Commit Graph

794 Commits (f60652f37b20e14e71ed45b8431e04c708f646d7)

Author SHA1 Message Date
Felix Kaechele 31805f1656
[Web] Implement all supported dovecot password schemas (#3974)
When migrating from other Dovecot based installations it can be very
convenient to just copy over existing hashed passwords.
However, mailcow currently only supports a limited number of password
schemes.

This commit implements all password schemes that do not require
challenge/response or OTP mechanisms.

A convenient way to generate the regex with all supported schemas is
`docker-compose exec dovecot-mailcow doveadm pw -l | awk -F' ' '{printf
"/^{("; for(i=1;i<=NF-1;i++){printf "%s%s", sep, $i; sep="|"}; printf
")}/i\n"}'`

Note that this will also include unsupported challenge/response and OTP
schemas.

Furthermore this increases the vsz_limit for the dovecot auth service to
2G for the use of ARGON2I and ARGON2ID schemas.

Signed-off-by: Felix Kaechele <felix@kaechele.ca>
2021-02-11 09:31:53 +01:00
andryyy 6f14955b69
[Web] Fix U2F file 2021-01-04 16:48:07 +01:00
andryyy ee6989bd1d
[Web] Update libs 2021-01-04 11:11:04 +01:00
andryyy e676617f00
[Web] Fix duplicate file extension on shortened filenames 2020-12-29 15:20:46 +01:00
andryyy 75da1c6f20
[Web] Fix attachment download, thanks to Drago 2020-12-09 13:21:29 +01:00
andryyy a76d5628bc
[Web] Accept prehashes password on both edit and add mailbox 2020-12-07 08:13:26 +01:00
andryyy 3b1a87f9a7
[Web] Accept raw SSHA hashes as passwords 2020-12-07 08:07:41 +01:00
andryyy 02b10b0ed4
[Web] Add SSHA 2020-12-07 07:58:50 +01:00
MangoCubes ed0cd876f4
[Web] Korean translation (#3885)
* Template

* ACL translation almost done

* Update lang.ko.json

* Update lang.ko.json

* Update lang.ko.json

* Update lang.ko.json

* Update lang.ko.json

* Update lang.ko.json

* Update lang.ko.json

* Update lang.ko.json

* Update lang.ko.json

* Update lang.ko.json

* Update lang.ko.json

* Update lang.ko.json

* Update lang.ko.json

* Update lang.ko.json

* Update lang.ko.json

* Update lang.ko.json

* Update lang.ko.json

* Update lang.ko.json

* Update lang.ko.json

* Update lang.ko.json

* Update vars.inc.php
2020-12-03 22:35:28 +01:00
andryyy fa979456a7 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2020-12-03 16:43:15 +01:00
andryyy da3fc31500
[Web] Fix Rspamd symbols in quarantine overview 2020-12-03 16:43:09 +01:00
Joerg Lehmann bcffebaabe
support pre-hashed passwords (#3884) 2020-12-02 20:32:39 +01:00
Balázs Dura-Kovács dd1b25fa61
[Web] Optional HTML in system mails (#3879)
* HTML in system mails

* Update functions.inc.php

* Update functions.inc.php

Co-authored-by: André Peters <andre.peters@debinux.de>
2020-11-30 07:43:48 +01:00
andryyy ba20db2e08
[Web] Allow a user to choose notification categories (junk folder, rejected mail, both/all) + user ACL 2020-11-28 17:41:48 +01:00
andryyy 752efa2188
[Web] Fix container ctrl session 2020-11-27 21:20:46 +01:00
andryyy 8d05d4a51d
[Web] Cleanup Rspamd, other fixes 2020-11-25 16:10:33 +01:00
andryyy 4a355f242f
[Web] Some fido2 fixes, table view for fido2 keys, fix renaming keys with the same subject 2020-11-17 13:38:28 +01:00
andryyy 2aee906704
[Web] FIDO2: Add Face ID via Apple 2020-11-16 20:32:34 +01:00
andryyy 46643af00c
[Web] FIDO2: Add Face ID via Apple 2020-11-16 20:32:13 +01:00
andryyy ff071e5120
[Web] Different UV flag for auth and register, remove unique key from fido2, delete tfa/fido2 when removing user object 2020-11-16 15:01:02 +01:00
andryyy 21a75c1fd1 [Web] FIDO2: Print thrown error in verification failure, if any 2020-11-16 08:55:48 +01:00
andryyy 9dec340434 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2020-11-15 20:22:46 +01:00
Lukas Schreiner d96bf91a0d
Support of different default pass schemes + support of BLF-CRYPT (#3832)
* Introduce MAILCOW_PASS_SCHEME in order to support blowfish (cf. mailcow/mailcow-dockerized#1019)

