andryyy
874aac3c5e
[Nginx, PHP-FPM] Do not expose PHP version, example for nextcloud site, include custom locations to site (add site.something.custom to data/conf/nginx)
2017-10-08 22:57:34 +02:00
andryyy
fc18d153cd
[Compose, DockerAPI, Web, Watchdog] Watchdog may send notification mails (todo: docs), DockerAPI via Flesk for limited access
2017-10-05 23:38:33 +02:00
andryyy
073c6c6e73
[Postfix/Rspamd] Do not reject unauthenticated sender mismatches but rewrite their subject and assign symbol SPOOFED_SENDER with score 1.0
2017-10-04 23:16:39 +02:00
André Peters
d8636113dd
Merge pull request #636 from mkuron/outlook
...
Preliminary support for Outlook 2016’s autodiscover.json
2017-10-03 21:23:59 +03:00
Michael Kuron
c731a18f66
Preliminary support for Outlook 2016’s autodiscover.json
2017-09-26 22:11:01 +02:00
andryyy
f257ed92f5
[Rspamd] Add missing ratelimit.conf
2017-09-21 22:21:11 +02:00
andryyy
edb2be979b
[Postfix] Changes to ignore watchdog checks
2017-09-21 19:25:43 +02:00
andryyy
fd3b2e5f16
[Rspamd] Changes to ignore watchdog checks
2017-09-21 19:25:17 +02:00
andryyy
288a55b1f3
Merge branch 'dev' of https://github.com/mailcow/mailcow-dockerized into dev
2017-09-20 23:25:07 +02:00
andryyy
ea5aa261c9
[Unbound] Define mailcow ip6 as private
2017-09-20 23:23:11 +02:00
Michael Kuron
a411a357b9
rspamd: exclude Mail Flow monitoring from logs and stats
2017-09-20 15:21:02 +02:00
andryyy
a8fb1d3f4f
Add experimental watchdog
2017-09-20 10:56:49 +02:00
andryyy
719aa1a391
[Postfix] Fix protocols
2017-09-18 10:59:45 +02:00
andryyy
67056dc3d1
[Postfix] Less strict smtpd_tls_mandatory_protocols
2017-09-18 08:24:24 +02:00
Michael Kuron
e4f13568d1
Rspamd user settings: fix matching From header
2017-09-16 18:46:28 +02:00
andryyy
089e8776f5
[Postfix] Stricter TLS settings for mandatory connections
2017-09-14 13:34:23 +02:00
andryyy
f0df390d12
[Nginx] Stricter TLS settings
2017-09-14 13:34:07 +02:00
andryyy
00e465a9a1
[Dovecot] Allow INBOX to be shared, sigh... fixes #594
2017-09-14 13:32:11 +02:00
andryyy
92e6c9daae
[Nginx] Fix SSL temp.
2017-09-11 17:37:25 +02:00
JOduMonT
b2b9731020
a little bit of security
...
Hide the version of NGINX, block XSS and more...
inspired by : https://gist.github.com/plentz/6737338
2017-09-09 23:10:36 +07:00
André Peters
78c363b7a5
Merge pull request #565 from mkuron/softreject
...
Forwarding hosts: treat soft reject like greylist
2017-09-09 10:43:41 +02:00
Michael Kuron
3d9c161be1
Forwarding hosts: treat soft reject like greylist
2017-09-09 10:30:26 +02:00
andryyy
cfd9316d74
Merge branch 'dev' of https://github.com/mailcow/mailcow-dockerized into dev
2017-08-30 21:43:45 +02:00
andryyy
b1213c51d7
[Rspamd] Dynamic ratelimit fixed, removed async redis request; Ready to implement per-user ratelimits via UI (tbd)
2017-08-30 21:42:39 +02:00
André Peters
29acfe85db
Merge pull request #536 from mkuron/patch-1
...
Rspamd user blacklist/whitelist improvements
2017-08-28 22:55:12 +02:00
Michael Kuron
8383ba5e9c
Rspamd user settings: fix From header match
...
The request_header regex appears to not be expected to be encapsulated in slashes and does not seem to accept flags.
2017-08-28 20:27:53 +02:00
Michael Kuron
fcd8cfa4f4
Rspamd user settings: don't print all email addresses of a domain
...
The ucl_rcpts function can already deal with domains, so lets use this capability.
2017-08-27 14:19:29 +02:00
Michael Kuron
93a092e627
Rspamd user settings: also match From header
2017-08-27 14:19:28 +02:00
Michael Kuron
e178ca36de
Rspamd user settings: make regexes case-insensitive
...
