Commit Graph

933 Commits (dcb78946c749a9d38502615671ff90ee37a4b43a)

Author SHA1 Message Date
Dmitriy Alekseev fec6876490
[Rspamd] Block spoofing for free mail domains (#3907) 2020-12-28 22:04:01 +01:00
andryyy 9407b55661
[PHP-FPM] Fix fastcgi timeouts 2020-12-26 10:19:52 +01:00
andryyy 2086927bb8
[Compose] Update Dovecot and Rspamd images 2020-12-11 10:04:37 +01:00
andryyy 3535ed6efe
[Rspamd] Set bounce_to ratelimit to 7 / 1m to hopefully reduce backscatter spam 2020-12-07 11:09:06 +01:00
andryyy 96324aa4b5
[Rspamd] Set bounce_to ratelimit to 10 / 1m to hopefully reduce backscatter spam 2020-12-07 11:08:49 +01:00
andryyy 9670d0c4f1
[Rspamd] More explicit Sendgrid ID checking 2020-11-30 07:45:30 +01:00
andryyy 0485e1feb2
[Dovecot] Add sieve_vacation_dont_check_recipient = yes 2020-11-27 09:17:29 +01:00
andryyy 8e15c56330
[SOGo] Increase timeout for SOGo to prevent failure on uploads 2020-11-25 16:11:02 +01:00
andryyy 0a593bfe7b
[Dovecot, Helper] Add HAProxy listener for 4190/tcp sieve 2020-11-19 16:02:05 +01:00
andryyy 586992618c [Rspamd] Revert previous commit; Do not punish DMARC alignment when p=none 2020-11-19 09:44:10 +01:00
andryyy 399951509e
[Rspamd] Exclude DMARC_POLICY_SOFTFAIL from SPOOFED_UNAUTH 2020-11-19 09:37:02 +01:00
andryyy c1376b4f4c
[Rspamd] Increase bounce_to limit 2020-11-16 11:56:12 +01:00
andryyy 5d9c40b8b4
[Rspamd, Web] Add rewrite subject to known soft quarantine actions 2020-11-13 21:26:42 +01:00
andryyy 0201becf77
[Rspamd] Fix some composites 2020-11-11 14:34:24 +01:00
andryyy 9eb65b03a1
[Rspamd] Remove rule that breaks DMARC valid mails from having their scored lowered 2020-11-09 14:04:56 +01:00
andryyy 6d46ee795b
[Rspamd] Log mail that was put into junk folder and keep a copy in quarantine 2020-11-06 12:26:01 +01:00
andryyy 347217c2d3
[Dovecot] Lower deduplicate interval to not discard duplicates of mail from quarantine that were previously saved in the junk folder 2020-11-06 12:25:09 +01:00
andryyy 2732e0158c
[Rspamd] Add newsletterplus to unwanted bulk (no consent, corona spam) 2020-11-04 09:29:27 +01:00
andryyy 7dc21e036d
[Rspamd] Fixes #3837 by setting correct data type for mails without fuzzy hashes, also implements actions 2020-11-03 10:27:46 +01:00
andryyy d94b5e43ea
[Rspamd] Add symbol HAM_TRAP or SPAM_TRAP for trap aliases 2020-10-29 20:29:14 +01:00
andryyy 9034e0f3a8
[Rspamd] Fix tag handling for mailboxes 2020-10-28 11:06:33 +01:00
andryyy 61bb3219df
[Rspamd] Fix tag handling for aliases 2020-10-27 07:20:54 +01:00
andryyy 7bcb9414ab
[Rspamd] Handle Postmaster in and outbound as trusted 2020-10-25 10:34:13 +01:00
andryyy 0165c9d26b
[Web] Show fuzzy hash of rejected mail, if any 2020-10-24 16:27:31 +02:00
andryyy 85b8b74a4c
[Rspamd] Do not quarantine blacklisted entities 2020-10-23 20:23:26 +02:00
andryyy c7e17c7fd1
[Rspamd] Global blacklists are not prefilters anymore to not prevent them from being learned 2020-10-21 19:00:53 +02:00
andryyy 4155d21392
[Rspamd] Remove positive fuzzy scores from bounces 2020-10-20 16:15:02 +02:00
Dmitriy Alekseev fa153fad38
[Rspamd] Rebalance group policies (#3817)
* [Rspamd] Rebalance group policies

