andre.peters
ae4ccd4d17
[Dovecot] Fixes CVE-2017-15132 - take 2
2018-02-01 23:35:55 +01:00
andre.peters
6ebcd00521
[Dovecot] Fixes CVE-2017-15132
2018-02-01 22:43:28 +01:00
andre.peters
c5f9b065f6
[Dovecot] Fixes CVE-2017-15132
2018-02-01 22:27:48 +01:00
andre.peters
a0d9efba00
[PHP-FPM] Remove old migration scripts
2018-02-01 13:40:59 +01:00
andre.peters
f4ae354c0c
[SOGo] Do not try to use foreign mailboxes as alias
2018-02-01 13:40:13 +01:00
andre.peters
38a819771b
[Netfilter] Rename fail2ban to netfilter, use iptables-python
2018-02-01 13:39:27 +01:00
andre.peters
0773448b35
[Dockerapi] Fix jsonify output
2018-02-01 13:38:42 +01:00
André Peters
912ba9b4ff
Fixes #979
2018-01-29 14:42:51 +01:00
Michael Kuron
c30448c4d8
Merge branch 'master' of https://github.com/andryyy/mailcow-dockerized into recipient_map
...
Conflicts:
data/web/inc/init_db.inc.php
2018-01-27 17:22:08 +01:00
andre.peters
7433b6dc91
[ClamAV] Build from source, fix bugs...
...
[Compose] New clamd-mailcow image
2018-01-27 10:26:12 +01:00
andre.peters
04f9d74339
[Web, Dovecot] Add new options to imapsync, other minor changes to forms, partly fixes #955
2018-01-24 12:59:11 +01:00
andre.peters
1aaa5682b4
[Fail2ban] Allow to set subnet size for banned networks
2018-01-24 09:11:33 +01:00
andre.peters
f2f4dabce4
[Postfix] postconf wrapper for correct config location, fixes #949
2018-01-24 09:10:43 +01:00
andre.peters
46aafff627
[ClamAV] Outsource config
2018-01-24 08:40:13 +01:00
Michael Kuron
e86565e283
Expose Postfix's recipient_canonical_maps through web UI
2018-01-23 20:02:31 +01:00
andre.peters
a7a7b3f3fd
[Postfix] Use name instead of IP
2018-01-21 15:01:51 +01:00
andre.peters
d24bb16947
[Watchdog] Check PHP-FPM port 9000 and 9001
2018-01-21 15:01:35 +01:00
andre.peters
737c41379f
[PHP-FPM] Move opcache config to local config file, define new PECL versions
2018-01-21 15:01:02 +01:00
andre.peters
83a21259f7
[Rspamd] Use names instead of IPs
2018-01-21 15:00:05 +01:00
andre.peters
08c8976a95
[SOGo] Show shared aliases and "allow to send as" addresses as FROM fields in SOGo
2018-01-21 14:58:16 +01:00
andre.peters
8419266678
[Web] Important fixes for quarantaine; other minor changes
2018-01-17 15:23:33 +01:00
andre.peters
09b6c20bad
[DockerAPI] Hide stderr from rspamadm output
2018-01-14 18:44:06 +01:00
andre.peters
5d5d36fc60
[Dovecot] Revert to 2.2 to fix various errors
2018-01-14 10:44:06 +01:00
andre.peters
38aaeeb30b
[Dovecot] Dovecot 2.3 from git for temp fixes
...
[ACME] Use -a switch (thanks to jas8522!)
2018-01-14 10:34:06 +01:00
andre.peters
42923698fd
[Dovcot] Fixes for v2.3
2018-01-13 22:49:50 +01:00
andre.peters
ceef6d6fd3
[Dovecot] Dovecot 2.3, Pigeonhole 0.5
...
[Watchdog] Fix Dovecot health check
2018-01-09 11:15:52 +01:00
andre.peters
b7a23a28fd
Merge branch 'dev' of https://github.com/mailcow/mailcow-dockerized into dev
2018-01-08 22:01:39 +01:00
andre.peters
1e9cae9084
[Compose] New images with LOG_LINES
...
[Update] Do not add empty line in each loop
2018-01-08 22:00:54 +01:00
Michael Kuron
cde250a989
Properly wait for MySQL to come up before starting SOGo
2018-01-08 19:56:44 +01:00
andre.peters
db032af698
[ACME] Fix script
2017-12-31 17:17:46 +01:00
andre.peters
8d56534e76
[Postfix] Don't try to authenticate to relayhosts without username, fixes #725
2017-12-25 10:18:49 +01:00
Oratorian
236e4d4a36
See Issue #826
...
