38010a SOGo Integrator bugfix for multiple domains 2017-06-16 14:02:39 +02:00
Michael Kuron c739091a67 Customize the SOGo Integrator plugin for Thunderbird 2017-06-16 10:30:40 +02:00
andryyy 03d4ea5a35 Add ability to generate passwords for new mailboxes 2017-06-16 08:52:41 +02:00
andryyy 09a6d432f1 Fixes #364 2017-06-15 23:03:21 +02:00
andryyy ba3fc47d5f Fix autodiscover, thanks to K2rool! 2017-06-15 23:03:10 +02:00
Michael Kuron 5e56edb08c Properly gitignore the SSL certificate 2017-06-15 10:20:54 +02:00
James Smith bcdbbf0102 Make autodiscover case insensitive 2017-06-14 23:42:42 +01:00
andryyy 83cb686e33 Fix fix for Apple dav.... 2017-06-14 23:17:31 +02:00
andryyy 495bf05fb8 Fix for Apple autoconfiguration (dav) 2017-06-14 23:14:41 +02:00
andryyy e99fa9433e Fix dav url detection for apple 2017-06-14 23:10:50 +02:00
andryyy 19325ffb2a Validate additional SAN 2017-06-14 07:24:32 +02:00
andryyy 863a0e4d06 Finally fix SOGo race condition 2017-06-13 23:38:47 +02:00
andryyy 4a0a9cbf1f Minor tweaks 2017-06-13 23:38:24 +02:00
andryyy 0fd0cff8ac Auto-sign autodiscover and autoconfig for all domains found in mailcow - only if A records exists and matches 2017-06-13 23:37:48 +02:00
andryyy 655aa9594e Never overwrite error_reporting 2017-06-13 23:36:42 +02:00
andryyy 9a99975394 Fix duplicate postfix install 2017-06-13 07:45:24 +02:00
André Peters 7972b38daf Merge pull request #349 from bebehei/patch-1
remove doubly postfix argument
2017-06-13 07:44:39 +02:00
andryyy 3e09d11856 Be less verbose 2017-06-13 07:41:13 +02:00
andryyy 44197c410e Do not add milter headers for authenticated users 2017-06-13 07:41:00 +02:00
andryyy fcfc119805 Fix race condition with workaround 2017-06-13 07:39:45 +02:00
andryyy 35a73025c7 Add until to hopefully stop race condition 2017-06-12 23:49:21 +02:00
andryyy a33aa7a2cb Fix Dockerfile 2017-06-12 23:48:56 +02:00
andryyy 261e1ad4fb Rspamd stable 2017-06-12 23:48:42 +02:00
andryyy b367ec0ace Add Unbound as better DNSSEC enabled resolver 2017-06-12 23:48:27 +02:00
andryyy db01b08926 Fixes #351 2017-06-12 20:21:31 +02:00
Michael Kuron d6c9f96b4e Don't keep development packages in php-fpm image. 2017-06-12 17:06:57 +02:00
andryyy 5aa2ded331 Merge branch 'dev' of https://github.com/mailcow/mailcow-dockerized into dev 2017-06-12 10:46:08 +02:00
andryyy ef62f6b383 Acme tool checks for valid autodiscover and autoconfig A records and skips non-existing names
Todo: Add AAAA check, add check for additional_san
2017-06-12 10:45:12 +02:00
andryyy ad969d15cd Remove bind9 2017-06-12 10:43:36 +02:00
andryyy a25fc17b87 Fix permission 2017-06-12 10:43:28 +02:00
andryyy c0619a5b6b Less layers 2017-06-12 10:43:11 +02:00
andryyy 5321ebe707 Push to Dovecot 2.2.30 2017-06-12 10:42:48 +02:00
andryyy cf44745c18 Less layers 2017-06-12 10:42:33 +02:00
andryyy 02ceb6d3ef Remove obsolete files 2017-06-12 10:40:08 +02:00
Phoenix Eve Aspacio 7575b46fba Update 2017-06-12 15:38:36 +08:00
Benedikt Heine 0967418078 change dockerfile exec perms 2017-06-11 17:47:04 +02:00
Benedikt Heine c2075be5ec remove doubly postfix argument 2017-06-11 15:42:06 +02:00
Phoenix Eve Aspacio 564fb82257 Create header.inc.php 2017-06-11 13:43:59 +08:00
