Commit Graph

1027 Commits (f9def721154732e92dfc082672a971a373d74ef5)

Author SHA1 Message Date
andryyy 6d22ae8d02
[Dovecot] Feature: Move authentication to LUA and prepare for http based authentication, log last SASL logins to SQL 2021-06-04 14:27:33 +02:00
andryyy 8a83587800
[Postfix] Finally here: MX based transport map routing; Sorry it took years, Patrik
[Web] Small fixes
2021-05-28 10:40:41 +02:00
andryyy 5065667ae4
[Postfix] Allow to set and override a relayhost per mailbox
[Web] Replace recycle icon with trash (this one made me a bit sad)
[Web] Various small fixes
[Web] Allow or disallow a domain admin to change relayhost settings (default is off, as previous default)
2021-05-26 14:02:27 +02:00
andryyy b8f7b00fff
[Rspamd] Add new bad header map 2021-05-24 11:09:46 +02:00
andryyy 676ce199f3
[Dovecot] Minor: Fix EHLO name 2021-05-24 11:09:33 +02:00
andryyy beda649ecf
[Dovecot] Quota notifications: Allow to send to external address (BCC via mailcow UI) 2021-05-23 09:49:36 +02:00
andryyy 08e9ab18a8
[Netfilter] Implement protocol error regex, fulfills #4093 2021-05-10 08:44:34 +02:00
Victor Nyberg b191190f6f
[Ejabberd] Stop plain text password/user from being logged to file in auth.log. (#4087) (#4089) 2021-05-06 13:56:05 +02:00
andryyy 0cbd4ec273
[Config, Update] Add ACME_CONTACT 2021-04-29 23:32:42 +02:00
andryyy edf1a4fb1f
[Netfilter] Exit on log line error in pubsub 2021-04-25 09:23:02 +02:00
monsterry dfe43f56bf
[netfilter] Use exit code 2 if an error occurs (#4040) 2021-04-25 09:13:26 +02:00
Sven Gottwald 2617f639b2
[ClamAV] Update to 0.103.2 (#4068)
Security patch, see https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html
2021-04-20 10:39:26 +02:00
andryyy 971434ddd3
[mailcow] Use ofelia instead of cron daemons (wip: remove init systems) 2021-04-16 20:38:09 +02:00
andryyy efd30df735 [PHP-FPM] Add default password policy 2021-04-09 13:49:31 +02:00
andryyy f60143e983
[Postfix, Dovecot, SOGo] Sanitize F2B logs 2021-04-07 21:27:05 +02:00
andryyy dbede2252c
[Ejabberd, Postfix, Dovecot] Do not run DNS check against unbound 2021-04-01 15:24:55 +02:00
andryyy a02425dbf5
[Dovecot] Remove Schaal, remove non-numeric TXT output from dig request 2021-03-26 11:24:39 +01:00
andryyy 8eb757bea3
[Netfilter] Further improvements to catch invalid input 2021-03-23 20:53:04 +01:00
andryyy 8bf9ee8308
[Netfilter] Restart on invalid data via pubsub 2021-03-22 21:19:24 +01:00
andryyy cda16ac53f
[ClamAV] Update to 0.103.1 2021-03-17 14:19:21 +01:00
andryyy 851f575384 Merge branch 'master' of github.com:mailcow/mailcow-dockerized 2021-03-13 12:38:06 +01:00
andryyy c79aae2b1e
[Watchdog] Longer sleep for open relay check 2021-03-13 12:37:06 +01:00
Valentin Brandner 3255c08813