Fixes dockerapi-mailcow_1 | raise TypeError('port must be an integer')
Containers are now restarting.
2017-12-18 16:41:04 +01:00
andre.peters
52f4f850cf
[Postfix] Fix missing authentication data for relayhosts when sender domain is alias domain
2017-12-17 17:45:12 +01:00
andre.peters
a771d66889
[Dovecot] Update imapsync
2017-12-17 17:45:05 +01:00
andre.peters
2994b94b6c
[Docker API] Remove logs, remove env var for compose project name
2017-12-11 09:43:01 +01:00
andre.peters
6c67b9df82
Replace name by IP, remove unused tables
2017-12-09 22:30:18 +01:00
andre.peters
2519738094
Various changes...
2017-12-09 13:15:24 +01:00
Peter Schiffer
7d6fc8e6b6
[Dockerapi] Auto detect version of docker server
...
Some older versions of docker need specific version of client api to be able to
communicate. This change allows automatically detect and set version of API to
match server version of API.
Fixes #765
2017-12-01 23:41:37 +01:00
André
ade4b9e7ae
[Postfix, Web] Feature: BCC maps
2017-11-19 15:13:43 +01:00
André
5211ab10ed
[ACME] Fix license issue
2017-11-16 14:57:17 +01:00
André
c45ea5433f
[Rspamd] Base on xenial to fix mime types problems
2017-11-15 12:29:18 +01:00
André
fe845ee56d
[Fail2ban] Fix fail2ban container
2017-11-14 19:50:20 +01:00
André
84a7a1a2e7
[Compose] New images, Nginx checks for SOGo before bootstrapping
...
[PHP-FPM] Some more modules (primarily for Horde)
[Fail2ban] Do not log matches of local and private ips
[Watchdog] Some changes in log system for further processing (wip)
[ACME] Fixes #745
2017-11-14 10:44:22 +01:00
André
60e97503f7
[Web, Dovecot] Show wether a sync job is running, validate min max input attr and validate these values
2017-11-08 11:07:32 +01:00
André
a36a8828c2
[Dovecot] Specify supervisord user
2017-11-05 12:19:18 +01:00
André
1ef10f1358
[PHP-FPM] Include net_sieve, test removal of usr/src/php for size
2017-11-03 20:27:43 +01:00
André
a9f64a3472
[Dockerapi] Return answers in json
2017-11-03 20:26:09 +01:00
André
b32e5adcc5
[Dovecot] sieve_before/after maps in sql, changed dict names
2017-11-03 20:25:38 +01:00
André
1e9bc49f2c
[Rspamd] Echo dummy for fowardingshosts map; Use higher map reading interval;
...
[Dockerapi] Exit on sigterm;
[Watchdog] Wait for dockerapi-mailcow to be online
2017-10-27 11:22:39 +02:00
André
04cb033f0a
[PHP-FPM] Add imagemagic
2017-10-21 10:10:27 +02:00
André
a110e2ea0f
[ACME] Fix detection of orphaned SANs and add tini
2017-10-21 10:08:20 +02:00
André
6b6470fe54
[Rspamd] Use tini
2017-10-15 09:31:19 +02:00
André
ac413058c1
[Watchdog] Fix kill -0 check, use tini and send kill request to tini instead of parent pid, sleep longer
2017-10-14 23:26:08 +02:00
André
c5dd30b058
[ClamAV] Use tini, check if background procs are running, use pipe to output to stdout
2017-10-14 23:25:29 +02:00
andryyy
c5054ae7ed
[Watchdog] Ignore null name in jq
...
[Nginx] Merge sites
[Scripts] Nextcloud helper script (testing!)