This is necessary because the user web UI normalizes to lowercase
2017-08-27 14:19:28 +02:00
andryyy
e47feeffd6
[Rspamd] Add custom directory for own files
2017-08-18 22:17:01 +02:00
andryyy
e5faee9037
[Nginx] Disable client_max_body_size
2017-08-09 10:17:32 +02:00
andryyy
d85352fa9a
[Dovecot] Use listescape
2017-07-31 12:41:18 +02:00
andryyy
aabcf65c69
[Nginx] Set server_names_hash_bucket_size 64
2017-07-30 21:39:35 +02:00
andryyy
9be3aa3334
[Rspamd] Disable monitored
2017-07-27 09:03:44 +02:00
andryyy
83d485dd94
[Web, Postfix, Compose] Allow to add relayhosts per domain (+ plain and login authentication)
2017-07-22 20:39:54 +02:00
andryyy
ed33cb5f57
[Rspamd] ARC: Disallow login/domain mismatch
2017-07-21 11:03:35 +02:00
andryyy
256c9d86dd
[Rspamd] Initial custom ratelimit support
2017-07-13 12:55:14 +02:00
andryyy
a31819fd6c
[SOGo] Log to a pipe to not keep logs in a container
2017-07-11 17:08:06 +02:00
andryyy
08b99c8d74
[Dovecot] Add doveadm service
2017-07-10 21:30:45 +02:00
andryyy
c5d90b821a
[Dovecot] Add extra.conf include to override Dovecot configuration changes
2017-07-10 09:19:12 +02:00
andryyy
56a652fbf3
[Rspamd] Set error_reporting to 0
2017-07-02 11:25:14 +02:00
andryyy
afc8c93c07
[Rspamd] Cleanup settings map
2017-07-01 23:14:27 +02:00
andryyy
6cd44b4136
Remove old code
2017-06-26 23:17:46 +02:00
andryyy
cbb4f51a9d
Fix Junk-E-Mail folder name
2017-06-25 11:32:21 +02:00
andryyy
3be99d7f89
Set IPv6 network as secure_ip range in Rspamd
2017-06-24 22:07:26 +02:00
andryyy
578011c78c
Move milter config, increase timeout for DNS
2017-06-21 10:18:52 +02:00
andryyy
036c51f053
Prefere ipv4 to fix problems on v4-only envs
2017-06-19 10:39:14 +02:00
andryyy
2a845a0d21
Less verbose
2017-06-18 20:57:54 +02:00
andryyy
9117c499ef
Do not break DNS replies....
2017-06-18 20:57:26 +02:00
andryyy
6fa19a37d8
Unbound changes
2017-06-18 20:23:26 +02:00
andryyy
ba3fc47d5f
Fix autodiscover, thanks to K2rool!
2017-06-15 23:03:10 +02:00
James Smith
bcdbbf0102
Make autodiscover case insensitive
2017-06-14 23:42:42 +01:00
andryyy
83cb686e33
Fix fix for Apple dav....
2017-06-14 23:17:31 +02:00
andryyy
495bf05fb8
Fix for Apple autoconfiguration (dav)
2017-06-14 23:14:41 +02:00
andryyy
e99fa9433e
Fix dav url detection for apple
2017-06-14 23:10:50 +02:00
andryyy
44197c410e
Do not add milter headers for authenticated users
2017-06-13 07:41:00 +02:00
André Peters
329ac40d95
Merge pull request #332 from mkuron/symlink
...
