Commit Graph

2104 Commits (fc1e547e5328d68bde4c6dbca1b8fa873ea16dda)

Author SHA1 Message Date
andryyy e25e9c7b40
[Postfix] Create resource maps 2019-06-09 16:49:38 +02:00
andryyy 5ce6688c78
[Web] Show resource alias 2019-06-09 16:49:17 +02:00
andryyy de3a89ac7a
[Postfix] Remove duplicate proxy read maps, add resource maps 2019-06-09 16:49:02 +02:00
Aiko Appeldorn 1634a486fc
[web] increased db version 2019-06-09 12:08:23 +02:00
Timo N 9325bb6f4e
Merge pull request #2594 from FELDSAM-INC/domain-default-mailbox-quota
Default quota for mailbox
2019-06-09 10:49:43 +02:00
dofl fa4c4b138e
Update main.cf
Added the delay_warning_time (http://www.postfix.org/postconf.5.html#delay_warning_time) with 4 hours as setting. Postfix will inform the user that the e-mail has not been delivered, but that it will try for the next 5 days. 

There is also a setting called confirm_delay_cleared (http://www.postfix.org/postconf.5.html#confirm_delay_cleared), but according to the Postfix this can lead to a sudden burst of notifications at the end of a prolonged network outage.
2019-06-09 07:39:36 +02:00
dofl d5eeb3e8af
Update main.cf
I was looking into creating a backup mx server for a high availability mailcow setup. It seems that this is not easily done. While researching to find out how long an average SMTP server keeps trying to send to a server that is down I found that RFC 5321 advises at least 4 to 5 days. Mailcow has a custom setup of 1 day, which is very short. The user will be unaware for 5 days that his mail has not been delivered, which can be negative. But I still would like to follow the advice of the RFC.

RFC 5321, in section 4.5.4.1, has this to say:
Retries continue until the message is transmitted or the sender  up;  the give-up time generally needs to be at least 4-5 days.  It MAY be appropriate to set a shorter maximum number of retries for non-delivery notifications and equivalent error messages than for standard messages. 

