Commit Graph

897 Commits (d90d4f9640ed050386df8b88167a3a87c735e369)

Author SHA1 Message Date
andryyy 3ffd39dae5
[Dovecot] Move mailboxes to separate config file; remove postlogin script (replaced by config variables) 2021-06-08 13:14:47 +02:00
andryyy 68f9ca8cb0
[Postfix] Remove broken SASL access map, moved to Dovecot LUA authentication 2021-06-08 13:13:49 +02:00
waja 28ab9986a7
Remove left smtpd_last_auth statement (#4127) 2021-06-06 11:52:31 +00:00
andryyy d7ecf899c8
[Rspamd] Reduce 00 bad subjects score 2021-06-05 17:45:27 +02:00
Dmitriy Alekseev 05f6e28191
[Postfix] Remove smtpd_last_auth from master.cf (#4124) 2021-06-05 16:13:50 +02:00
andryyy 7050d7c259
[Web] Fix BCC validation for aliases 2021-06-05 08:40:55 +02:00
andryyy 51b32bc4c0
[Dovecot] Remove last_login, fixes #4121 2021-06-04 20:48:36 +02:00
andryyy 51e3521aac
[Postfix] Remove smtpd_last_auth service; replaced by SASL logging in Dovecot LUA auth process 2021-06-04 14:29:28 +02:00
andryyy 6d22ae8d02
[Dovecot] Feature: Move authentication to LUA and prepare for http based authentication, log last SASL logins to SQL 2021-06-04 14:27:33 +02:00
andryyy b6b64f9470
[Rspamd] rename symbol from bad_regex to bad_subject 2021-06-03 08:18:10 +02:00
andryyy c8955284a2
[Rspamd] Create BCC plugin 2021-06-03 08:02:03 +02:00
andryyy 1bad74101f
[Postfix] Add listener for BCC sender used by meta_exporter in Rspamd 2021-05-30 16:08:19 +02:00
andryyy 8a83587800
[Postfix] Finally here: MX based transport map routing; Sorry it took years, Patrik
[Web] Small fixes
2021-05-28 10:40:41 +02:00
andryyy fe483d882d
[Rspamd] Replace 00 bad domains by bad regex map (wip) 2021-05-27 13:17:35 +02:00
andryyy 4ede07854d
[Rspamd] Replace 00 bad domains by bad regex map (wip) 2021-05-27 12:34:33 +02:00
andryyy 4b28dbbabc
[Rspamd] Replace 00 bad domains by bad regex map (wip) 2021-05-27 12:33:47 +02:00
andryyy 56a085b632
[Rspamd] Add 00 abuse domains (wip!) 2021-05-24 11:12:56 +02:00
andryyy 2e87f6ac2d
[Rspamd] Fix bad header rule 2021-05-23 23:29:32 +02:00
andryyy f81483d312
[Rspamd] Create bad header map 2021-05-23 23:13:34 +02:00
andryyy cf9d3e00c8
[Rspamd] Create bad header map 2021-05-23 23:12:07 +02:00
andryyy 1cd0a96ad0
[Nginx, SOGo] Set mime type text/plain instead of returning 403 when opening risky attachments 2021-05-17 21:21:35 +02:00
andryyy 6a8aa699d9
[SOGo, Nginx] Deny access to some extensions from SOGo web ui to mitigate security concerns 2021-05-12 10:44:42 +02:00
Dmitriy Alekseev bb1b76454d
[Rspamd] Remove score from SIEVE_HOST (#4080)
Commit e7a5c98704 remove upstream spam flag score
2021-05-04 18:51:07 +02:00
Maximilian 5df8a24c84
server_tokens off in default settings (#4073)
Co-authored-by: Maximilian Leith <accounts.maximilan@leith.de>
2021-04-26 13:20:23 +02:00
Dmitriy Alekseev bbb75b0d32
[Rspamd] Fix for Respect Redis REPLICA in reputation plugin (#4046) 2021-04-18 22:41:08 +03:00
André Peters ee6ca4eaaa
Revert "[Rspamd] Respect Redis REPLICA in reputation plugin (#4046)" (#4065)
This reverts commit 7fdc4c2cc3.
2021-04-18 21:02:29 +02:00
Valentin Brandner 1bb68c2f5f
[Rspamd] Fix little typo in regex (#4050)
There was a dot missing, right? Correct me if I'm wrong...
2021-04-09 23:37:33 +02:00
andryyy 604f29e870
[Postfix] Set mynetworks_style = subnet to include all local subnets, will be overridden by mynetworks in extra.cf 2021-04-07 21:28:53 +02:00
Dmitriy Alekseev 694e3d652f
[Rspamd] Sign Disposition-Notification Headers (#4020)
* [Rspamd] Sign Disposition-Notification Headers