Phoenix Eve Aspacio 915ffb1991 Added mailcow app description 2017-06-11 08:05:10 +08:00
Phoenix Eve Aspacio 9754b8c196 Escape HTML special chars 2017-06-11 07:58:30 +08:00
André Peters 329ac40d95 Merge pull request #332 from mkuron/symlink
Replace symlink to PHP script
2017-06-08 20:57:51 +02:00
Chris Croome ed448f19c1 Typo fixed 2017-06-08 11:41:31 +01:00
andryyy 3a42895094 Merge branch 'dev' of https://github.com/mailcow/mailcow-dockerized into dev 2017-06-06 22:02:17 +02:00
andryyy 6836bf2df2 Update DKIM to ARC/DKIM 2017-06-06 22:02:07 +02:00
andryyy 663ea7815c Use new milter interface 2017-06-06 22:01:41 +02:00
andryyy a41cafac3e Switch to Rspamds milter interface 2017-06-06 22:00:34 +02:00
andryyy c9318ecf83 Switch to Rspamds milter interface 2017-06-06 21:59:44 +02:00
andryyy e15795e112 Enable http2 2017-06-06 21:59:27 +02:00
andryyy 2db910d6dc Remove Rmitler \o/ 2017-06-06 21:58:48 +02:00
Michael Kuron 062abb0ca7 Replace symlink to PHP script 2017-06-04 13:31:35 +02:00
Phoenix Eve Aspacio 6c73cc6918 More Capitalization Fix ✏✏ 2017-06-01 18:36:25 +08:00
Phoenix Eve Aspacio 9658fb2f85 Capitalization fix 🐳 2017-06-01 18:24:46 +08:00
andryyy 55071805f3 Execute after rmilter_headers (prio 10) 2017-05-29 21:53:47 +02:00
andryyy 5a95d2062c More changes to the UI, more API... 2017-05-29 21:51:06 +02:00
andryyy f84a3a731a File indents 2017-05-29 21:50:43 +02:00
andryyy ed58a9a9b3 File permission 2017-05-29 21:49:47 +02:00
andryyy d33399b3cb Fix mismatch in env and from mime header when signing mail 2017-05-29 21:49:01 +02:00
andryyy e159eb7522 Fix listener 2017-05-29 21:48:41 +02:00
André Peters 1c0443b5fa Merge pull request #317 from mkuron/patch-1
SOGo UI: per-user authentication failure rate-limiting
2017-05-29 08:48:30 +02:00
André Peters ae707cd8ff Revert "php-fpm dockerfile simplification" 2017-05-29 08:45:30 +02:00
André Peters 192eb50449 Merge pull request #319 from TBK0000/php-fpm-alpine
php-fpm dockerfile simplification
2017-05-29 07:32:24 +02:00
TBK 9ee00c9933 php-fpm dockerfile simplification
By using Alpine pkgs instead of the official php base image the image size has been reduced from 459 MB to 55.7 MB a reduction of a whooping 403.3 MB :D
2017-05-28 23:33:16 +02:00
TBK e151e32730 ShellCheck
http://www.shellcheck.net/
2017-05-28 23:28:41 +02:00
TBK 2d0c4db2a5 Clamav dockerfile simplification
- Locked to specific release.
- Fewer layers.
- Size reduction of 49 MB.
2017-05-28 16:23:13 +02:00
Michael Kuron eb9217a8b8 SOGo UI: per-user authentication failure rate-limiting 2017-05-28 16:02:34 +02:00
André Peters fb6893f664 Add IPv6 2017-05-28 11:14:43 +02:00
andryyy 95c30e8791 Remove change... 2017-05-26 23:03:51 +02:00
andryyy 178a219c05 Merge branch 'dev' of https://github.com/mailcow/mailcow-dockerized into dev 2017-05-26 23:02:34 +02:00
andryyy ce6bf18c2f Web UI improvements 2017-05-26 23:02:04 +02:00
André Peters 4f2a1d940c Merge pull request #313 from mkuron/fail2ban
Authentication rate limiting for Mailcow UI
2017-05-25 15:52:15 +02:00
Michael Kuron de8ec199fa PHP authentication failure: log straight to error log 2017-05-25 15:36:44 +02:00
Michael Kuron 1906c26e5d Auth rate limiting: Mailcow UI and correct treatment of v4-mapped addresses 2017-05-25 13:57:50 +02:00