* Furthermore added dovecot to support new environment varible for MAILCOW_PASS_SCHEME defaulted to SSHA256

* Revert changes regarding gitignore.

* Added fallback to SSHA256 if environment is not proper prepared.

* No fallback within management frontend, as it must match to other components.

* Unified and corrected alignment; implemented support of SSHA512

* Currently, password_hash of PHP is using by default bcrypt (BLF). As this might change later, we must ensure, that BLF is still used after PHP changes its default.

* Switched to BLF-CRYPT by default (even on update)

* Switched to BLF-CRYPT by default (even on update)

* Adding information in config generation / update with link to supported hash algorithm

* Bump sogo version to 1.92

* Fallback to BLF-CRYPT in case password scheme is not proper defined for Mailcow administration.
2020-11-15 20:22:35 +01:00
andryyy c150ac7b37
[Web] Feature (beta): Add WebAuthn support for administrators and domain administrators 2020-11-15 19:32:37 +01:00
andryyy 477e1ff464
[Web] Fix initial static view update 2020-11-13 15:20:30 +01:00
andryyy f18b677c8c
[Web] Fix invalid encodings with json_encode, fixes #3847 2020-11-09 14:43:15 +01:00
andryyy 6d56ef6435
[Web] Fix invalid encodings with json_encode, fixes #3847 2020-11-09 14:42:26 +01:00
andryyy b7956d8a7a
[Web] Fix order of fuzzy del and fuzzy add when learning from quarantine, fixes #3844 2020-11-07 21:46:39 +01:00
Balázs Dura-Kovács a73944076c
[Web] Hungarian translation (#3842) 2020-11-06 14:47:11 +01:00
andryyy b9a8b8a3e7
[Web] More custom_params 2020-11-06 14:26:48 +01:00
andryyy 46491e4e30
[Web] Add type/action to quarantine table 2020-11-03 11:13:16 +01:00
andryyy 6c697f3f3f
[Web, Quarantine] Allow to set the max score of a message up to which a quarantine notification will be sent 2020-10-27 21:34:02 +01:00
andryyy 7bcb9414ab
[Rspamd] Handle Postmaster in and outbound as trusted 2020-10-25 10:34:13 +01:00
andryyy 0165c9d26b
[Web] Show fuzzy hash of rejected mail, if any 2020-10-24 16:27:31 +02:00
andryyy 7ca7b3b598
[Web] Drop obsolete sieve filter preset 2020-10-11 10:35:14 +02:00
andryyy ce77d87c8d
[Dovecot] New global post-filter: drop duplicates as received within 60 minutes 2020-10-11 10:34:15 +02:00
andryyy ffbc5ec961
[Web] Do not expand IPv6 as found by SPF lookup 2020-10-10 10:57:06 +02:00
andryyy 02677a9788
[Web] Higher timeout for long delays in transport checks 2020-10-08 16:51:04 +02:00
Bao H.H b5ee399fa2
Add simplified Chinese language translations (#3784) 2020-10-01 20:50:49 +02:00
andryyy 27a4cead66 [Web] DB update 2020-09-26 22:12:29 +02:00
andryyy 29104ddf4c
[Web] Compatibility: Re-add _int vars 2020-09-26 22:04:55 +02:00
andryyy d5c22de9b3
[Web] Compatibility: Re-add _int vars 2020-09-26 22:02:34 +02:00
andryyy 23f118a152
[Web] Allow to overwrite DKIM keys while importing a new key 2020-09-26 22:01:15 +02:00
andryyy dc1732cc51
[Web] Replace JSON_EXTRACT by JSON_VALUE in init script 2020-09-20 22:33:09 +02:00
andryyy 3a9efc86cf
[SOGo, Dovecot] Remove unnecessary likes from sql queries
[Web] Filter transport destinations to prevent empty destinations
2020-09-20 22:21:00 +02:00
andryyy d9b91fc04f [Web] Important: Removed unnecessary *_int attributes from GET elements, _only_ returning int values now (same for all attributes which were provided as html char and int)
[Web] Feature: Allow to toggle protocols (imap, pop3, smtp) per user (defaults can be configured using vars.local.inc.php, see vars.inc.php)