Add more Headers to DKIM signing

* Update dkim_signing.conf
2021-04-03 12:43:20 +02:00
Der-Jan 7fdc4c2cc3
[Rspamd] Respect Redis REPLICA in reputation plugin (#4046) 2021-04-02 21:34:52 +02:00
andryyy 749dc0e5c9 Merge branch 'master' of github.com:mailcow/mailcow-dockerized 2021-03-04 16:13:55 +01:00
Timo Eissler b6d1f78428
[PHP-FPM] Increase PHP memory limit for "cli" to 512M (#4010) 2021-03-03 10:28:15 +01:00
andryyy 4975e4cabd
[SOGo] Fix comments in custom theme 2021-03-03 10:23:51 +01:00
andryyy e956b32a12
[SOGo] Remove custom theme, disable debug mode, keep example custom-themes 2021-03-02 11:24:00 +01:00
Frederick Nicklas Ambo Eggert Eggertsen 6840a1665d
[Web] Danish lang. 🇩🇰 (#3971)
Create Danish lang
2021-02-19 18:23:08 +01:00
andryyy c2c183df2c
[Ejabberd] Add missing ip in yml 2021-02-17 16:44:11 +01:00
andryyy 9ee0bd8bdf
[Ejabberd] Do not store group chats in archive 2021-02-16 21:33:30 +01:00
andryyy b11764dff0
[Config] Add ADDITIONAL_SERVER_NAMES as optional config to define additional server_name parameters for mailcow UI 2021-02-16 16:38:28 +01:00
andryyy c4155d4ab6 [Ejabberd] Do not store messages by default; Delete uploads after 30 days; Use JID in upload file path; Use more secure file permissions; Set max offline messages to 1000; 2021-02-16 16:37:18 +01:00
ValdikSS b52fa1146a
Unset Postfix smtpd_tls_session_cache_database, reduce disk writes (#3981)
Postfix may update smtpd_tls_session_cache_database quite frequently even on not busy server, which leads to unnecessary (excessive) disk writes, which is an issue for SSD.
Postfix documentation suggests not to use this parameter anymore since there's another, better TLS session resumption method available.

>As of Postfix 2.11 the preferred mechanism for session resumption is RFC 5077 TLS session tickets, which don't require server-side storage. Consequently, for Postfix ≥ 2.11 this parameter should generally be left empty.

http://www.postfix.org/postconf.5.html#smtpd_tls_session_cache_database
2021-02-16 11:01:27 +01:00
andryyy 666d344322
[Web] Remove XMPP site when disabling XMPP 2021-02-14 21:33:43 +01:00
andryyy 9febe4e86b [Ejabberd] Require s2s TLS, enforce protocols and ciphers, move admin UI (WIP) 2021-02-14 10:47:53 +01:00
andryyy 38e5dc37d2
[Rspamd] Edit RBL 2021-02-14 10:47:05 +01:00
andryyy 8c6b512f05
[mailcow] Move ejabberd site to last available site 2021-02-12 19:26:49 +01:00
andryyy 38c5470d54
[Ejabberd] Various fixes, sorry (still WIP) 2021-02-11 21:09:46 +01:00
andryyy 462aa0a764
[Ejabberd] Fix bootstrapping, ejabberd could not be enabled 2021-02-11 20:46:13 +01:00
andryyy f69f6b84f3
[Git] Sort gitignore 2021-02-11 15:24:34 +01:00
andryyy 386d6109c8 Merge branch 'master' of github.com:mailcow/mailcow-dockerized 2021-02-11 09:36:18 +01:00
andryyy 29bcd94b7c
[Rspamd] Increase spam symbol weight 2021-02-11 09:32:47 +01:00
Felix Kaechele 31805f1656
[Web] Implement all supported dovecot password schemas (#3974)
When migrating from other Dovecot based installations it can be very
convenient to just copy over existing hashed passwords.
However, mailcow currently only supports a limited number of password
schemes.

This commit implements all password schemes that do not require
challenge/response or OTP mechanisms.

A convenient way to generate the regex with all supported schemas is
`docker-compose exec dovecot-mailcow doveadm pw -l | awk -F' ' '{printf
"/^{("; for(i=1;i<=NF-1;i++){printf "%s%s", sep, $i; sep="|"}; printf
")}/i\n"}'`

Note that this will also include unsupported challenge/response and OTP
schemas.

Furthermore this increases the vsz_limit for the dovecot auth service to
2G for the use of ARGON2I and ARGON2ID schemas.

Signed-off-by: Felix Kaechele <felix@kaechele.ca>
2021-02-11 09:31:53 +01:00