Postfix default is also 5 days: http://www.postfix.org/postconf.5.html

https://tools.ietf.org/html/rfc5321#section-4.5.4
2019-06-08 15:10:46 +02:00
andryyy 53bda04848
[PHP-FPM] Update PHP and some modules 2019-06-05 06:56:58 +02:00
andryyy af46a93e76
[Postfix] Remove authed user from header 2019-06-01 22:14:48 +02:00
andryyy de03e4178a
[Dovecot] Run cronjob at 4:15 AM to remove max aged quarantine items (default: 365 days) 2019-06-01 21:23:43 +02:00
andryyy d9361a6263
[PHP-FPM] Add Q_MAX_AGE key and set to 365 days if missing 2019-06-01 21:22:58 +02:00
andryyy 176f2a3f34
[Web] Allow to set max_age for quarantine items 2019-06-01 21:22:14 +02:00
andryyy 5f8dd69a2d
[Web] Fix lang strings for sieve pathes and sieve flow 2019-06-01 14:10:01 +02:00
andryyy dcacf85a5d
[Dovecot] Rename sieve_after to global_sieve_after and create a global_sieve_before file 2019-06-01 13:53:24 +02:00
andryyy aaf0d521a2
[Postfix] Add UA header check, not enabled by default 2019-06-01 08:29:53 +02:00
andryyy cc16f60826 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2019-05-30 08:36:56 +02:00
André Peters 69fb7f7a7c
[ClamAV] Update to 0.101.2 2019-05-30 08:36:39 +02:00
Timo N 15b2ca6eaa
[ClamAV] Updated to version 0.101.2 2019-05-30 06:41:21 +02:00
andryyy 395f0f7a3d
[Rspamd] Remove authenticated user from auth results header
[Dovecot] Fix permissions of console
[Compose] New Dovecot image
2019-05-29 18:02:14 +02:00
andryyy 8537767443
[Web] Show error when connection to redis fails (instead of 5xx) 2019-05-28 15:18:27 +02:00
Thomas Sänger e24ba8e2d8
fix typo that prevented trimming watchdog logs 2019-05-27 23:09:25 +02:00
andryyy 7d7ecbe591
[Dovecot] Removed quota recalc job (too intensive on larger systems) 2019-05-27 20:29:55 +02:00
andryyy 1da3145d13 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2019-05-27 19:34:30 +02:00
André Peters 856c37ef7b
[DockerAPI] Python3 - big thanks to @christianbur 2019-05-27 19:33:59 +02:00
andryyy 2757c6b5fe
[Postfix] Do not allow DSN for postscreen 2019-05-27 19:32:41 +02:00
andryyy 2508ee5b69
[Web] Delete from sender_acl when deleting an alias 2019-05-26 09:39:04 +02:00
andryyy 6fffda5def
[Web] Remove file 2019-05-26 09:24:50 +02:00
andryyy d5612cf60f
[Web] More fixes for alias as sender_acl 2019-05-26 09:22:06 +02:00
andryyy 5087d5ce96
[Web] Allow aliases as send-as 2019-05-26 08:29:10 +02:00
andryyy 57d65535c9
[Dovecot] Trim watchdog logs 2019-05-25 10:29:17 +02:00
andryyy db0ec130f5
[Web] Lang updates
[ACME] Typo
2019-05-22 23:47:45 +02:00
André Peters 522a304181
Merge pull request #2629 from christianbur/acme_v3
acme-tiny with python3
2019-05-22 23:36:23 +02:00
Christian Burmeister a8e96c57b1
fix typo - container_post__exec__maildir__cleanup 2019-05-22 23:05:07 +02:00
André Peters 9a114845d7
[Netfilter] Reworked by @Kraeutergarten 2019-05-22 22:49:40 +02:00
Christian Burmeister cd71935001
Remove pyOpenSSL 2019-05-21 19:58:18 +02:00
Christian Burmeister 7032ea00d0
add "--virtual .build-dependencies" 2019-05-21 19:51:03 +02:00
Christian Burmeister 8327aac700
Update phpfpm baseimage from alpine 3.8 to 3.9 2019-05-20 23:23:04 +02:00
Christian Burmeister bfbd4c1240
acme-tiny with python3 2019-05-20 21:32:04 +02:00
Christian Burmeister 9afa2730ac
Update server.py 2019-05-20 21:30:40 +02:00
Christian Burmeister 07d15cf035
Update Dockerfile 2019-05-20 21:27:47 +02:00
André Peters 003b244544
Merge pull request #2623 from Arlon1/acme/cert_renewal_threshold
acme: changed the threshold for certificate renewal
2019-05-20 19:51:03 +02:00
Evangelos Foutras e1a3313660 [Web] Fix showing domain with disabled sender check
If a mailbox is allowed to send as any address under its domain (+ alias
domains) and the domain itself has no aliases configured, no information
about this fact is shown to the user. That is to say, the "Do not check
sender access for the following domain(s) and its alias domains" field
under mailbox details is empty.

The above is happening because the second GROUP_CONCAT() returns NULL
making the enclosing CONCAT() return NULL as well. Fix this by using
CONCAT_WS() which correctly handles the case of zero domain aliases.

