{% trans %}If you use an Apple device,{% endtrans %} - {% trans %}click here to autoconfigure it.{% endtrans %} + {% trans %}click here to auto-configure it.{% endtrans %}{%- endblock %} diff --git a/docs/antispam.rst b/docs/antispam.rst index 9b204999..5042ff0c 100644 --- a/docs/antispam.rst +++ b/docs/antispam.rst @@ -33,7 +33,7 @@ Rspamd rejects non-compliant email messages and email messages that contain viru * In the administration web interface, under settings under Antispam 'Enable spam filter' must be ticked. If this option is disabled, then all email messages will automatically go to the inbox folder. Except for email messages with a score of 15 or higher, as these email messages are rejected by Rspamd. - * In the administration web interface, under settings under Antispam, the user defined spam filter tolerance must be configured. The default value is 80%. The lower the spam filter tolerance, the more false positives (ham classified as spam). The user can change this setting to finetune when an email message is classified as spam. + * In the administration web interface, under settings under Antispam, the user defined spam filter tolerance must be configured. The default value is 80%. The lower the spam filter tolerance, the more false positives (ham classified as spam). The user can change this setting to fine-tune when an email message is classified as spam. * Dovecot extracts the X-Spam-Level email header from the email message and converts the spam score (0 - 15) to a 0 - 100 percent scale. This spam score is compared with the user defined spam filter tolerance. If the spam score is lower than the user defined spam filter tolerance, then the email message is accepted. In logic: @@ -110,7 +110,7 @@ The following steps have to be taken to configure an additional symbol (rule) th * no action: allow message. The email message will be allowed without a spam score being added in the mail header. This can be used for creating a whitelist filter. - * soft reject: temporarily delay message (this is used, for instance, to greylist or ratelimit messages) + * soft reject: temporarily delay message (this is used, for instance, to greylist or rate-limit messages) To move an email message to the Junk (Spam) folder, a score of 15 can be used in combination with the action "add header". The above example configuration will reject all emails send from domains that are listed in '/etc/rspamd/override.d/blacklist.inc'. @@ -158,7 +158,7 @@ For more information on using the multimap filter see the official `multimap doc Can I change the list of authorized file attachments? ----------------------------------------------------- -Mailu rejects emails with file attachements it deems to be "executable" or otherwise dangerous. If you would like to tweak the block list, you can do so using the following commands: +Mailu rejects emails with file attachments it deems to be "executable" or otherwise dangerous. If you would like to tweak the block list, you can do so using the following commands: .. code-block:: bash diff --git a/docs/compose/requirements.rst b/docs/compose/requirements.rst index e828597d..1ce29454 100644 --- a/docs/compose/requirements.rst +++ b/docs/compose/requirements.rst @@ -43,7 +43,7 @@ make sure that you either: - setup a root *ext4* partition, - or setup a root *btrfs* partition, - - or leave enough unpartitionned space for a dedicated *ext4* or *btrfs* + - or leave enough unpartitioned space for a dedicated *ext4* or *btrfs* partition. If you chose to create a dedicated partition, simply mount it to @@ -74,7 +74,7 @@ default Debian install: apt-get autoremove --purge exim4 exim4-base -Finally, Docker relies heavily on ``iptables`` for port forwardings. You +Finally, Docker relies heavily on ``iptables`` for port forwarding. You should use ``iptables-persistent`` (or any equivalent tool on other systems) for managing persistent rules. If you were brave enough to switch to ``nftables``, you will have to rollback until official support is released diff --git a/docs/configuration.rst b/docs/configuration.rst index bccc9116..bc45f8c8 100644 --- a/docs/configuration.rst +++ b/docs/configuration.rst @@ -49,8 +49,8 @@ accounts for a specific IP subnet as defined in The ``AUTH_RATELIMIT_USER`` (default: 50/day) holds a security setting for fighting attackers that attempt to guess a user's password (typically using a password -bruteforce attack). The value defines the limit of distinct authentication attempts -allowed for any given account within a specific timeframe. Multiple attempts for the +brute-force attack). The value defines the limit of distinct authentication attempts +allowed for any given account within a specific time-frame. Multiple attempts for the same account with the same password only counts for one. The ``AUTH_RATELIMIT_EXEMPTION_LENGTH`` (default: 