Commit Graph

4231 Commits (feffee40ba1099b40a55e417f4a70455bb24477e)

Author SHA1 Message Date
andryyy ac6e379f09
[Web] Fix bootstrap pathes 2019-03-06 15:11:40 +01:00
andryyy 9abbe7eb1d
[Postfix] Mandatory protocol for authenticated clients over 587/tcp and 465/tcp is now TLSv1.0+ (reverts previous protocol change for authenticated users only)
[Postfix] Force route localhost$ over local:
2019-03-06 15:09:28 +01:00
andryyy 6dc5318673
[Rspamd] Delete rspamd.conf.local 2019-03-06 15:08:18 +01:00
andryyy e1ebacca27
[Rspamd] Drop rspamd.conf.local file 2019-03-06 15:06:51 +01:00
andryyy 81f581247b
[Compose] Update Rspamd image 2019-03-06 15:06:39 +01:00
andryyy 4d32eb49ee
[Dovecot] Revert to TLS1+ 2019-03-04 17:57:44 +01:00
andryyy 00b7a47cae
[Compose] Update watchdog image 2019-03-04 17:56:38 +01:00
andryyy 5bc8289d32
[Watchdog] Minor fixes, print last log lines on error 2019-03-04 17:56:27 +01:00
André Peters ed7a8431b4
Merge pull request #2394 from tha80/master
Downgrade rspamd deb repository
2019-03-04 14:13:23 +01:00
tha80 d365813997
Downgraded rspamd deb repository 2019-03-04 13:59:31 +01:00
andryyy c4dfed8a96
[Compose, Rspamd] Downgrade Rspamd 2019-03-03 22:54:47 +01:00
andryyy 950ab30462
[Rspamd] Upgrade Rspamd
[Compose] New Rspamd image
2019-03-03 22:25:56 +01:00
andryyy 0375703198
[Postfix] Fix mandatory encryption protocols and always require at least TLS 1.2 for LMTP 2019-03-03 12:11:39 +01:00
andryyy eccf3ff4da
[Postfix] Mandatory encryption protocol is now min. TLS 1.2 2019-03-03 12:09:10 +01:00
andryyy 69f54b99a1
[Dovecot] ssl_min_protocol is now TLS 1.2 2019-03-03 12:08:26 +01:00
andryyy 083b822cbf
[Compose] Update SOGo image 2019-03-03 12:07:54 +01:00
andryyy 52890e113f
[Web] Update bootstrap to 3.4.1, fixes #2381 2019-03-03 12:07:33 +01:00
andryyy 3873b7a768
[Update] Add /opt/bin to PATH, fixes #2391 2019-03-02 23:48:26 +01:00
André Peters de320771e0
Merge pull request #2385 from mhofer117/allow-admin-email-login
allow multiple concurrent admin logins
2019-03-02 21:34:36 +01:00
andryyy 1e79ea6c7e
[Web] Fix transport_check over port 465, fixes #2386 2019-03-02 20:32:12 +01:00
Marcel Hofer 6a7b4387eb allow multiple concurrent admin logins 2019-03-02 12:32:10 +01:00
andryyy 752a7c418b Revert SOGo image version 2019-03-01 14:17:09 +01:00
andryyy 8fd9db88b6
[Compose] New SOGo image 2019-03-01 14:15:25 +01:00
zekeriya 9b43974c96 [Policyd] Added policyd Dockerfile
[Compose] Added policyd Service
[Postfix] Added policyd for check_policy_service to main.cf
2019-03-01 10:42:11 +03:00
andryyy fcbcc117d2
[Netfilter] Detect SOGo 403
[Compose] Update Netfilter
2019-02-28 20:22:16 +01:00
André Peters 6dcb1af1b0
Merge pull request #2373 from mhofer117/allow-admin-email-login
always check basic auth against user database for EAS and SOGo if ALLOW_ADMIN_EMAIL_LOGIN is enabled
2019-02-28 09:00:14 +01:00
Marcel Hofer 965577c5d8 fix path check 2019-02-27 23:16:23 +01:00