2017-10-11 22:56:22 +02:00
andryyy
7c46d6548b
[Dovecot] Ignore watchdog IP in logs, filter by syslog-ng
2017-10-11 11:23:20 +02:00
andryyy
e107cbef5e
[Postfix] Fix sending as alias, when alias is in alias domains, cleanup
2017-10-11 11:22:52 +02:00
andryyy
2862b43c81
[Watchdog] Fix watchdog to fit non-exposed PHP
2017-10-09 15:54:54 +02:00
andryyy
6110ac386f
[SOGo] Use official nightly; [PHP-FPM] Fix expose=off
2017-10-09 15:45:48 +02:00
andryyy
72995ff98e
[PHP-FPM] Include more modules for upcoming features and Nextcloud support, drop ro flag; [Watchdog] Some fixes and changes
2017-10-08 22:47:52 +02:00
andryyy
ef9953898c
[ACME, Watchdog, DockerAPI] Use only limited Docker API
2017-10-06 13:32:49 +02:00
andryyy
3ae0b16845
[Web, DockerAPI] Be more like official Docker API
2017-10-06 10:20:40 +02:00
andryyy
fc18d153cd
[Compose, DockerAPI, Web, Watchdog] Watchdog may send notification mails (todo: docs), DockerAPI via Flesk for limited access
2017-10-05 23:38:33 +02:00
andryyy
9860d44d04
[Watchdog] Do also log errors to Redis if availble
2017-10-04 23:18:51 +02:00
andryyy
2dc8306b69
[Postfix] Remove old socket
2017-10-04 23:15:26 +02:00
andryyy
82ac5fa063
[SOGo] Remove supervisord API
2017-10-04 13:04:35 +02:00
andryyy
9b4ed6b21c
[PHP-FPM] Include Docker api for better SOGo status handling and future changes
2017-10-04 13:04:15 +02:00
andryyy
da987e5b48
[Postfix] Forgot 'not' in filter
2017-10-03 16:54:18 +02:00
andryyy
c59d03fcb3
[Watchdog] Skip when use_watchdog=n
2017-10-03 12:07:48 +02:00
andryyy
68d7fa1504
[Watchdog] Skip when use_watchdog=n
2017-10-03 12:05:38 +02:00
Michael Kuron
752a571607
Merge pull request #638 from mkuron/acme
...
ACME needs to wait for MySQL to be ready
2017-09-28 12:58:07 +02:00
Michael Kuron
ae79445ec0
ACME needs to wait for MySQL to be ready
2017-09-27 19:48:25 +02:00
andryyy
337c9e350e
[Watchdog] Reset diff, new image
2017-09-22 16:40:02 +02:00
andryyy
62524150d2
[ACME] Add timestamps, check if acme account key is valid
...
[Postfix] Ignore local0
[Watchdog] Add Rspamd checks
2017-09-21 19:30:09 +02:00
andryyy
ab850dc901
[ACME] Detect and fix invalid registration
2017-09-21 09:46:09 +02:00
andryyy
41d2a16571
[Watchdog] Script was not executable
2017-09-20 23:36:04 +02:00
andryyy
f511cb0f63
[Watchdog] More fixes and or changes
2017-09-20 23:24:56 +02:00
andryyy
fd1955edca
[Fail2ban] Add variable name
2017-09-20 23:24:39 +02:00
andryyy
b6e84fac3a
Sleep instead of stopping containers to prevent restarts
2017-09-20 12:50:50 +02:00
andryyy
df5c79c3f1
Fixes for watchdog!
2017-09-20 12:27:24 +02:00
andryyy
e70d5b9206
Fix watchdog
2017-09-20 11:05:23 +02:00
andryyy
a8fb1d3f4f
Add experimental watchdog
2017-09-20 10:56:49 +02:00
andryyy
d0c0cd4992
[Rspamd] Fix user settings...
2017-09-16 23:27:13 +02:00
andryyy
1b974bc8d1
[Compose] New images
2017-09-16 23:05:33 +02:00
andryyy
2b97305f6d
[ACME] Sleep, don't exit
2017-09-16 13:17:48 +02:00
andryyy
762f18e913
[Clamd] Use Dockerds own init system
2017-09-14 23:13:24 +02:00
andryyy
eeaa48a729
[PHP-FPM] Use valid user for mysqladmin ping
...
[SOGo] Use valid user for mysqladmin ping
2017-09-12 20:57:18 +02:00
andryyy
1ffed58956
[ACME] New version, better IPv4 detection
2017-09-11 21:51:17 +02:00
andryyy
ed4e8d301c
Fix tabs
2017-09-08 18:41:02 +02:00
andryyy
b8c4093702
[Web] Allow a spam score up to 2000, fixes #556
2017-09-07 20:20:36 +02:00
Tobias
fcd0efc265
Change primary name of SSL certificate
...