86400) is the number of seconds @@ -102,7 +102,7 @@ by setting ``INBOUND_TLS_ENFORCE`` to ``True``. Please note that this is forbidd internet facing hosts according to e.g. `RFC 3207`_ , because this prevents MTAs without STARTTLS support or e.g. mismatching TLS versions to deliver emails to Mailu. -The ``SCAN_MACROS`` (default: True) setting controls whether Mailu will endavour +The ``SCAN_MACROS`` (default: True) setting controls whether Mailu will endeavor to reject emails containing documents with malicious macros. Under the hood, it uses `mraptor from oletools`_ to determine whether a macro is malicious or not. @@ -168,11 +168,11 @@ in the admin interface, while ``SITENAME`` is a customization option for every Web interface. - ``LOGO_BACKGROUND`` sets a custom background colour for the brand logo - in the topleft of the main admin interface. + in the top-left of the main admin interface. For a list of colour codes refer to this page of `w3schools`_. - ``LOGO_URL`` sets a URL for a custom logo. This logo replaces the Mailu - logo in the topleft of the main admin interface. + logo in the top-left of the main admin interface. .. _`w3schools`: https://www.w3schools.com/cssref/css_colors.asp diff --git a/docs/contributors/guidelines.rst b/docs/contributors/guidelines.rst index 8644d83e..2fa7007f 100644 --- a/docs/contributors/guidelines.rst +++ b/docs/contributors/guidelines.rst @@ -93,7 +93,7 @@ Configuration files should be compiled at runtime by the container `start.py` script and all conditional syntax should be handled using Jinja logic. The `socrate` Python package should include relevant functions for container -lifecycle management. +life-cycle management. Anything that is not static, i.e. able to change at runtime, either due to configuration in the admin UI or user behavior, should take advantage of the diff --git a/docs/contributors/memo.rst b/docs/contributors/memo.rst index 65b86649..6b09cd36 100644 --- a/docs/contributors/memo.rst +++ b/docs/contributors/memo.rst @@ -8,7 +8,7 @@ Mailu uses Babel for internationalization and localization. Before any of your work is merged, you must make sure that your strings are internationalized using Babel. -If you used ``_``, ``trans`` blocks and other Babel syntaxes in your code, run the +If you used ``_``, ``trans`` blocks and other Babel syntax in your code, run the following command to update the POT file: .. code-block:: bash @@ -26,7 +26,7 @@ Please resolve fuzzy strings to the best of your knowledge. Update information files ------------------------ -If you added a feature or fixed a bug or committed anything that is worth mentionning +If you added a feature or fixed a bug or committed anything that is worth mentioning for the next upgrade, add it in the ``CHANGELOG.md`` file. Also, if you would like to be mentioned by name or add a comment in ``AUTHORS.md``, diff --git a/docs/contributors/workflow.rst b/docs/contributors/workflow.rst index 957d4a9b..b233e0db 100644 --- a/docs/contributors/workflow.rst +++ b/docs/contributors/workflow.rst @@ -19,8 +19,8 @@ This is a community project, thus commits should be readable enough for any of the contributors to guess the content by simply reading the comment or find a proper commit when one knows what they are looking for. -Usual standards remain: write english comments, single line short comments and -additional multiline if required (keep in mind that the most important piece +Usual standards remain: write English comments, single line short comments and +additional multi-line if required (keep in mind that the most important piece of information should fit in the first line). Branches diff --git a/docs/database.rst b/docs/database.rst index 26da8dd5..54e5015a 100644 --- a/docs/database.rst +++ b/docs/database.rst @@ -25,9 +25,9 @@ To switch to a different database back-end: 1. Drop into a shell inside the admin container as you'll need to execute multiple commands. E.g. `docker exec -i $(docker compose ps -q admin) bash` - 2. Initialize the new database backend: `flask mailu db init` + 2. Initialize the new database back-end: `flask mailu db init` - 3. Migrate the new database backend to the current state: `flask mailu db upgrade` + 3. Migrate the new database back-end to the current state: `flask mailu db upgrade` 4. Import the configuration export: `flask mailu config-import -v < /data/mail-config.yml` @@ -216,4 +216,4 @@ Optionally you can remove left-over files which were used by the old database: .. note:: Roundcube does not offer a migration tool for moving from SQLite to PostgreSQL. - In case roundcube is used, the Mailu setup utility can be used to specify SQLite for the roundcube database backend. + In case roundcube is used, the Mailu setup utility can be used to specify SQLite for the roundcube database back-end. diff --git a/docs/faq.rst