Furthermore, move the IFNULL() to the first GROUP_CONCAT() because
CONCAT_WS() returns an empty string when both GROUP_CONCAT()'s are
NULL. We can be certain that when the first GROUP_CONCAT() is NULL
the second one will be as well, so it's safe to use IFNULL() there.
2019-05-20 18:08:45 +03:00
andryyy ba14f0f113
[Rspamd] Fix spoofing detection 2019-05-20 15:14:42 +02:00
Kraeutergarten b862ce2bfb Add hostnames for blacklist. 2019-05-20 09:02:40 +02:00
Kraeutergarten e6de9c299d Fix wrong python version. 2019-05-20 07:02:42 +02:00
Kraeutergarten 9b02c9272e clear whitelist, if it gets cleard. 2019-05-19 10:55:11 +02:00
Kraeutergarten 5af250398c Redo complete logging.
Do some other fixes caused by python3
2019-05-19 10:36:16 +02:00
Kraeutergarten d6af494789 update to python3 2019-05-19 09:55:49 +02:00
Kraeutergarten 5ed113c47f resolving whitelist every minute 2019-05-19 09:48:10 +02:00
andryyy 1f365f5cff
[Dovecot] Remove shared namespace 2019-05-18 23:01:23 +02:00
andryyy 922a8db7a5
[Dovecot] Auto-generate shared namespace 2019-05-18 23:01:05 +02:00
andryyy 5e36018864
[Rspamd] Auto-generate SIEVE_HOST map and add dnsutils 2019-05-18 22:44:30 +02:00
andryyy 3ffa7e1f33
[Rspamd] Add SIEVE_HOST map and skip spoof check for these IPs 2019-05-18 22:44:06 +02:00
andryyy 5bb23a2664 [Web] Fix null ua in debug.js - fixes #2615 2019-05-18 15:35:00 +02:00
Kraeutergarten 51f5f66c91 low response timeout
add ipv6 support
add multiple record support
2019-05-18 12:04:11 +02:00
andryyy 45359bb6cf
[Rspamd] Do not apply SPOOFED_UNAUTH on ARC_ALLOW
[Dovecot] Set sieve_redirect_envelope_from to rcpt
2019-05-18 09:18:00 +02:00
Kraeutergarten 4cc63ceeb7 Allow hostnames for fail2ban whitelist. 2019-05-17 19:38:34 +02:00
andryyy 885b79f06f
[Web] Add function to read F2B data via API 2019-05-17 11:21:25 +02:00
andryyy 03f0bac916
[Watchdog] Change error message for acme-mailcow 2019-05-16 19:44:39 +02:00
andryyy 389317e9e4
[Dovecot] Fix memory leak when quarantine sender has non-ascii chars in mail address 2019-05-16 19:44:14 +02:00
andryyy 6a8c4e332b
[ACME] Register error when no hostname could be validated 2019-05-16 19:43:08 +02:00
Arlon1 2d5add5a13 acme: changed the threshold for certificate renewal
The threshold for certificate renewal is changed to 30 days before
expiry date (was 14 days).
fixes #2607
2019-05-16 15:31:50 +02:00
Kraeutergarten 7417dd3a85 Check if domain value is undefined or null. 2019-05-16 10:15:37 +02:00
Kraeutergarten 84a78dbd0d Adds only existing domains in table to the filter and removes additional ajax request. 2019-05-16 08:20:21 +02:00
andryyy 06193ca625
[Web] Write API logs when format is data binary 2019-05-12 15:22:00 +02:00
Kristián Feldsam b8b6450753 Default quota for mailbox
Signed-off-by: Kristián Feldsam <feldsam@gmail.com>
2019-05-11 11:16:40 +02:00
André Peters f0d29ba8ef
Merge pull request #2547 from FELDSAM-INC/feldsam/json-api
JSON API Consume json in request body.
2019-05-10 20:37:37 +02:00
andryyy 5c07cca529
[Rspamd] Change spoofed mail handling 2019-05-09 11:48:38 +02:00
andryyy 456e92c830
[Rspamd] Set to to_ip to_ip_from rate buckets to 100 / 1s 2019-05-09 11:32:16 +02:00
andryyy bf3fb0c9d4
[Web] Fix some breakpoints 2019-05-09 11:30:14 +02:00
André Peters 2b6e486a11
[Dovecot] Update imapsync - thanks to @hunter-nl 2019-05-09 10:39:28 +02:00
andryyy b20ff13e40 [Rspamd] Update to 1.9.2, minor entrypoint changes
[Compose] Update Rspamd to 1.9.2
2019-05-06 12:18:41 +02:00
André Peters 61433a4488
Merge pull request #2541 from sriccio/master
Allow to easily add custom plugins to rspamd
2019-05-05 22:33:32 +02:00
André Peters 6cf9a0354b
Trying to avoid non-distro packages 2019-05-05 22:30:11 +02:00
André Peters 081feca893
Replacing trim by function
https://perlmaven.com/trim
2019-05-05 22:28:55 +02:00