andryyy 0403579b7e Use hostname 2017-05-25 11:00:14 +02:00
andryyy 813207c694 Listen on internal IPv6 2017-05-25 10:59:57 +02:00
André Peters 8c73b8eb5f Merge pull request #311 from mkuron/fail2ban
Fail2ban-like authentication rate limiting for Postfix, Dovecot and SOGo
2017-05-25 10:58:14 +02:00
Michael Kuron 88f94a2e15 Authentication rate limiting for Postfix, Dovecot and SOGo 2017-05-25 10:44:10 +02:00
andryyy fd92283fb8 Add missing ; 2017-05-24 10:03:06 +02:00
andryyy 258a8ee6e9 Add IPv6 listener to Nginx, fixes IO error in Rspamd logs 2017-05-23 22:24:30 +02:00
andryyy 56a9a09e2f Further migration 2017-05-23 22:23:46 +02:00
andryyy 466b8137e5 Add log_helper to Rspamd, add IPv6 for http maps in Nginx, make Bind listen on v6 and add acl for internal network 2017-05-23 22:23:34 +02:00
andryyy d1b99d2355 Remove workaround 2017-05-23 22:22:40 +02:00
andryyy b17543f211 Fixes 2017-05-23 21:50:48 +02:00
andryyy 21714bd054 Remove obsolete map 2017-05-23 21:50:33 +02:00
andryyy f3a1d81347 Rate extensions 2017-05-23 21:50:05 +02:00
André Peters d16304bf6a Merge pull request #299 from PhoenixPeca/dev
Added a preliminar italian translation - DEV
2017-05-23 09:38:34 +02:00
andryyy fd5a59086b More structural changes 2017-05-23 09:36:59 +02:00
andryyy 49bb816a1c Fixes #301 2017-05-20 16:56:53 +02:00
andryyy 5a62d29fa6 Fixes #301 2017-05-20 14:47:36 +02:00
andryyy e99db685e5 Change map watch interval, remove Mraptor 2017-05-20 14:28:05 +02:00
Phoenix Eve C. Aspacio e1d39983f6 Added Italian language file 2017-05-19 18:35:39 +08:00
Phoenix Eve C. Aspacio 62750b716a Added Italian Language 2017-05-19 18:34:29 +08:00
andryyy 0e80033535 Remove autocomplete 2017-05-19 09:02:52 +02:00
Steve Divskinsy a77ad0470e Turning autocomplete off for Yubi Tokens 2017-05-19 10:10:01 +09:30
andryyy 4ffa80a669 Remove ip from session check 2017-05-18 19:45:41 +02:00
Michael Kuron ce515f7fc2 Remove REMOTE_ADDR check 2017-05-18 19:26:01 +02:00
André Peters 111f65333c Merge pull request #290 from mailcow/dev
Dev
2017-05-18 10:18:53 +02:00
andryyy eb0920366c Remove defect domain administrators 2017-05-18 10:18:13 +02:00
andryyy 69e72fb271 License 2017-05-18 09:48:22 +02:00
andryyy 90f6d53418 License 2017-05-18 09:47:38 +02:00
André Peters 03b20a4570 Create LICENSE 2017-05-18 09:08:04 +02:00
André Peters a6642bf0c8 Create LICENSE 2017-05-18 09:07:44 +02:00
andryyy 9965ff10a7 Fix mynetworks: Add mailcow ipv6 network 2017-05-17 22:38:59 +02:00
andryyy 63324b0de8 Fix mynetworks: Add mailcow ipv6 network 2017-05-17 22:38:11 +02:00
andryyy d215bf1e5b Drop view and table 2017-05-17 21:54:53 +02:00
André Peters a72631fb15 Merge branch 'master' into dev 2017-05-17 21:20:12 +02:00
andryyy c9184a9bad Various fixes and changes 2017-05-17 21:17:00 +02:00
andryyy a7b854f7ce Fix Dockerfile, again 2017-05-17 21:16:48 +02:00
andryyy 61de3c354c Use Alpine ClamAV 2017-05-17 07:48:48 +02:00
andryyy dd5b46e9ee Use Alpine PHP-FPM 2017-05-17 07:48:37 +02:00
andryyy f38d726ed2 Revert base of Rspamd 2017-05-17 07:46:27 +02:00
Dennis Neufeld 0d3d9b8c15 Fix bug: Session cookie domain
If the web domain is != mail domain, the session cookie is set to the wrong domain.