Hostname as primary name for the SSL certificate, all other names will
be added as SAN
2017-09-03 19:41:47 +02:00
andryyy
1f90433429
[Dovecot, Postfix, SOGo] Fix redis log cleanup, fixes #542
2017-09-03 11:57:58 +02:00
andryyy
446907944a
[Postfix] Fix missing ltrim
2017-09-01 23:40:23 +02:00
andryyy
008d500f4d
[Compose, Dovecot] Fixed missing ltrim
2017-09-01 23:39:51 +02:00
andryyy
7351fcf1e3
[Compose, SOGo] New version, ltrim logs
2017-09-01 23:33:12 +02:00
andryyy
4d7bb26874
[Postfix] Add null rcpt for watchdog
2017-09-01 12:22:29 +02:00
andryyy
08d6b97ffa
[Dovecot] New Dovecot and Pigeonhole versions; include delete2 option in imapsync
2017-08-31 10:36:10 +02:00
andryyy
4a0e3a433b
[Fail2ban] Remove rule to detect disconnects without authentication
2017-08-30 22:27:33 +02:00
andryyy
b1213c51d7
[Rspamd] Dynamic ratelimit fixed, removed async redis request; Ready to implement per-user ratelimits via UI (tbd)
2017-08-30 21:42:39 +02:00
andryyy
7a2c0f2ee7
[Acme] Skip backup mx domains
2017-08-18 09:57:25 +02:00
André Peters
92eefc1288
Merge pull request #486 from mkuron/patch-1
...
Disable ClamAV phishing filter
2017-08-02 15:54:16 +02:00
Michael Kuron
dec64eef32
Disable ClamAV phishing filter
...
ClamAV has a phishing filter built in, but it generates too many false positives. We can disable it without risk because rspamd also checks for phishing itself.
2017-08-02 14:42:53 +02:00
andryyy
2eed7c05a1
[Dovecot] Push version, fix cronjob ( fixes #310 )
2017-08-01 14:02:00 +02:00
andryyy
c7484434dd
[Dovecot] Remove master.pid if not running; Check for active imapsync besides lock file; Reconnect MySQL connection in imapsync_cron.pl
2017-07-31 08:19:02 +02:00
andryyy
33bf9f5c5d
[Rspamd] Push image version 1.5, Rspamd 1.6.3
2017-07-26 23:07:01 +02:00
andryyy
8da02378b1
[Rspamd] Use Nginx IP in settings map
2017-07-26 23:04:49 +02:00
andryyy
03c614f749
[Postfix] Use Nginx IP in whitelist_forwardinghosts.sh
2017-07-26 23:04:27 +02:00
andryyy
b629089ff8
[SOGo] Rename reconf-domains to bootstrap-sogo and exec sogod after a successful bootstrap; Wait for SOGo to die and free listener
2017-07-24 23:25:04 +02:00
andryyy
5d5646df0c
[Compose, SOGo] Update SOGo, give SOGo more time for a graceful restart, autorestart on any exit code
2017-07-24 22:53:23 +02:00
andryyy
83d485dd94
[Web, Postfix, Compose] Allow to add relayhosts per domain (+ plain and login authentication)
2017-07-22 20:39:54 +02:00
andryyy
ed33cb5f57
[Rspamd] ARC: Disallow login/domain mismatch
2017-07-21 11:03:35 +02:00
andryyy
5f5872f78b
[Rspamd] Initial custom ratelimit support
2017-07-13 12:54:53 +02:00
andryyy
e6727b1fd6
[ACME] Iterate alias domains, use hostname in subject field
2017-07-13 12:51:52 +02:00
andryyy
9e92c4a2ad
[Dovecot] Do not keep persistent logs in a container
2017-07-11 17:09:31 +02:00
andryyy
f8ae5158cb
[Postfix] Do not keep persistent logs in a container
2017-07-11 17:09:20 +02:00
andryyy
a31819fd6c
[SOGo] Log to a pipe to not keep logs in a container
2017-07-11 17:08:06 +02:00
andryyy
51660589d4
[Rspamd] Push version 1.3
2017-07-09 22:28:36 +02:00
andryyy
a324b1a385
[Rspamd] Fix DKIM siging (base64 hash line folding)
2017-07-06 15:57:33 +02:00
andryyy
69da02c144
[Dovecot] Important fix for Pigeonhole (downgrade)
2017-07-05 19:13:07 +02:00
andryyy
7f47af1d60
Fix destination hash
2017-07-05 12:31:52 +02:00
andryyy
87cc5f54ff
[Postfix] Fix redis log destination hash
2017-07-05 12:03:12 +02:00
andryyy
2fadfee61a
[SOGo] Remove thunderbird plugin generation, will move to docs
2017-07-05 10:22:48 +02:00
andryyy
de14d30e6b
[ACME] Fix exit command (was using echo), fix for duplicate SAN (filter)
2017-07-04 21:32:58 +02:00
andryyy
dc463c3dda
[Multiple] Push multiple logs to Redis channel for fail2ban-mailcow to read. Enables Fail2ban independently of used Docker logging driver.