andryyy cf4c5df427
[Web] Disable refresh button on reload, re-enable after table init 2019-05-05 20:59:59 +02:00
andryyy acd8860efa
[Web] More minor css fixes 2019-05-05 20:49:13 +02:00
andryyy 9529b7a542
[Web] Various UI fixes 2019-05-05 20:44:29 +02:00
andryyy 05a2301ea6
[Web] Allow to rename alias to Alias 2019-05-05 20:01:53 +02:00
hunter-nl 4ebc871966
Added noreleasecheck parameter 2019-05-05 14:35:34 +02:00
andryyy f7e5f8b51f
[Web] Minor changes 2019-05-05 14:01:17 +02:00
hunter-nl d6833d0b29
Add extra perl modules for imapsync 2019-05-05 13:24:12 +02:00
hunter-nl 54a039fbd1
Fix: Processing result of running imapsync command
There was a possibility the status is_running never set back to 0.
Also the unlock command could be executed twice.
2019-05-05 13:15:34 +02:00
hunter-nl b7b532768c
Moved set "is_running" status
Moved set "is_running" status just before the actual execution of imapsync
2019-05-05 13:12:09 +02:00
hunter-nl fbf356d522
Update imapsync script to 1.937 2019-05-05 13:09:17 +02:00
hunter-nl d32f3e9d16
Fix processing imapsync custom parameters 2019-05-05 13:07:17 +02:00
André Peters 2d5e8a20ef
Merge pull request #2574 from emericklaw/mobileconfig-specialcharacters
Handle mobileconfig display names with special characters
2019-05-04 23:10:03 +02:00
andryyy 189ea89a71
[Dovecot] Revert to previous imapsync cron script 2019-05-04 23:08:43 +02:00
hunter-nl e59417ed78
Update imapsync_cron.pl
Second unlocking lock_file failed because it was already unlocked.
2019-05-04 13:07:23 +02:00
hunter-nl 99eb61a449
Update init_db.inc.php
imapsync table column "returned_text" changed into type "longtext". "mediumtext" is to small for imapsync output on large mailbox.
db version value updated.
2019-05-04 12:13:51 +02:00
hunter-nl f9cd9927b1
Update imapsync_cron.pl
Moved setting "is_running" status to just before the actual execution of imapsync command.
2019-05-04 12:02:41 +02:00
hunter-nl 95fe217ce1
Update imapsync_cron.pl
Fix: Reset is_running status in case of exception occurs in running imapsync. Else it will stuck in "running" status.
2019-05-04 11:58:19 +02:00
hunter-nl 59882b443a
Update imapsync_cron.pl
Fix executing imapsync command containing quoted strings in parameters.
2019-05-04 11:45:51 +02:00
emericklaw 12d46cf072
Updated to not convert quotes
I missed using ENT_NOQUOTES since XML only needs & and <> to be replaced in tags, spotted by @mkuron
2019-05-03 17:54:33 +01:00
emericklaw 472a99ff00
Handle mobileconfig display names with special characters
If the account display name contained special characters like & the mobileconfig would fail to import on the iOS device.
2019-05-03 13:31:10 +01:00
andryyy b09fab9125 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2019-05-01 23:17:20 +02:00
andryyy 28c8c53a6e
[Rspamd] meta_exporter: return false if not matched
[Compose] Update Dovecot image
2019-05-01 22:50:38 +02:00
André Peters d352173a47
Merge pull request #2570 from Geitenijs/patch-2
Update lang.nl.php
2019-05-01 21:24:14 +02:00
Sven Gottwald b55ac86d6b
Update Dovecot to v2.3.6 and Pigeonhole to v0.5.6 2019-05-01 20:28:11 +02:00
Geitenijs 9dc7d05fa4
Update lang.nl.php 2019-05-01 17:54:27 +02:00
André Peters 48984270dd
Merge pull request #2569 from Howaner/quarantine-domain-alias
Added domain alias handling to quarantine mails and added recipients row to quarantine mail display
2019-05-01 15:54:46 +02:00
Howaner 5bb7b5b368 Fixed XSS 2019-05-01 01:03:16 +02:00
Howaner 17918b3e21 Added domain alias handling to quarantine mails and added recipients row to quarantine mail display
If a mail is sent to a domain alias domain and rejected, mailcow does not currently store the mail in quarantine.
This commit adds domain alias handling to the reject code and should fix this behavior.