Signed-off-by: andryyy <andre.peters@debinux.de>
2020-09-17 19:49:15 +02:00
andryyy 1f36ae28d4
[Postfix, Web] Feature: Show last SMTP login 2020-09-15 11:02:53 +02:00
andryyy 8a296e90c3
[Web] Return json array when mailq empty, fixes #3738 2020-09-06 11:59:36 +02:00
andryyy f3c72832f2
[Web] Add rspamd-stats route to API 2020-09-06 08:54:09 +02:00
andryyy bf62f31b9e
[Web] Fail2ban: Only write regex filters if not empty 2020-08-27 21:13:20 +02:00
andryyy 877b9b7054
[Web] Sync jobs: Use STARTTLS instead of TLS; Feature: Allow to edit fail2ban-like regex filters in UI 2020-08-27 20:43:33 +02:00
andryyy 9274b7b8e1
[Web] Allow to set force_pw_update, tls_enforce_in, tls_enforce_out, sogo_access and quarantine_notification when adding a domain (via API) 2020-08-22 22:59:13 +02:00
andryyy 155dfc66ee
[Web] Create ACL to toggle permission of a domain administrator to change a domain desc 2020-08-19 15:31:54 +02:00
andryyy f8af5cae88
[Web] Fix da_acl when adding DA without domain 2020-08-19 09:05:04 +02:00
andryyy d3d929222f
[Web] Rot announcements 2020-08-16 11:54:06 +02:00
André Peters 107e619893
Update dns_diagnostics.php 2020-08-13 14:09:13 +02:00
andryyy 1c8cca8187
[Web] MAILCOW_HOSTNAME should not be a CNAME 2020-08-13 10:45:44 +02:00
andryyy 4a8edd5b88
[Web] Fix download link for dns zone file 2020-08-07 22:13:03 +02:00
andryyy 11d003c985
[Web] Change c_o to varchar 500 2020-07-14 16:11:36 +02:00
Michael Kuron bae250cc81
DNS: add link for downloading zonefile (#3633)
* DNS: add link for downloading zonefile

* DNS zonefile: add placeholders for optional entries
2020-07-12 09:39:39 +02:00
andryyy e1aadb0268
[Web] More secure compose project name check 2020-07-11 13:32:40 +02:00
Miro Rauhala 6bff958ab4
[Web] Clean PHP code by removing unused variables (#3646)
* [WEB] $lang is not used in this context

* [Web] $stmt variable is not used
2020-07-11 13:20:38 +02:00
Ashus 00f5f744d0
[Web] Allow underscore and hyphen in DKIM selector (#3643)
This change allows to have cleaner DNS zones as mail security related entries usually begin with _.