2017-07-04 18:08:20 +02:00
andryyy
ed11e7586e
[Clamd] Add SKIP_CLAMD variable to disable Clamd start
2017-07-04 18:05:44 +02:00
andryyy
ace247b3b9
[ACME] Unset name arrays before reusing them
2017-07-03 10:20:09 +02:00
andryyy
2cf9f71613
[ACME] Revert fix for empty additional_san, fix skip_ip_check in ACME
2017-07-02 20:18:22 +02:00
andryyy
cf902854d7
Merge, conflict fixed
2017-07-02 11:22:35 +02:00
andryyy
b7cb4ac9d5
[Fail2ban] Added more regex to match failed or disallowed logins to Dovecot, changed Mailcow to mailcow
2017-07-02 11:10:35 +02:00
andryyy
ae5ce6568d
[Dovecot] Dovecot 2.2.31, Pigeonhole 0.4.19
2017-06-30 20:30:30 +02:00
andryyy
5ab11c0c1e
[ACME] Show err instead of empty var when IP lookup failed
2017-06-30 20:29:55 +02:00
andryyy
d2048ccf20
[ACME] Be more verbose about IP address
2017-06-29 21:22:01 +02:00
andryyy
a6b60aebb8
[Fai2ban] Added auto-detection for container names; Allow multiple rules for each container; log rule id and container on match
2017-06-29 11:30:14 +02:00
andryyy
9040d456ed
[acme-mailcow] Auto-detect container ids for restart; Restart containers after restore
2017-06-29 10:25:32 +02:00
andryyy
3d652dd3d0
Added more checks for acme-mailcow
2017-06-29 00:56:51 +02:00
andryyy
6d8438c01c
- More checks for acme-mailcow (verify hashes)
...
- Autodiscover configuration file: Merge array from vars.local.inc.php
- Push acme-mailcow to 1.6
2017-06-28 23:22:51 +02:00
andryyy
b0584c3622
Use , as IFS for additional san
2017-06-28 10:50:51 +02:00
andryyy
f7bce8b81a
Copy dhparams if not found
2017-06-27 20:15:53 +02:00
andryyy
e9ea0712f2
Add SKIP_FAIL2BAN var
2017-06-27 10:26:48 +02:00
andryyy
b9ffcf2bf8
Add whitelist function to Fail2ban
2017-06-26 23:18:05 +02:00
andryyy
8590cc577b
Move folder names to match image names
2017-06-25 00:21:24 +02:00
andryyy
c4c1bdf477
Add a retry window for fail2ban-mailcow, add priority to logging, added window time to logging string"
2017-06-24 20:04:12 +02:00
andryyy
b8e9b3d879
fail2ban:1.1, use Redis, add logging, ban time and max attempts to be configured via UI soon
2017-06-24 00:07:18 +02:00
andryyy
2104034156
cp -n is unknown
2017-06-23 14:22:54 +02:00
andryyy
59623a639e
Keep key when issuing new certificate to not break TLSA records with options 3 1 1
2017-06-23 08:40:05 +02:00
andryyy
18e52ab27d
More debug output, keep key for TLSA 3 1 1, other minor changes
2017-06-23 08:33:07 +02:00
andryyy
85a9239ae9
Move account key
2017-06-22 21:44:10 +02:00
andryyy
0c07ff59c3
Fix skip le test...
2017-06-22 21:31:14 +02:00
Michael Kuron
1f9b5cb16e
ACME: support CNAME in domain checks
2017-06-22 20:36:03 +02:00
andryyy
4066f3507c
New Rspamd image, also fixes #386
2017-06-22 17:12:13 +02:00