* [Rspamd] Rebalance group policies
2020-10-20 11:55:55 +02:00
andryyy ee9288581a
[Rspamd] Do not post whole body to alias expander... 2020-10-18 19:27:25 +02:00
andryyy be0ec8efc0
[Rspamd] Composite fixes and adjustments for better filtering 2020-10-18 10:11:27 +02:00
andryyy f95bd3e7b6
[Rspamd] Simplify forward host rule and add policy group to exceptions for fwd host 2020-10-18 09:12:02 +02:00
andryyy 5cd6bed701
[Rspamd] Fix typo in alias resolvers 2020-10-17 20:09:32 +02:00
andryyy ddadc1ced2
[Rspamd] Remove unnecessary set_metric_action in tag script 2020-10-17 10:15:14 +02:00
Dmitriy Alekseev 9ba1d4626d
[Postfix] Anonymize sender IP for mail sent locally (#3811)
This commit resolve #3723
2020-10-17 09:06:38 +02:00
andryyy f8291d1967
[Rspamd] Adjust alias resolver prefilter prio 2020-10-16 18:39:22 +02:00
andryyy 0c30d32fdb
[Rspamd] Resolve direct aliases (also fixes tagging options) 2020-10-16 18:27:19 +02:00
andryyy 5a627dc34a
[Rspamd] Add invaluement sendgrid-id-dnsbl 2020-10-13 11:15:12 +02:00
andryyy 7da3b91bd7
[Rspamd] Disable IPv6 for interserver ip bl, enable full host lookup for uribl 2020-10-12 09:23:41 +02:00
andryyy 39a33c4b6d
[Dovecot] Conf: drop duplicates as received within 60 minutes 2020-10-11 10:35:29 +02:00
andryyy ce77d87c8d
[Dovecot] New global post-filter: drop duplicates as received within 60 minutes 2020-10-11 10:34:15 +02:00
andryyy efd69f1c1c
[Rspamd] Add Interserver rules, THANK YOU! 2020-10-11 10:30:46 +02:00
andryyy 72542f1d50
[Rspamd] Delete deprecated reputation files 2020-10-09 08:57:51 +02:00
andryyy 1b2731d6e6
[Rspamd] Add reputation plugin, remove deprecated plugins 2020-10-08 17:03:39 +02:00
andryyy d6688d918b Revert "[Rspamd] Use reputation plugin instead of ip_ and url_reputation"
This reverts commit 73e87068d8.
2020-10-08 16:52:20 +02:00
andryyy 73e87068d8
[Rspamd] Use reputation plugin instead of ip_ and url_reputation 2020-10-08 16:51:46 +02:00
Bao H.H b5ee399fa2
Add simplified Chinese language translations (#3784) 2020-10-01 20:50:49 +02:00
mcmufffin 93ac0d3864
Update site-defaults.conf (#3780) 2020-09-27 12:38:40 +02:00
André Peters ba0b6963c7
Revert "Update site-defaults.conf (#3778)" (#3779)
This reverts commit b8ec9ad536.
2020-09-26 22:53:53 +02:00
andryyy 1256059a4f Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2020-09-26 22:17:51 +02:00
mcmufffin b8ec9ad536
Update site-defaults.conf (#3778) 2020-09-26 22:15:43 +02:00
andryyy 520056a489
[Rspamd] Quarantine, Pushover: Respect active = 2 while processing 2020-09-26 21:58:49 +02:00
andryyy 1e244e9c0c
[Rspamd] Quarantine, Pushover: Respect active = 2 while processing 2020-09-26 21:58:28 +02:00
andryyy 642ef1a515
[Rspamd] Pushover, quarantine: also process 2020-09-26 21:55:04 +02:00
andryyy c3c98348e2
[SOGo] Re-enable TLS for internal IMAP connections, enable TLS for internal SMTP connections
[Web] Minor fix in quarantine view
2020-09-24 21:51:32 +02:00
andryyy e2d98323ef Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2020-09-24 20:31:07 +02:00
andryyy e5f0e1da44
[Rspamd] Fix prio for includes in overrides 2020-09-24 20:30:58 +02:00
Jellyfrog c31d0cee86
[Nginx] Refresh cipher suites (#3669)
Also turn ssl_prefer_server_ciphers off.
"The cipher suites are all strong and so we allow the client to choose, as they will know best if they have support for hardware-accelerated AES" - https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29
2020-09-24 07:30:09 +02:00
andryyy c355bc2b69
[Rspamd] Prepare SMTP ip restriction, WIP 2020-09-23 11:21:28 +02:00