Co-authored-by: Václav Silber <vaclav.silber@poski.com>
2020-07-09 15:40:44 +02:00
andryyy 2d049f37da
[Web] Allow mins_interval of max 1 month for sync jobs, fixes #3642 2020-07-08 19:36:05 +02:00
andryyy 6c92688ff6
[Quarantine] Allow to redirect all quarantine messages to a specific address
[Web] Minor changes to quarantine UI
2020-07-04 19:31:44 +02:00
andryyy 1d8f08ef15
[Web] Add sieve template, thanks to @Programmierus 2020-06-19 22:06:20 +02:00
andryyy 2aa11ba37d
[Web] Add PHPMailer to quarantine file 2020-06-16 14:17:09 +02:00
andryyy 92df42999e
[Web] Delete log lines containing ratelimit hash key when removing rate limit hashes from db 2020-06-11 12:10:52 +02:00
andryyy 48b74d77a0
[Web] Fix PHPMailer, minor style change for quarantine rcpts 2020-06-07 10:45:40 +02:00
andryyy 22f0a14b87
[Web] Add SMTP rcpt to qitems, filter invalid addresses 2020-06-06 14:13:46 +02:00
andryyy b93371ca0a
[Web] Add smtp and header from to quarantine items, add more info to qhandler, allow to open qhandler links from qitem details 2020-06-06 13:25:32 +02:00
andryyy f9b8d386bc
[Web] Add .to to lang array 2020-06-06 11:35:52 +02:00
andryyy ab5d78f675
[Postfix] Fix "disallow login": A catch-all will not catch mail for mailboxes with disallowed login 2020-06-06 01:12:31 +02:00
andryyy b1db4bf4bc
[Web] Disallow blacklisting of some special networks 2020-06-04 16:22:54 +02:00
andryyy 60da09c0dc
[Web] Fix duplicating DKIM keys: Duplicated keys were invalid, fixes #3578 2020-05-28 08:53:27 +02:00
andryyy 6106206790
[Web] Update PHPMailer 2020-05-27 19:45:42 +02:00
andryyy a6af7cbc2e
[Web] Expand IPv6 addresses for better comparison 2020-05-26 20:04:22 +02:00
Programmierus 8b02acbef5
Fix a bug that failed to edit Alias by address (#3574) 2020-05-25 21:59:13 +02:00
Programmierus e3d9a53eeb
Some minor changes to Aliases handling (#3572)
* Allows to get mailbox Aliases by both ID and address
Returns ID within the msg for newly created Aliases

* Uses different query for get Aliases

* Allows to get mailbox Aliases by both ID and address
Returns ID within the msg for newly created Aliases