Also added displaying of recipient addresses into the quarantine mail dialog to be able to see what mail address was "leaked".
2019-05-01 00:56:12 +02:00
andryyy 59a8a3864a
[Web] Minor fixes 2019-04-30 22:51:17 +02:00
André Peters 18729e2b49
Merge pull request #2567 from Howaner/mailpreview-fix
Updated php-mime-mail-parser library to 5.1 to really fix webui html preview
2019-04-30 22:49:25 +02:00
Howaner 9ce80d0eb5 Updated php-mime-mail-parser library to 5.1 to really fix webui html preview 2019-04-30 21:41:56 +02:00
andryyy 91af3d5c5a
[Rspamd] Much higher scores for DMARC failures 2019-04-30 14:00:47 +02:00
André Peters 7c5094b8ec
Update 014-mailcow.js 2019-04-29 20:24:35 +02:00
André Peters b6607e090e
Update 014-mailcow.js 2019-04-29 19:43:30 +02:00
Howaner 4bac1da451 Updated php-mime-mail-parser library to 5.0 to fix webui html preview
Preview versions of php-mime-mail-parser uses iconv for the most cases and iconv isn't properly supported in alpine php
2019-04-28 20:22:37 +02:00
andryyy 60fd955def
[ACME] Add 0 byte check for cert.pem 2019-04-27 10:23:00 +02:00
andryyy 9bab6507a7
[ACME] Allow to skip all names but MAILCOW_HOSTNAME 2019-04-26 21:15:46 +02:00
andryyy 3e3e526568
[Dovecot] Update to 2.3.5.2
[Compose] Update Dovecot image
2019-04-25 18:10:28 +02:00
Ralph Paßgang 42b240c10c Updating the www.dovecot.org/releases/... url to just dovecot.org/releases/... in dovecot Dockerfile to
prevent a http redirect problem with the curl ... | tar command.
2019-04-24 17:44:15 +02:00
andryyy 9b303dcc0e
[Dovecot] Set default_vsz_limit = 1024 M
[Web] Form cache for user passwd change modal disabled
2019-04-24 14:46:45 +02:00
Kristián Feldsam be2877c875 JSON API Consume json in request body.
Draft docs https://feldhostmailhosting.docs.apiary.io