andryyy f2c1530143
[ClamAV] Set to ConcurrentDatabaseReload and (todo:) add note to docs 2020-09-17 21:48:00 +02:00
andryyy 881f558e48
[Postfix] Add sasl check to deny specific users from using smtp relay 2020-09-17 19:44:52 +02:00
andryyy 22d4c04416
[Dovecot] Postlogin socket owned by vmail 2020-09-17 19:43:57 +02:00
andryyy 2c9140f9f0 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2020-09-15 12:01:15 +02:00
andryyy 1f36ae28d4
[Postfix, Web] Feature: Show last SMTP login 2020-09-15 11:02:53 +02:00
andryyy 28041b1d97
[Rspamd] Encrypt fuzzy communication, switch to Rspamd 2.6 2020-09-15 11:01:20 +02:00
Noa J c1034b890d
[Rspamd] Add open-relay-check@mailcow.email to monitoring_nolog.map (#3757) 2020-09-13 13:07:21 +02:00
andryyy 943730de47
[Rspamd] Add filter to global mime black- and whitelists to only match addr 2020-09-12 20:11:18 +02:00
Dmitriy Alekseev 7feb589b90
[Rspamd] Add iso/img to bad extensions (#3753) 2020-09-12 12:21:12 +02:00
Dmitriy Alekseev eb12c2f8cd
[Rspamd] Disable extension cloaking (#3754) 2020-09-12 12:20:55 +02:00
andryyy c201a712cb
[Rspamd] Macro check was fixed, remove doc and xls ban for now... 2020-09-09 16:02:14 +02:00
andryyy 013b3f88da
[Rspamd] Meta exporter and settings map: read vars.local.inc.php 2020-09-06 08:54:36 +02:00
andryyy 92074b0edb
[Rspamd] doc and xls are blocked 2020-09-03 15:33:39 +02:00
Dmitriy Alekseev 070cdb7787
Update arc.conf (#3686) 2020-07-31 19:47:03 +02:00
Dmitriy Alekseev 5b52e15fec
Update dkim_signing.conf (#3685) 2020-07-31 19:46:39 +02:00
Marcel Caspar 3dc2b1a721
[Rspamd] Add urlhaus map to rspamd (#3683)
add the list with online malware urls from URLhaus into rspamd to check against
2020-07-30 15:24:29 +02:00
andryyy 7d7f85c998 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2020-07-29 13:57:38 +02:00
andryyy a349629a5a
[Rspamd] Remove spoofed unauth symbol from mails from whitelisted fwd hosts 2020-07-29 13:57:33 +02:00
Dmitriy Alekseev 72387a4a48
Disable SMTPUTF8 in Postfix due Dovecot-LMTP isn't support it (#3680)
SMTPUTF8 to work correctly must be done end-to-end. Leaving it enabled now when LMTP cant receive such email gives more issues then profit.
2020-07-29 13:42:39 +02:00
andryyy 41152193c0
[Dovecot] Increase sieve actions and redirects to 100/101 2020-07-15 15:28:14 +02:00
andryyy 06c8f140b5
[Nginx] Mark script not executable 2020-07-14 13:24:37 +02:00
andryyy 4cd51017a7
[Nginx] Mark script executable 2020-07-14 13:20:50 +02:00
andryyy d931083e0e
[SOGo] Disable EAS when SKIP_SOGO=y 2020-07-14 13:16:26 +02:00
andryyy ad8acefb96
[SOGo] Disable EAS when SKIP_SOGO=y 2020-07-14 13:13:32 +02:00
andryyy e6cc1bf27c
[Dovecot] Include SOGos IP as trusted 2020-07-11 13:33:05 +02:00
andryyy 2344310f47
[SOGo] SOGo does no trust self signed or invalid certificates anymore, add temp workaround 2020-07-11 13:32:49 +02:00
andryyy 0cfdd763f8
[Feature] Add HAProxy listeners and an example override file 2020-07-04 19:30:40 +02:00
andryyy 8ce639aa25
[MySQL] Slightly more resources 2020-07-02 07:53:52 +02:00
andryyy c673c2a6cc
[Rspamd] Add hint to composite, minor 2020-07-02 07:53:22 +02:00
andryyy 7304add084
[Watchdog] Update compose file, update image
[Rspamd] Temporarily disable over-signing, as Cyren does mark those mails as DKIM invalid (blame them, not us)
2020-06-23 21:22:22 +02:00
andryyy 414cbbef6b
[Rspamd] Change whitelisted senders map from prefilter to score -2050 2020-06-19 22:07:10 +02:00
Timo N 5fe9de0500
[API] Removed api_blueprint docs and use swagger (#3595)
* [NGINX] Removed api docs location