* Uses different query for get Aliases

* Allows to delete aliases by address

* Update lang files
Reflect id information when adding an alias

Co-authored-by: programmierus <programmierus@icloud.com>
2020-05-25 16:20:59 +02:00
andryyy b6933fdb96
[Web] Improve SPF checks 2020-05-25 16:13:51 +02:00
andryyy 20e289ce35
[Web] Fix stupid mistake, thanks to @ntimo! 2020-05-24 19:32:46 +02:00
andryyy ccc56c54a9
[Web] Merge same notification types 2020-05-20 20:37:52 +02:00
andryyy 21a153c2a7 [Web] Fix symbol options encoding in rspamd item view
[Web] Feature: Allow to view mailq item content via postcat
[Web] Fix Rspamd not drawing
2020-05-19 20:24:40 +02:00
andryyy 667bd48163
[Web] Update libs
[Web] Update filename when downloading
2020-05-18 21:17:38 +02:00
andryyy 24bbfb2330
[Web] Shorten and sanitize downloaded file names, fixes too long file names in Firefox 2020-05-17 21:27:18 +02:00
andryyy e824239dee
[Web] Disallow web UI login, when domain is disabled 2020-05-17 09:41:38 +02:00
andryyy 18ba4d2c9c
[Web] ROT13 footer html 2020-05-16 12:51:01 +02:00
Timo N e91fb7ccdd
[Web] Updated Yubico.php to v2.7 (#3535)
Source: https://github.com/Yubico/php-yubico/releases/tag/Auth_Yubico-2.7
2020-05-13 07:03:14 +02:00
andryyy a37b4c1b1c
[Web] Set appointment c_uid to 1000 2020-05-12 18:29:24 +02:00
andryyy 767ae65946
[Web] Allow ratelimit time frame "day"; Allow to create announcements 2020-05-11 11:52:02 +02:00
andryyy aef15f004a
[Web] Allow CIDR as allowed API networks; other minor fixes 2020-05-04 07:51:50 +02:00
andryyy a6247fc13f
[Web] Do not try to update sogo static view with skip_sogo y 2020-04-29 21:09:13 +02:00
andryyy 447c207fb9
[Web] Disable login for mailbox users, other SKIP_SOGO checks and fixes 2020-04-29 10:57:49 +02:00
andryyy d392257289 [Web] Some changes
[SOGo] Allow to not spawn SOGo but an idling shell
[Rspamd] Remove X-CSA-Complaints from bulk headers...
2020-04-27 20:47:28 +02:00
andryyy 0d4ba462c4
[Web] Fixes blank page and fixes #3502 2020-04-25 11:58:55 +02:00
andryyy 1db85df0db
[Web] Fix time limited alias creation via API, thanks to @ntimo 2020-04-25 09:44:04 +02:00
andryyy 15bf470b5c
[Web] Do not use EAS for Outlook by default 2020-04-20 14:04:17 +02:00
andryyy ecebfe15df
[Web] Remove External as standard subfolder for sync jobs
[Web] Disallow a domain admin to set intersecting user ACLs
[Web] Allow Pushover and SOGo EAS cache reset by default, disallow profile reset by default
2020-04-19 14:41:55 +02:00
andryyy 47a15c21aa
[Rspamd] Pushover, check sender by regex 2020-04-16 21:58:30 +02:00
andryyy 7fa10cc3b4
[Rspamd] Moore Pushover fixes 2020-04-16 15:42:57 +02:00
andryyy 1e9c5baab5
[Web] Allow to split DKIM every 255 chars via vars.inc.php (fixes #3473) 2020-04-16 12:57:15 +02:00
andryyy 1be3ca3fb9
[Rspamd] Pushover fixes 2020-04-16 12:23:27 +02:00
andryyy c67bb75071
[Rspamd] More pushover options 2020-04-16 11:32:53 +02:00
andryyy 59a2ea0959
[Web, Dovecot] Show last IMAP and POP3 logins, toggle via vars.inc.php SHOW_LAST_LOGIN 2020-04-13 20:34:39 +02:00
andryyy aca16f68d1
[Web] Fix typo and missing Dovecot restart function (fixes #3466) 2020-04-12 19:26:32 +02:00
andryyy ad536fd43a
[Web] Restart Dovecot when changing global sieve filters, add a warning 2020-04-11 21:44:53 +02:00
Timo N 048899ad71
[Web] Fixed read write API permissions (#3465) 2020-04-11 07:33:13 +02:00
andryyy 08d2bdd6c7 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2020-04-10 21:01:33 +02:00
andryyy 8f4540d5d9 [Web] r/o API keys, Pushover integration (can be limited by ACL), other minor changes 2020-04-10 21:00:23 +02:00
Marcel Knorr 24e8a798c8
[Web] Fixed DKIM regex to allow arguments after the public key (#3462)
Co-authored-by: Marcel Knorr <marcel.knorr@mk-soft.net>
2020-04-09 22:21:17 +02:00
andryyy 92f8b4a091
[Web] Add domain statistics 2020-04-06 08:52:27 +02:00
andryyy 0095388f27 [Web] Show label for relayed domains; Return total bytes and msgs of domain in API (WIP) 2020-04-05 11:35:37 +02:00
andryyy 9141078059 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2020-04-03 20:40:11 +02:00
andryyy ef0b40085b
[Postfix] Allow to relay only non-local mailboxes 2020-04-03 20:39:53 +02:00
Kristian Feldsam 1e2bcfb946
Quarantine release - fix when sender is empty (#3445)
Signed-off-by: Kristián Feldsam <feldsam@gmail.com>
2020-04-03 12:31:00 +02:00
andryyy 3e2cbac778
[Rspamd] 2.5 RC3 2020-03-31 10:03:40 +02:00
andryyy ccd4dda397
[Web] Some minor changes 2020-03-28 19:51:42 +01:00
andryyy 7a4560ee28
[Web] CSS fixes; Add OAUTH2_FORGET_SESSION_AFTER_LOGIN to vars.inc.php (wip); Do not run initdb on non-master cow 2020-03-24 18:46:11 +01:00
andryyy 2b1ff6c9a3
[Web] Fix sieve example insert 2020-03-19 12:46:39 +01:00
andryyy e1897b0631
[Web] Allow to set global sieve filters 2020-03-19 12:23:48 +01:00
andryyy 56538c4ef8
[Web] Fix transport validation, thanks to Gideon! 2020-03-08 20:23:02 +01:00
andryyy a529307603
[Web] Add missing maps 2020-03-06 08:43:19 +01:00
andryyy 41db65979d
[Web] Sort langs 2020-03-05 07:23:31 +01:00
André Peters c7d278384a
[Web] Add slovak language (#3387) 2020-03-05 07:22:44 +01:00
André Peters dcc9dd08a5
Aliases in SoGO will be sorted this way (#3386)
* Aliases in SoGO will be sorted this way

The sender drop down list when writing a new email in SoGO will be sorted with this patch. Currently they are in a pretty random order. I had to manually drop and recreate the view, not sure how to trigger this in Mailcow.