b/docs/faq.rst index 3eb7bafc..fabf11aa 100644 --- a/docs/faq.rst +++ b/docs/faq.rst @@ -192,8 +192,8 @@ This means it can be scaled horizontally. For more information, refer to :ref:`k *Issue reference:* `165`_, `520`_. -How to achieve HA / failover? -````````````````````````````` +How to achieve HA / fail-over? +`````````````````````````````` The mailboxes and databases for Mailu are kept on the host filesystem under ``$ROOT/``. For making the **storage** highly available, all sorts of techniques can be used: @@ -287,7 +287,7 @@ I want to integrate Nextcloud 15 (and newer) with Mailu If a domain name (e.g. example.com) is specified, then this makes sure that only users from this domain will be allowed to login. -After successfull login the domain part will be stripped and the rest used as username in Nextcloud. e.g. 'username@example.com' will be 'username' in Nextcloud. Disable this behaviour by changing true (the fifth parameter) to false. +After successful login the domain part will be stripped and the rest used as username in Nextcloud. e.g. 'username@example.com' will be 'username' in Nextcloud. Disable this behaviour by changing true (the fifth parameter) to false. *Issue reference:* `575`_. @@ -473,8 +473,8 @@ Re-starting the smtp container will be required for changes to take effect. .. _`2213`: https://github.com/Mailu/Mailu/issues/2213 -My emails are getting defered, what can I do? -````````````````````````````````````````````` +My emails are getting deferred, what can I do? +`````````````````````````````````````````````` Emails are asynchronous and it's not abnormal for them to be defered sometimes. That being said, Mailu enforces secure connections where possible using DANE and MTA-STS, both of which have the potential to delay indefinitely delivery if something is misconfigured. @@ -731,8 +731,8 @@ Restart the Fail2Ban service. Users can't change their password from webmail `````````````````````````````````````````````` -All users have the abilty to login to the admin interface. Non-admin users -have only restricted funtionality such as changing their password and the +All users have the ability to login to the admin interface. Non-admin users +have only restricted functionality such as changing their password and the spam filter weight settings. *Issue reference:* `503`_. diff --git a/docs/index.rst b/docs/index.rst index ed281e3a..6e45c78f 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -23,7 +23,7 @@ popular groupware. Main features include: -- **Standard email server**, IMAP and IMAP+, SMTP and Submission with autoconfiguration profiles for clients +- **Standard email server**, IMAP and IMAP+, SMTP and Submission with auto-configuration profiles for clients - **Advanced email features**, aliases, domain aliases, custom routing, full-text search of email attachments - **Web access**, multiple Webmails and administration interface - **User features**, aliases, auto-reply, auto-forward, fetched accounts, managesieve diff --git a/docs/mailu-network-diagram.ipynb b/docs/mailu-network-diagram.ipynb new file mode 100644 index 00000000..7b4336a5 --- /dev/null +++ b/docs/mailu-network-diagram.ipynb @@ -0,0 +1,517 @@ +{ + "cells": [ + { + "cell_type": "code", + "execution_count": 2, + "metadata": {}, + "outputs": [ + { + "data": { + "image/svg+xml": [ + "\n", + "\n", + "\n", + "\n", + "\n" + ], + "text/plain": [ + "
Enable oletools - Oletools scans documents in email attachements for malicious macros. It has a much lower memory footprint than a full-fledged anti-virus. + Oletools scans documents in email attachments for malicious macros. It has a much lower memory footprint than a full-fledged anti-virus.
Enable Tika - Tika enables the functionality for searching through attachments. Tika scans documents in email attachments, process (OCR, keyword extraction) and then index them in a way they can be efficiently searched. This requires significant ressources (RAM, CPU and storage). + Tika enables the functionality for searching through attachments. Tika scans documents in email attachments, process (OCR, keyword extraction) and then index them in a way they can be efficiently searched. This requires significant resources (RAM, CPU and storage).
In the following sections we need to set the postmaster address. This is a combination of the postmaster local part and the main mail domain. The main mail domain is also used as "server display name". This is the way the SMTP server identifies itself when connecting to others. The Postmaster will get an e-mail address <postmaster>@<main_domain>. This address will receive the DMARC "rua" and "ruf" reports. -Or in plain english: if receivers start to classify your mail as spam, this postmaster will be informed.
+Or in plain English: if receivers start to classify your mail as spam, this postmaster will be informed.