[Update, Config] Add subject for watchdog emails (#4027)
Co-authored-by: Valentin <vbrandner.itsb-b2018@fh-salzburg.ac.at>
2021-03-13 12:36:29 +01:00
andryyy 84ba784550
[Dovecot] Set --addheader by default, fixes #4025 2021-03-11 19:21:50 +01:00
andryyy c39792c1a5
[Dovecot] Update image to 2.3.14 2021-03-04 16:13:27 +01:00
andryyy 0bd03c04bd
[ACME] Skip inactive domains 2021-03-03 07:59:11 +01:00
andryyy e9b554b09c [Web] Add nevondo.com ip check source, thank you! 2021-03-01 20:00:01 +01:00
andryyy d3c0e2fc11
Temp remove ip6.korves.net 2021-03-01 10:21:53 +01:00
andryyy 5eb2df542b
[Watchdog] Revert to Alpine 3.11, needs fixes 2021-02-18 11:52:54 +01:00
andryyy e0bb079cb7
[Watchdog] Temp. disable query check 2021-02-18 09:26:32 +01:00
andryyy 27b18373cc
[Alpine] Update Alpine base images to v3.13 2021-02-18 08:48:12 +01:00
Timo 0a3ea8ee3f
[olefy] Update container to alpine 3:13 to fix build (#3988) 2021-02-18 08:25:30 +01:00
andryyy 9c8c83fd24
[Web] Fix permission of ejabberd directory 2021-02-16 14:09:08 +01:00
andryyy 8c6b512f05
[mailcow] Move ejabberd site to last available site 2021-02-12 19:26:49 +01:00
andryyy f2453e316f
[Ejabberd] More fixes for Ejabberd integration (WIP) 2021-02-12 10:04:19 +01:00
andryyy 38c5470d54
[Ejabberd] Various fixes, sorry (still WIP) 2021-02-11 21:09:46 +01:00
andryyy 462aa0a764
[Ejabberd] Fix bootstrapping, ejabberd could not be enabled 2021-02-11 20:46:13 +01:00
andryyy 9c1bd5c18b
[Ejabberd] Add new Dockerfile 2021-02-11 15:24:49 +01:00
andryyy fa9c584912
[PHP-FPM] Add sleep to loop 2021-02-11 09:33:02 +01:00
andryyy 410cb558ee
[Dovecot] Check if quarantine_notify.py holds a lock
[SOGo] Change default theme
2021-01-28 15:48:59 +01:00
ValdikSS 9c559680a6
Add postscreen whitelist syntax and examples (#3931) 2021-01-11 19:23:32 +01:00
andryyy ea98ac6442
[Postfix] Do not create a TLS SNI map when SKIP_LETS_ENCRYPT=y 2021-01-08 12:39:40 +01:00
andryyy 5ea0caa261
[Dovecot] Update Dovecot to 2.3.13 2021-01-04 16:36:33 +01:00
andryyy c8a72bf642
[Watchdog] Return score with Rspamd check 2020-12-26 10:20:46 +01:00
andryyy 16f87f07fa
[Dovecot] Replace hostname for quarantine notifications with mailcow hostname (broke after Docker 20.10 fix) 2020-12-11 10:05:05 +01:00
andryyy 835c4eebb8
[Postfix] Fix HELO name 2020-12-09 14:41:19 +01:00
andryyy ba20db2e08
[Web] Allow a user to choose notification categories (junk folder, rejected mail, both/all) + user ACL 2020-11-28 17:41:48 +01:00
andryyy bfd451fe30
[ClamAV] Add default wl PUA.Pdf.Trojan.OpenActionObjectwithJavascript-1 2020-11-19 15:28:52 +01:00
Lukas Schreiner d96bf91a0d
Support of different default pass schemes + support of BLF-CRYPT (#3832)
* Introduce MAILCOW_PASS_SCHEME in order to support blowfish (cf. mailcow/mailcow-dockerized#1019)