* [WEB] Removed api_blueprint api docs

* [WEB] Added openapi/swagger api viewer

* [WEB] Added openapi.yaml with api docs

* [WEB] Added request body for create app password endpoint

* [Web] Updated types in openapi.yaml

* [Web] Only define API docs auth header once

* [Web] Added 401 api response to docs
2020-06-07 20:46:17 +02:00
andryyy 75f4b77bc2
[Postfix] Remove smtpd_tls_CAfile, fixes #3589 2020-06-04 16:23:41 +02:00
andryyy 115c6540e2 [Rspamd] Consistent LOCAL_CONFDIR 2020-06-03 08:34:24 +02:00
andryyy 702f221a2d
[Rspamd] More bulk headers 2020-06-01 09:55:45 +02:00
andryyy b208037b49
[Rspamd] Do not exclude fwd hosts from dmarc checks 2020-05-23 20:32:56 +02:00
andryyy 4881f617a5
[Rspamd] Changes to WHITELISTED_FWD_HOST composite handling 2020-05-23 12:20:57 +02:00
andryyy 615ef47f27
[Rspamd] More excludes for fwd hosts, minor fix to FORGED_W_BAD_POLICY 2020-05-23 11:16:33 +02:00
andryyy 6a95d217b4
[Postfix] Remove obsolete comment 2020-05-21 21:55:43 +02:00
Dmitriy Alekseev d5ed0c0368
Update anonymize_headers.pcre (#3563)
Added anonymization for Sieve and changed regex for Rspamd to look same as new Sieve regex
2020-05-21 20:04:03 +02:00
Igor Scheller 16b2a2c055
[Postfix] Set smtp_address_preference to any (#3561)
Closes https://github.com/mailcow/mailcow-dockerized/issues/3560
2020-05-21 19:28:35 +02:00
andryyy 8260fb5baf Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2020-05-20 12:20:42 +02:00
andryyy 347e65736e
[Rspamd] IP WL is no more a prefilter to prevent unsigned mail 2020-05-20 12:15:33 +02:00
Dmitriy Alekseev 4b22bd1dea
Update anonymize_headers.pcre (#3553)
* Update anonymize_headers.pcre

Change Received by for Rspamd with Dmarc Reporting module enabled.

* Update anonymize_headers.pcre

Co-authored-by: André Peters <andre.peters@debinux.de>
2020-05-20 11:51:00 +02:00
Florian Lindner 4519f460b4
Remove obsolete setting smtpd_use_tls. (#3548)
See http://www.postfix.org/postconf.5.html#smtpd_use_tls. It is
controlled by smtpd_tls_security_level, which is set to may.

Co-authored-by: Florian Lindner <florian.lindner@ipvs.uni-stuttgart.de>
2020-05-18 14:22:21 +02:00
andryyy ed49ea7b41
[PHP-FPM] Increase timeouts 2020-05-12 18:29:54 +02:00
andryyy 857fa0314b
[Rspamd] Further increase bounce rl 2020-05-08 14:01:16 +02:00
andryyy b5c59046ed
[Rspamd] Score spoofed senders higher 2020-05-06 20:15:18 +02:00
andryyy 84d205d728
[Nginx] Drop X-Powered-By via fastcgi_hide_header 2020-05-06 20:14:34 +02:00
Aaron 1f00887f91
Fix inconsistent spacing in dovecot/dovecot.conf and postfix/main.cf (#3511)
* Fix inconsistent spacing in dovecot.conf