2017-05-16 19:46:24 +02:00
Dennis Neufeld 53d02ded2a Add missing question mark (GET-URL) 2017-05-16 19:25:35 +02:00
Dennis Neufeld b2a5bf0453 Formatting, Updated Bootstrap/Bootswatch 2017-05-16 19:20:58 +02:00
Dennis Neufeld 9f4491b9be Language selection: Fix missing negation 2017-05-16 18:17:31 +02:00
Dennis Neufeld 8fb6a4c34d Language selection
Better way to select language
2017-05-16 18:11:58 +02:00
Dennis Neufeld 4a9c9c220a Updated languages
Use HTML5-linebreak instead of XHTML
2017-05-16 18:11:00 +02:00
andryyy cab5277ce5 Check if variable is not empty to prevent warnings 2017-05-16 11:59:20 +02:00
andryyy 08ad62a253 Fix domain actions 2017-05-16 09:51:05 +02:00
andryyy 4007db0862 Fix domain actions 2017-05-16 09:50:15 +02:00
andryyy e91c6916ab CSRF protection 2017-05-15 11:37:12 +02:00
andryyy 4c6cfa66a8 CSRF protection 2017-05-15 11:36:31 +02:00
andryyy 82c805d091 Remove owasp tool 2017-05-15 09:29:03 +02:00
andryyy fccdabb113 Remove owasp csrf tool 2017-05-15 09:00:37 +02:00
andryyy 861ade77ab New Dockerfile 2017-05-14 22:11:12 +02:00
andryyy be044a1592 Add openssl 2017-05-14 22:10:25 +02:00
andryyy d06e938d0e Destroy session when invalid, use more compatible js path 2017-05-14 21:54:18 +02:00
andryyy 49f28ecaf8 Destroy session when it becomes invalid 2017-05-14 21:53:08 +02:00
andryyy e795898b80 Fix Redis migration 2017-05-14 20:16:43 +02:00
andryyy 3ab77b1303 Skip domain in config 2017-05-14 20:15:59 +02:00
andryyy 1add37157d Remove icu lib dev 2017-05-14 20:15:34 +02:00
andryyy ce4c5b80b8 Fix migration to Redis 2017-05-14 20:07:43 +02:00
andryyy a46a84a949 Fix docker-entrypoint, fixes key merging from file to Redis 2017-05-14 14:26:07 +02:00
andryyy fbac28974b Base on Alpine 2017-05-14 14:25:10 +02:00
andryyy 4b875d1468 Remove some tools after installation 2017-05-14 14:24:55 +02:00
andryyy cf4cefbccd Base on Alpine, still needs cleanup 2017-05-14 14:23:26 +02:00
andryyy ed1679baef Disable error all 2017-05-13 23:07:48 +02:00
andryyy 2291b4e121 Added SOGo logs 2017-05-13 22:58:29 +02:00
andryyy 980acb507e Log to redis and file 2017-05-13 22:58:10 +02:00
Michael Käufl 766a986f27 [Dockerfiles] Do not install both curl and wget
curl is used in rspamd-pipe-*, so I kept curl
2017-05-13 18:10:04 +02:00
Michael Käufl 7fd982f948 [Dockerfiles] Do not persist DEBIAN_FRONTEND=noninteractive in images
According to https://github.com/moby/moby/issues/4032#issuecomment-163689851
(and some other comments in the issue) it's not recommended to set
`DEBIAN_FRONTEND` via `ENV` in a Dockerfile.  `ARG` has the same
effect at build time but does not change `DEBIAN_FRONTEND` in the
final image, so I switched to it.  It should also work to remove it
completely.
2017-05-13 18:10:04 +02:00
Michael Käufl e081a847a1 [Dockerfiles] Do not keep curl installed 2017-05-13 18:10:04 +02:00
Michael Käufl 559d9dda71 [Dockerfiles] Run rm as early as possible 2017-05-13 18:10:04 +02:00
Michael Käufl 85be7aa973 [Dockerfiles] Sorted list of packages 2017-05-13 18:10:04 +02:00
Michael Käufl 9ab9d76240 [Dockerfiles] Used best practices for apt-get
See https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/#apt-get

- Replaced `-y install` with `install -y` (unification)

- Put every package on its own line

- Moved `rm -rf /var/lib/apt/lists/*` in the same `RUN` statement as `apt-get`

- Removed unnecessary `apt-get clean`
  See 03e2923e42/contrib/mkimage/debootstrap (L82-L105)
2017-05-13 18:09:53 +02:00
Michael Käufl d0d0961006 [Dockerfiles] Replaced deprecated MAINTAINER with LABEL
Used format proposed in
https://docs.docker.com/engine/reference/builder/#maintainer-deprecated
2017-05-13 18:09:45 +02:00
andryyy 0a90bdc4df Fixes #264 2017-05-13 09:42:17 +02:00
André Peters 42445bee52 Merge pull request #265 from michael-k/indentation
Used tabs for indentation in Dockerfiles
2017-05-13 09:04:46 +02:00
andryyy 15853df84c JS changes and fixes 2017-05-13 08:55:34 +02:00
Michael Käufl 6cd97c46c5 Used tabs for indentation in Dockerfiles 2017-05-12 20:59:27 +02:00
andryyy b1d0776ad1 Fix selection in filter field 2017-05-11 23:18:57 +02:00
andryyy a478c50681 Change to tabstops 2017-05-11 23:15:06 +02:00
andryyy 14a9a1c616 A lot of changes... still not finished, use with caution.