* Furthermore added dovecot to support new environment varible for MAILCOW_PASS_SCHEME defaulted to SSHA256

* Revert changes regarding gitignore.

* Added fallback to SSHA256 if environment is not proper prepared.

* No fallback within management frontend, as it must match to other components.

* Unified and corrected alignment; implemented support of SSHA512

* Currently, password_hash of PHP is using by default bcrypt (BLF). As this might change later, we must ensure, that BLF is still used after PHP changes its default.

* Switched to BLF-CRYPT by default (even on update)

* Switched to BLF-CRYPT by default (even on update)

* Adding information in config generation / update with link to supported hash algorithm

* Bump sogo version to 1.92

* Fallback to BLF-CRYPT in case password scheme is not proper defined for Mailcow administration.
2020-11-15 20:22:35 +01:00
andryyy 477e1ff464
[Web] Fix initial static view update 2020-11-13 15:20:30 +01:00
andryyy 9245bd8636
[Postfix] Sanitize string in smtpd last login script with printf 2020-11-06 12:23:23 +01:00
andryyy 4e337b308f
[Dovecot] Select action in quarantine script, use nobody to run imapsync cron 2020-11-06 12:23:02 +01:00
andryyy 6c697f3f3f
[Web, Quarantine] Allow to set the max score of a message up to which a quarantine notification will be sent 2020-10-27 21:34:02 +01:00
andryyy d85241f518
[Rspamd] Temp. pre-add proposed upstream change in metadata exporter 2020-10-23 21:49:06 +02:00
andryyy efc6f214d1 [Dovecot] Revert notification excludes (there are no blacklisted elements in quarantine anymore) 2020-10-23 20:24:25 +02:00
andryyy c7e17c7fd1
[Rspamd] Global blacklists are not prefilters anymore to not prevent them from being learned 2020-10-21 19:00:53 +02:00
andryyy 5f8e13f596 [Dovecot] Allow to define static master user (not recommended) 2020-10-20 15:43:05 +02:00
andryyy 769c500cd0
[Watchdog] Watch milter status with a dirty workaround, waiting for proxy ping pong event to implement a better check 2020-10-09 11:21:17 +02:00
andryyy dd62030ce2
[Rspamd] 2.6 stable, switch repo 2020-10-03 11:12:12 +02:00
andryyy da200db2d3
[ACME] Add more checks, avoid cert/key mismatch on some installations, fix some output 2020-09-28 19:58:30 +02:00
andryyy 836ea1508e
[Postfix] Fix smtp last login on replicated setups 2020-09-28 16:23:49 +02:00
andryyy 172562fc29
[Watchdog] Increase threshold for cert check 2020-09-27 11:34:00 +02:00
andryyy bcad1af121
[Watchdog] Add certificate check for primary certificate; Add mail delay 2020-09-27 10:34:59 +02:00
andryyy c8ce288178
[ACME] Do check for restart of Postfix and Dovecot service more thoroughly 2020-09-26 23:33:28 +02:00
andryyy a79d536867
[Rspamd] 2.6-0~git32~1c3e0910b~buster 2020-09-25 23:00:01 +02:00
andryyy c3c98348e2
[SOGo] Re-enable TLS for internal IMAP connections, enable TLS for internal SMTP connections
[Web] Minor fix in quarantine view
2020-09-24 21:51:32 +02:00
andryyy 2df661a91e
[Dovecot] Move mail index to new volume 2020-09-23 11:20:00 +02:00
andryyy 386133b855 [Dovecot] Remove like from query
Signed-off-by: andryyy <andre.peters@debinux.de>
2020-09-20 22:30:03 +02:00
andryyy 3a9efc86cf
[SOGo, Dovecot] Remove unnecessary likes from sql queries