* Update init_db.inc.php

Co-authored-by: André Peters <andre.peters@debinux.de>
2020-03-05 07:16:26 +01:00
andryyy b1242259e7
[Web] Fix cow level, sorry :( 2020-03-04 12:54:38 +01:00
andryyy e91ddef717
[Web] Check smtp_tls_policy_map destination (more checks should be added) 2020-03-04 12:35:15 +01:00
Victor Nyberg 998c9515a2
Swedish language translation for Mailcow (#3366) 2020-02-27 06:50:03 +01:00
andryyy c785c8f700
[Dovecot] Show last mail (pop3, imap) login in web interface 2020-02-25 19:38:20 +01:00
andryyy ebf292531d
[Web] Set desc == domain name, when desc is empty, implements #3341 2020-02-21 08:59:50 +01:00
andryyy 0ac4281f0e
[Web] Allow to skip IP check for API 2020-02-16 20:08:36 +01:00
andryyy aa5128997e
[Web] Fix data type for port1 in imapsync 2020-02-16 13:05:55 +01:00
andryyy 868e9e3954
[Web] Unlearn spam if released from quarantine, implements #3327 2020-02-15 16:30:32 +01:00
andryyy 4ea843f087
[Web] Replace rtrim by preg_replace to fix transport checks 2020-02-11 08:18:29 +01:00
andryyy 8a3fc802c5 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2020-02-06 07:04:31 +01:00
andryyy 6686152ce0
[Web] Use redis master where necessary, hide UI if not master, create replicate quota2 table 2020-02-05 11:04:14 +01:00
Dmitriy Alekseev 19a6b45302
Change want_spam to list of symbols_enabled (#3304)
* Change want_spam to list of symbols_enabled

want_spam disable all mail processing by RspamD, so DKIM signing is not applied for any mail where rcpt is /postmaster@*/, including external one.

* Update preset_2.yml

Co-authored-by: André Peters <andre.peters@debinux.de>
2020-01-30 17:48:04 +01:00
andryyy cbe4f4ce70
[Web] Minor changes 2020-01-29 10:37:55 +01:00
andryyy fc37442d21
[Web] Fix transport validation for hostnames 2020-01-22 11:04:10 +01:00
andryyy 79ab962d50
[Web] Fix some transport verifications 2020-01-16 21:11:46 +01:00
andryyy 7fed117aac
[Web] Fix quarantine for sneaky dots, also fixes #3263 2020-01-15 10:23:42 +01:00
andryyy 4a72cda789
[Web] Minor hint for future todo 2020-01-12 12:22:57 +01:00
andryyy 157d2579e4
[Web] Complain about non-email email fields 2020-01-10 20:49:07 +01:00
andryyy 12b014082d
[Web] Allow to set bcc for quarantine messages 2020-01-10 20:43:40 +01:00
andryyy dc97d4f365 [Web] Hide app passwords from logs 2020-01-09 19:15:13 +01:00
andryyy d468ecfa65
[Web] Add more sieve presets 2019-12-27 22:03:11 +01:00
andryyy a89df381f8
[Web] Fix global maps 2019-12-27 15:51:23 +01:00
andryyy f2ae0db9a2
[Web] Minor fixes, some style adjustments 2019-12-23 14:46:57 +01:00
andryyy e47e54f3de [Web] Add more map types soon; Do not expose private key via API if hidden in vars (fixes #3231) 2019-12-22 21:26:15 +01:00
andryyy 26a267d3b6
[Web] Minor fix 2019-12-22 18:58:32 +01:00