Edit actions can be done with the internal API, trying to get rid of edit and add files
2017-05-11 23:10:32 +02:00
andryyy f582f0f01b Various fixes, update u2flib 2017-05-09 23:25:23 +02:00
andryyy a8e550244e Remove DKIM keys with api 2017-05-09 21:30:08 +02:00
andryyy 93046dea45 Fixes #261 2017-05-09 21:29:51 +02:00
andryyy 4099b6e25d Merge branch 'dev' of https://github.com/mailcow/mailcow-dockerized into dev 2017-05-09 13:44:03 +02:00
andryyy bbff045d04 Use API for forwarding hosts 2017-05-09 13:43:54 +02:00
Michael Kuron 759f21ac6b Consistent symbol names for forwarding hosts
multimap.conf and force_actions weren't using the same name
2017-05-09 07:29:43 +02:00
andryyy 74359f6df4 Use Redis for forwarded_hosts, some fixes 2017-05-08 23:09:40 +02:00
andryyy d64ed65575 Add multimap and forced actions for forwarded_hosts, removed from settings 2017-05-08 23:09:21 +02:00
André Peters 5861bec0c3 Merge pull request #256 from mkuron/forwardinghosts
Optionally enable spam filter for forwarding hosts
2017-05-08 19:00:42 +02:00
andryyy 97dc8d9ff8 Fix modal in admin 2017-05-08 15:44:30 +02:00
andryyy f77c40a179 Better log table, some MySQL to Redis migrations, API changes, other minor changes... 2017-05-08 15:41:05 +02:00
andryyy cdf7c87e20 Deleted two http maps, replaced by redis multimaps, much better tag system 2017-05-08 15:39:33 +02:00
andryyy a18bcce93d Minor style changes 2017-05-08 15:38:03 +02:00
andryyy 653d23a843 Migrate some settings and DKIM keys to Redis when starting 2017-05-08 15:35:24 +02:00
andryyy a267a4ad71 Use DKIM selector from Redis 2017-05-08 14:11:30 +02:00
Michael Kuron 7931b00fa0 Fix column width 2017-05-08 07:46:36 +02:00
Michael Kuron 519be0d9f8 Merge branch 'forwardinghosts' of github.com:mkuron/mailcow-dockerized into forwardinghosts 2017-05-08 07:39:51 +02:00
Michael Kuron 7efc720d47 Merge remote-tracking branch 'origin/dev' into forwardinghosts 2017-05-08 07:39:30 +02:00
andryyy 3b80a1af37 Change admin layout, add Postfix logs 2017-05-08 00:27:35 +02:00
andryyy aa98d86feb Sieve rule for tags changed 2017-05-08 00:27:16 +02:00
Michael Kuron 2444cd1cd2 Remove duplicated SQL 2017-05-07 20:12:24 +02:00
andryyy 2dd9e1b14f Fix hostname detection 2017-05-07 17:46:10 +02:00
andryyy a52f15e5e8 Remove submodule, add as common directory 2017-05-07 13:44:35 +02:00
andryyy 3c937f75ba Add OWASP CSRF Protector, add more secure session handling 2017-05-07 13:38:31 +02:00
Michael Kuron ae6d7d63fc Optionally enable spam filter for forwarding hosts 2017-05-07 08:50:28 +02:00
andryyy 8c8bfc0108 Add Json log parser for Dovecot and Postfix containers 2017-05-06 23:52:40 +02:00
andryyy d614aaf617 Add Json logger 2017-05-06 23:42:18 +02:00
andryyy fa3a47fde5 Log to syslog 2017-05-06 23:42:07 +02:00
andryyy ecda4fb1d1 Change whitelist for forwarding hosts 2017-05-06 23:41:58 +02:00
andryyy 026d2f14d0 Merge lang files from dev 2017-05-06 08:10:31 +02:00
andryyy b3a161f930 Keep format 2017-05-06 08:09:40 +02:00
andryyy 1501df6e42 Use Redis for DKIM keys, define any selector, auto-merge old keys to Redis and fallback to files 2017-05-05 10:35:27 +02:00
andryyy a790c2bdc0 Add phpredis 2017-05-05 10:34:31 +02:00
andryyy e3f9839410 Do not use sld for DKIM signing 2017-05-04 19:12:21 +02:00
andryyy 711fa922e6 Fail silent 2017-05-03 22:26:21 +02:00
andryyy edc41b48d1 Add map for scheme... 2017-05-03 22:26:10 +02:00