[Web] Filter transport destinations to prevent empty destinations
2020-09-20 22:21:00 +02:00
andryyy 4627331339
[Dovecot] Fix sieve with new protocol toggling implementation, fixes #3769 2020-09-19 19:15:06 +02:00
andryyy 85b027aa9d
[Postfix] Merge syslog filters
[Postfix] Create sasl_access map; Use JSON_VALUE and remove unnecessary like command
2020-09-17 19:48:04 +02:00
andryyy 09ec4fcd81
[Dovecot] For future use: pass used protocol; Check if user has protocol access while authenticating 2020-09-17 19:46:28 +02:00
andryyy fd2d7d12a0
[Rspamd] Latest 2.5 2020-09-15 11:57:39 +02:00
andryyy 567064ed50
[ClamAV] Update to 0.103.0 2020-09-15 11:07:35 +02:00
andryyy 1f36ae28d4
[Postfix, Web] Feature: Show last SMTP login 2020-09-15 11:02:53 +02:00
andryyy 28041b1d97
[Rspamd] Encrypt fuzzy communication, switch to Rspamd 2.6 2020-09-15 11:01:20 +02:00
andryyy 6cb5d832d6
[Rspamd] Minor: Fix text 2020-09-09 10:49:08 +02:00
andryyy ed9daeb849
[Oletools] Fix olevba.py manually until merged 2020-09-09 10:48:43 +02:00
andryyy 0884f42379
[Netfilter] Skip invalid regex 2020-08-27 21:13:30 +02:00
andryyy d4dd1024c9
[Netfilter] Replace query by resolve (deprecated) 2020-08-27 20:50:22 +02:00
andryyy d47652d7e4
[Netfilter] Reload regex filters from Redis 2020-08-27 20:42:20 +02:00
andryyy 97ee4b70ca
[Various] Always use lowercase for COMPOSE_PROJECT_NAME 2020-08-27 20:41:45 +02:00
andryyy ef2c96b010
[SOGo] Update to 5.0.0.20200816-1 2020-08-16 11:58:57 +02:00
andryyy c85ce6f2c2
[Dovecot] Update to 2.3.11.3 2020-08-13 10:45:13 +02:00
andryyy c9fb2517a2
[PHP-FPM] Fix lookup of Postfix container when SQL applied an update 2020-08-07 22:25:17 +02:00
andryyy 954736cfea
[PHP-FPM] Fix missing aspell lib, update Redis lib, fixes #3675 2020-07-25 08:54:43 +02:00
andryyy e34060e943
[PHP-FPM] Add pspell; [SOGo] Update image 2020-07-23 11:21:37 +02:00
monsterry 3ac74258db
[Config] Allow CIDR notation for API_ALLOW_FROM (#3655) 2020-07-15 07:28:02 +02:00
andryyy 816c779ac2
[Netfilter] Fix Netfilter image 2020-07-12 05:20:57 +02:00
andryyy 4cefc6039f
[Watchdog] Filter containers by compose project name 2020-07-11 13:32:10 +02:00
andryyy bffa3d962a
[Postfix] Test DNS against mailcow.email 2020-07-11 13:31:48 +02:00
andryyy ed3c58134b
[PHP-FPM] Filter containers by compose project name 2020-07-11 13:31:16 +02:00
andryyy 27b192d5c3
[ACME] Filter containers by compose project name 2020-07-11 13:30:57 +02:00
andryyy f2a68b2ff1
[SOGo] SOGo does no trust self signed or invalid certificates anymore, add temp workaround 2020-07-11 13:23:22 +02:00
andryyy 09ad2b1314
[Dovecot] Filter by compose project name, create trusted map for SOGo IP, run DNS check before starting service 2020-07-11 13:22:48 +02:00
andryyy 6c92688ff6
[Quarantine] Allow to redirect all quarantine messages to a specific address
[Web] Minor changes to quarantine UI
2020-07-04 19:31:44 +02:00
andryyy e40a0eae01
[ACME] Fix directory URL 2020-07-03 10:20:36 +02:00
andryyy 4ce39c0f3f
[ACME] Add DIRECTORY_URL for custom directory URLs 2020-07-03 09:00:10 +02:00
andryyy be538dd94e
[Watchdog] Minor change to Dovecot health check 2020-06-23 10:44:52 +02:00
andryyy f7c807b290
[PHP-FPM] Add bcmath and GMP 2020-06-14 20:13:09 +02:00