Marcel Hofer fa80d66d6c match EAS and SOGO/dav case insensitive 2019-02-27 23:14:30 +01:00
Marcel Hofer a110378000 always check basic auth against user database for EAS and SOGo if ALLOW_ADMIN_EMAIL_LOGIN is enabled 2019-02-27 23:06:19 +01:00
Marcel 769ddb9ad4
Merge pull request #2 from mailcow/admin-login
rebase
2019-02-27 20:41:03 +01:00
andryyy 38911034c3
Don't break DAV 2019-02-26 22:13:37 +01:00
André Peters 5cef6b92be
Merge pull request #2368 from mhofer117/allow-admin-email-login
Security Fix/Extension for #2360 - Allow Admin Login
2019-02-26 21:38:13 +01:00
andryyy ae512018a8
[Postfix] Remove sasl requiring policies from port 25 2019-02-26 21:37:08 +01:00
Marcel Hofer e2f39df7d8 remove obsolete code, use openssl instead of `cat /dev/urandom` 2019-02-26 20:44:53 +01:00
andryyy 97adcbe5f8
[Web] Strip < and > from start/end of full name 2019-02-26 09:23:16 +01:00
Marcel Hofer 9f3b79b361 ignore sogo master pass file 2019-02-26 09:03:21 +01:00
Marcel Hofer dd6d253ac0 add random masterpass for sogo admin login
add required headers for sogo proxy auth with password
add SOGoEncryptionKey
add SOGoTrustProxyAuthentication only conditionally if feature is enabled
2019-02-26 09:02:35 +01:00
Marcel 937cdadd36
Merge pull request #1 from mailcow/admin-login
rebase
2019-02-26 08:42:32 +01:00
andryyy b0584b7699
[Dovecot] Remove vacation-seconds from global-only 2019-02-25 10:22:00 +01:00
andryyy 57312ad605
[Compose] Add ALLOW_ADMIN_EMAIL_LOGIN to sogo-mailcow to trigger bootstrap on change
[Compose] Static IPv4 for Dovecot
[SOGo] Remove SOGoIMAPServer from sogo.conf
[SOGo] Add SOGoIMAPServer to bootstrap process
[Nginx] Disallow editAccount for other accounts than 0 (own)
2019-02-25 00:00:32 +01:00
André Peters 298a8d24e9
Merge pull request #2360 from mhofer117/allow-admin-email-login
Allow admins to login as email user (without any password)
2019-02-24 18:49:13 +01:00
André Peters 4482aee747
Update sogo-auth.php 2019-02-24 00:15:09 +01:00
andryyy 108e808d06
[Rspamd] Reduce SOGO_CONTACT score to -99 2019-02-23 23:46:01 +01:00
André Peters 9a9079baa5
Update sogo.auth_request.template.sh 2019-02-23 22:29:14 +01:00
André Peters 88fbc6bf16
Update sogo-auth.php
Consistency again. :)

I moved the prerequisites require_once to the top, ok?
2019-02-23 22:26:41 +01:00
André Peters 0c8f217f49
Update sogo.auth_request.template.sh
Don't want to split hairs! Just consistency. :)
2019-02-23 22:20:09 +01:00
Marcel Hofer cac67db203 add config ALLOW_ADMIN_EMAIL_LOGIN and implement password-less SOGo login admins 2019-02-23 17:59:18 +01:00
andryyy db17a304b0
[ClamAV] Create directory before handling whitelist 2019-02-23 10:34:16 +01:00
andryyy 354ecd727c
[ClamAV] More checks and permission fixes 2019-02-23 10:27:13 +01:00
andryyy fe9b9f5dfa
[ClamAV] Set permission recursively
[Compose] Updaet ClamAV image
2019-02-23 10:21:13 +01:00