Signed-off-by: Kristián Feldsam <feldsam@gmail.com>
2019-04-20 21:57:39 +02:00
andryyy 5be4885c15
[Watchdog] Send mail when starting
[Compose] Update watchdog and remove oom check for compatibility
2019-04-18 22:09:26 +02:00
sriccio ef5cf81308 [rspamd] Allow to easily use custom rspamd lua plugins
Since rspamd 1.9.2 we'll be able to load custom modules from plugins.d
directory.

This allow to add and configure plugins easily from the
data/conf/rspamd/plugins.d

Also loading config for custom plugins need rspamd.conf.local or
optionally rspamd.conf.override.

I added support for this in the docker-compose.yml

Idea came while i was writing a custom plugin for Cyren antispam
gateway, which can be found here: https://github.com/sriccio/rspamd-plugins
2019-04-17 10:36:39 +02:00
andryyy 9f00d956f1 [Rspamd] Improve spoofing detection 2019-04-14 20:37:38 +02:00
andryyy cd88165282
[Nextcloud] Always install under subdomain, minor changes to site config and install script 2019-04-14 13:26:53 +02:00
andryyy c8047b9555 [Web] Change session timeout handling
[Rspamd] Add missing spamassassin.conf
2019-04-14 13:01:47 +02:00
andryyy e94c9e1ca6
[Web] Fix class for full mailbox 2019-04-05 13:08:16 +02:00
andryyy 794c2080ec
[ClamAV] Increase watchdog clamd-mailcow thresholds 2019-04-05 12:09:46 +02:00
andryyy a9c1b480c5
[Solr] Make entrypoint executable 2019-04-05 12:09:18 +02:00
Carlos Ferreira 5ddd37956f
Fix HTML bug with French language 2019-04-04 21:03:50 +02:00
Joshua Hesketh f8ff11a1e3
Merge branch 'master' into patch-4 2019-04-02 17:08:19 +11:00
andryyy fae34b8a89
I'm an idiot 2019-04-01 22:52:45 +02:00
andryyy bb12ce9edc
[Nginx] Fix site when ALLOW_ADMIN_EMAIL_LOGIN=y and reverse proxy is used, fixes #2489 2019-04-01 22:46:13 +02:00
andryyy 82f7cab259
[Web] Fix totp qr code, fixes #2490 2019-04-01 22:17:44 +02:00
andryyy 79bde4f702
[Web] Fix UTF-8 symbol 2019-03-31 19:44:24 +02:00
andryyy a86f9e0120
[Compose] New Dovecot image
[Dovecot] Update Dovecot to v2.3.5.1
2019-03-31 19:07:39 +02:00
André Peters 987e884407
Merge branch 'master' into admin-login 2019-03-31 15:49:18 +02:00
andryyy 14e57cf80f
[Web] Add ACL for unlimited quota (default 0) 2019-03-30 19:14:24 +01:00
andryyy b42d0df8e2
[ACME] Allow to skip http verification 2019-03-29 07:46:52 +01:00
andryyy 9378a34adb
[SOGo] Remove unnamed volume and rsync web content to named volume 2019-03-29 07:46:28 +01:00
andryyy 67d6957265
[Web] Show unlimited quota in user view 2019-03-28 23:04:24 +01:00
andryyy 49492dff61
[Web, Dovecot] Allow empty/unlimited quota 2019-03-28 22:05:12 +01:00
andryyy e7d17ad1ac
[Watchdog] Check for ACME failures 2019-03-27 23:15:04 +01:00
andryyy 8b0f7fa81b
[ACME] Write redis key on non-empty exit code 2019-03-27 23:14:46 +01:00
André Peters eb2b26699c
[Dovcot] Cleanup random user maildirs 2019-03-27 16:37:15 +01:00
andryyy 31f59eb2db
[Web] Update bootstrap slider 2019-03-25 12:34:53 +01:00
andryyy 3c4c760e29
[Web] Allow logout with broken session
[Web] Try to set aria hidden to false when a modal opens
2019-03-25 12:33:58 +01:00
Marcel Hofer 7d2289c3a7 Merge branch 'master' into admin-login
# Conflicts:
#	data/web/js/site/mailbox.js
2019-03-23 21:17:02 +01:00
andryyy 6a13609bf0
[Web] Fix slow UI by switching QR provider and only generating qr image on demand 2019-03-19 08:45:08 +01:00
andryyy 4aae72779a
[Dovecot] Remove auth cache 2019-03-18 14:15:02 +01:00
andryyy 22798a85e5
[Config] Add MAILDIR_SUB, "Maildir" for new setups by default
[Update] Add MAILDIR_SUB= for updated mailcows
[Dovecot] Read MAILDIR_SUB for mail_home
2019-03-18 14:09:32 +01:00
andryyy 1fcecd0350
[Web] Fix js when adding resource
[Web] Reload view and memcached when changing a resource
2019-03-18 10:16:33 +01:00
André Peters 3d8a46357b
Merge branch 'master' into admin-login 2019-03-18 02:03:59 +01:00
andryyy d8e356f590
[SOGo] Revert to previous settings 2019-03-18 01:36:32 +01:00
andryyy a614d64615
[SOGo] Adjust sync parameters, revert if you run into problems! 2019-03-14 08:59:24 +01:00