Replace symlink to PHP script
2017-06-08 20:57:51 +02:00
andryyy
663ea7815c
Use new milter interface
2017-06-06 22:01:41 +02:00
andryyy
a41cafac3e
Switch to Rspamds milter interface
2017-06-06 22:00:34 +02:00
andryyy
c9318ecf83
Switch to Rspamds milter interface
2017-06-06 21:59:44 +02:00
andryyy
e15795e112
Enable http2
2017-06-06 21:59:27 +02:00
Michael Kuron
062abb0ca7
Replace symlink to PHP script
2017-06-04 13:31:35 +02:00
andryyy
55071805f3
Execute after rmilter_headers (prio 10)
2017-05-29 21:53:47 +02:00
andryyy
d33399b3cb
Fix mismatch in env and from mime header when signing mail
2017-05-29 21:49:01 +02:00
andryyy
e159eb7522
Fix listener
2017-05-29 21:48:41 +02:00
Michael Kuron
eb9217a8b8
SOGo UI: per-user authentication failure rate-limiting
2017-05-28 16:02:34 +02:00
André Peters
fb6893f664
Add IPv6
2017-05-28 11:14:43 +02:00
andryyy
813207c694
Listen on internal IPv6
2017-05-25 10:59:57 +02:00
andryyy
fd92283fb8
Add missing ;
2017-05-24 10:03:06 +02:00
andryyy
258a8ee6e9
Add IPv6 listener to Nginx, fixes IO error in Rspamd logs
2017-05-23 22:24:30 +02:00
andryyy
466b8137e5
Add log_helper to Rspamd, add IPv6 for http maps in Nginx, make Bind listen on v6 and add acl for internal network
2017-05-23 22:23:34 +02:00
andryyy
21714bd054
Remove obsolete map
2017-05-23 21:50:33 +02:00
andryyy
f3a1d81347
Rate extensions
2017-05-23 21:50:05 +02:00
andryyy
e99db685e5
Change map watch interval, remove Mraptor
2017-05-20 14:28:05 +02:00
andryyy
9965ff10a7
Fix mynetworks: Add mailcow ipv6 network
2017-05-17 22:38:59 +02:00
andryyy
63324b0de8
Fix mynetworks: Add mailcow ipv6 network
2017-05-17 22:38:11 +02:00
Michael Kuron
759f21ac6b
Consistent symbol names for forwarding hosts
...
multimap.conf and force_actions weren't using the same name
2017-05-09 07:29:43 +02:00
andryyy
d64ed65575
Add multimap and forced actions for forwarded_hosts, removed from settings
2017-05-08 23:09:21 +02:00
André Peters
5861bec0c3
Merge pull request #256 from mkuron/forwardinghosts
...
Optionally enable spam filter for forwarding hosts
2017-05-08 19:00:42 +02:00
andryyy
cdf7c87e20
Deleted two http maps, replaced by redis multimaps, much better tag system
2017-05-08 15:39:33 +02:00
Michael Kuron
7efc720d47
Merge remote-tracking branch 'origin/dev' into forwardinghosts
2017-05-08 07:39:30 +02:00
andryyy
aa98d86feb
Sieve rule for tags changed
2017-05-08 00:27:16 +02:00
Michael Kuron
ae6d7d63fc
Optionally enable spam filter for forwarding hosts
2017-05-07 08:50:28 +02:00
andryyy
fa3a47fde5
Log to syslog
2017-05-06 23:42:07 +02:00
andryyy
ecda4fb1d1
Change whitelist for forwarding hosts
2017-05-06 23:41:58 +02:00
andryyy
b3a161f930
Keep format
2017-05-06 08:09:40 +02:00
andryyy
1501df6e42
Use Redis for DKIM keys, define any selector, auto-merge old keys to Redis and fallback to files
2017-05-05 10:35:27 +02:00
andryyy
e3f9839410
Do not use sld for DKIM signing
2017-05-04 19:12:21 +02:00
andryyy
edc41b48d1
Add map for scheme...
2017-05-03 22:26:10 +02:00
andryyy
2f0129539b
Hopefully fix all Nginx reverse proxy issues, see documentation updates!
2017-05-03 18:05:13 +02:00
andryyy
8f213e8df9
Changes to api path
2017-04-29 16:36:41 +02:00
andryyy
a03b36e0c3
Add object to Nginx api configuration
2017-04-26 23:37:55 +02:00
andryyy
fd84b2ffa9
Change DKIM to new method, add clamav forced action when virus is found"
2017-04-25 20:32:36 +02:00
andryyy
e4310cafb3
Revert RP changes
2017-04-25 10:49:38 +02:00
Michael Kuron
f3fad4e7a2
Remove rspamd size limit
...
This ensures that the spam and antivirus filters cannot be evaded by making the message large enough.
Rspamd does not need a size limit on its own (e.g. for DoS protection) as Postfix already has a size limit (message_size_limit).
2017-04-24 19:49:41 +02:00
André Peters
0f3202109d
Merge pull request #212 from mkuron/reverseproxy
...
Fix CalDAV/CardDAV URLs displayed in SOGo web interface when used behind reverse proxy
2017-04-24 10:09:32 +02:00
andryyy
755da65426
Change path
2017-04-23 19:38:27 +02:00
andryyy
55f6384f2a
Change to hostname, connection is not important for container start
2017-04-23 17:43:29 +02:00
Michael Kuron
affa52edcf
Forwarding hosts: don’t add configuration if none are defined
2017-04-22 18:34:49 +02:00
Michael Kuron
08612f0aef
Merge remote-tracking branch 'origin/dev' into forwardinghosts
2017-04-22 18:13:58 +02:00