* Fix inconsistent spacing in main.cf
2020-04-30 18:22:21 +02:00
andryyy bba9adaa6e
[Rspamd] Set bounce RL to 20 / 1h ; Fix BAZAR (test) 2020-04-29 21:08:33 +02:00
andryyy e7a5c98704
[Rspamd] Disable upstream checks for SIEVE_HOST 2020-04-27 20:48:12 +02:00
andryyy d392257289 [Web] Some changes
[SOGo] Allow to not spawn SOGo but an idling shell
[Rspamd] Remove X-CSA-Complaints from bulk headers...
2020-04-27 20:47:28 +02:00
Lukáš Matula ca48bc9c34
[Web] Update slovak translation (#3491)
Update lang.sk.json + sorting in dovecot
2020-04-18 22:26:09 +02:00
andryyy 35d3586950
[Rspamd] Pushover: Fixes 2020-04-16 22:29:01 +02:00
andryyy 47a15c21aa
[Rspamd] Pushover, check sender by regex 2020-04-16 21:58:30 +02:00
andryyy 6efe0d5aab
[Rspamd] Moore Pushover fixes 2020-04-16 15:42:10 +02:00
andryyy fec0f688b1
[Rspamd] More Pushover fixes 2020-04-16 13:38:19 +02:00
andryyy 1be3ca3fb9
[Rspamd] Pushover fixes 2020-04-16 12:23:27 +02:00
andryyy c67bb75071
[Rspamd] More pushover options 2020-04-16 11:32:53 +02:00
andryyy 5d37f2af4f
[Rspamd] Fix maps #2 2020-04-14 21:14:21 +02:00
andryyy 960fe1fdba
[Rspamd] Fix maps 2020-04-14 21:13:53 +02:00
andryyy d883bb246b
[Rspamd] Increase bulk header score 2020-04-14 10:34:09 +02:00
andryyy b25a842e5d
[Rspamd] Block more promio spam crap 2020-04-14 10:31:53 +02:00
andryyy 59a2ea0959
[Web, Dovecot] Show last IMAP and POP3 logins, toggle via vars.inc.php SHOW_LAST_LOGIN 2020-04-13 20:34:39 +02:00
andryyy ce6d6a01f3
[Rspamd] Remove policy checks from SPOOFED_UNAUTH, since SPF can be valid in envelope from, while forging the header from field 2020-04-12 21:13:31 +02:00
andryyy dc3eb44544
[Rspamd] Add more bulk headers 2020-04-12 13:07:51 +02:00
andryyy f38be3a8b0
[Rspamd] Slightly reduce BAD REP POL score 2020-04-11 08:27:11 +02:00
andryyy cb599db61e
[Rspamd] Fix quarantine and pushover notifications 2020-04-11 08:02:15 +02:00
andryyy ccdb7fcd26
[Rspamd] Add metadata exporter for unauthed mail 2020-04-10 20:55:49 +02:00
andryyy eeea1b393c
[Rspamd] Remove upstream spam check results from mail by fwd hosts 2020-04-10 20:54:26 +02:00
andryyy 65aa7b0a92
[Rspamd] Use empty-env-from@localhost as placeholder for empty env from senders in quarantine 2020-04-08 21:55:17 +02:00
andryyy ef0b40085b
[Postfix] Allow to relay only non-local mailboxes 2020-04-03 20:39:53 +02:00
Michael Kuron ca4c7c51dc
[rspamd] Restore add header forced action (#3440)
Revert 0474de88b1. Fixed since c3a4c6d311.
2020-03-31 19:21:03 +02:00
andryyy e491b835e5
[Rspamd] And even more spam headers 2020-03-21 20:39:07 +01:00
andryyy 6a523fc497
[Rspamd] Moooore spam crap 2020-03-21 20:34:55 +01:00
andryyy d460061e7a
[Rspamd] More spam headers 2020-03-21 20:19:58 +01:00
andryyy b0ff2ddb50
[Rspamd] Add more bulk headers (feel free to contribute) 2020-03-21 20:13:44 +01:00
andryyy 0474de88b1
[Rspamd] Forced action add header seems to be broken atm, switching to rewrite subject until fixed 2020-03-10 07:20:18 +01:00
andryyy 1d0e8a9497
[Postfix] Remove default rcpt count limit 2020-03-09 13:26:52 +01:00
andryyy 537b7dad14
[Rspamd] Add fuzzy hashes to headers, if matched 2020-03-08 12:24:42 +01:00
andryyy fc460fd806
[Rspamd] Reduce CSA crap to 2.0 2020-03-06 18:16:54 +01:00
andryyy f532422726
[Rspamd, Web] Escape monitoring hosts, add regex maps to vars file 2020-03-06 08:38:01 +01:00
andryyy bbd53d7f4f
[Rspamd] Add X-CSA to bulk headers 2020-03-06 08:33:00 +01:00
andryyy d248bb660c
[Rspamd] Reduce Sorbs recent score
[Rspamd] Add annoying CSA to bulk symbols and score then with 3.2
[Rspamd] Update to 2.4
2020-03-06 07:14:06 +01:00
André Peters c7d278384a
[Web] Add slovak language (#3387) 2020-03-05 07:22:44 +01:00
andryyy c9f455a2b1
[Rspamd] Move monitoring hosts to monitoring_nolog.map file 2020-03-04 11:53:07 +01:00
Ry3nlNaToR 93965fdc30
Added mailflowmonitoring.com to no log Rspamd (#3384) 2020-03-04 06:08:54 +01:00
andryyy 580b700eec
[Rspamd] Quarantine: Set sender to null@localhost when sender is missing 2020-03-03 19:10:28 +01:00
andryyy c1907063e1
[Dovecot] Remove auto subs 2020-02-27 10:44:57 +01:00
Victor Nyberg 998c9515a2
Swedish language translation for Mailcow (#3366) 2020-02-27 06:50:03 +01:00
andryyy 49d4f6f897
[Rspamd] Set fixed name for fuzzy store 2020-02-26 14:30:44 +01:00