1
0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-14 10:53:30 +02:00
Commit Graph

288 Commits

Author SHA1 Message Date
bors-mailu[bot]
d91a04dd00
Merge #3221
3221: Better PROXY_PROTOCOL r=mergify[bot] a=nextgens

## What type of PR?

Feature

## What does this PR do?

- Disable IMAP, POP3 and Submission by default; see https://nostarttls.secvuln.info/ on why explicit TLS is going away.
- Change the semantic of PROXY_PROTOCOL to make it configurable per port
- fix TLS_FLAVOR=notls not working with snappymail
- fix TLS_PERMISSIVE
- remove KUBERNETES_INGRESS; shouldn't be needed anymore
- update the documentation and the reverse proxy example

### Related issue(s)
- close #3162
- close #3061

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
2024-06-09 10:17:32 +00:00
Florent Daigniere
72bf53105c doh2 2024-05-27 16:03:03 +02:00
Florent Daigniere
a55a9d89ba Update all dependencies 2024-05-20 11:08:03 +02:00
ctrl-i
e79e055ac1
Update Dockerfile
Roundcube incremented to 1.6.7 due to XSS vulnerabilities
2024-05-20 07:47:39 +01:00
Florent Daigniere
2b6405227b fix #3162: ensure snappymail works with notls 2024-04-06 18:16:52 +02:00
ctrl-i
8c848d4926
Update Dockerfile
Updated roundcube to the latest version 1.6.6
2024-01-21 09:32:39 +00:00
Florent Daigniere
0e522fceb7 Upgrade alpine, node, PHP and snappymail 2023-12-20 14:08:49 +01:00
bors-mailu[bot]
fd66c76c83
Merge #3033
3033: Enable snowball on FTS r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Enable [snowball](http://snowball.tartarus.org/algorithms/english/stemmer.html), a filter that will significantly cut down the size of FTS indexes.

It looks like the packages for aarch64 haven't been built yet... but this works on x64_86.
Don't unblock as long as  https://dl-cdn.alpinelinux.org/alpine/edge/testing/aarch64/dovecot-fts-flatcurve-0.3.4-r3.apk is 404

### Related issue(s)
- close #2977 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-11-07 15:07:07 +00:00
Florent Daigniere
80d03ae60b doh2 2023-11-07 09:42:43 +01:00
Florent Daigniere
239ef0092e Doh 2023-11-07 09:23:22 +01:00
ctrl-i
3a3f6d0694
Update Dockerfile 2023-11-06 07:56:13 +00:00
Florent Daigniere
fe9b16142f Same for snappymail 2023-11-01 11:04:01 +01:00
Florent Daigniere
d4116cf3b3 When FTS is enabled this is cheap 2023-11-01 10:54:53 +01:00
Florent Daigniere
2a570d0f6f Roundcube 1.6.4 2023-10-16 13:38:49 +02:00
Florent Daigniere
282401e671 Maybe fix CI 2023-10-09 12:13:57 +02:00
bors[bot]
26e1077bd8
Merge #2950
2950: Upgrade snuffleupagus r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Upgrade snuffleupagus

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-10-09 07:24:09 +00:00
bors[bot]
04d69141c3
Merge #2961
2961: Hardened malloc was not disabled for oletools when an CPU with missing flags is used r=Diman0 a=Diman0

## What type of PR?
bug fix

## What does this PR do?
Updates oletools to also disable hardened malloc when used CPU misses flags

### Related issue(s)
- closes #2959 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [n/a ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
Co-authored-by: Dimitri Huisman <52963853+Diman0@users.noreply.github.com>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-10-08 13:14:28 +00:00
Florent Daigniere
a6f57ca3d4 Upgrade snappymail to v2.29.1 2023-10-08 14:58:39 +02:00
Dimitri Huisman
ee7bb53366
Fix extracting of snappymail archive not working. 2023-10-05 18:12:48 +00:00
Florent Daigniere
c137e1a919 Add new rule too 2023-09-20 18:04:28 +02:00
Florent Daigniere
9402a3beec Upgrade webmails
roundcube 1.6.3
rcmcarddav 5.1.0
snappymail 2.28.4
2023-09-16 10:38:26 +02:00
Florent Daigniere
ca83152ad9 Update snuffleupagus.rules 2023-08-08 21:41:50 +02:00
Helmuth Breitenfellner
b7cf1c88ea bugfix for gpg execution with roundcube 2023-08-08 21:41:50 +02:00
Florent Daigniere
f143aa3dc8 Use dovecot-proxy where appropriate 2023-06-05 10:23:30 +02:00
bors[bot]
b6c093dfd6
Merge #2790
2790: Implement managesieve support r=mergify[bot] a=nextgens

## What type of PR?

Feature

## What does this PR do?

This is a better a alternative to #2773

Expose managesieve to the outside world.

### Related issue(s)
- close #2773
- #428
- #113
- #81
- #1222

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-05-26 14:11:33 +00:00
Florent Daigniere
7d39741c47 Make webmails use a different port without proxy protocol 2023-05-09 12:06:04 +02:00
Florent Daigniere
6be9ce8b65 doh 2023-04-28 07:51:47 +02:00
Florent Daigniere
1512493764 Fix roundcube's spellchecker 2023-04-27 12:43:38 +02:00
Florent Daigniere
86ff5f7b71 Merge remote-tracking branch 'upstream/master' into managesieve-proxy 2023-04-20 18:53:17 +02:00
Florent Daigniere
107b0ab5ff Implement managesieve support 2023-04-20 15:36:17 +02:00
bors[bot]
d8f6a53a1e
Merge #2771
2771: Sanitize logs as appropriate r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

- Sanitize logs as appropriate. 
- change the healthcheck of radicale to something less verbose
- disable hardened-malloc if we detect a processor not supporting the AVX extension set

Should we backport something like that? It could be argued it's a bugfix.

### Related issue(s)
- close #2644 
- close #2764
- #2541

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-04-20 09:23:25 +00:00
Dario Ernst
b0c71559d0 Whitelist all mailso* stream types in snuffleupagus for snappymail
For attachment download in snappymail to work, at least mailsoliteral is
needed. The additionally used stream types (from looking at the
snappymail source) have also been added, to ensure compatability with
whatever feature might rely on them ….
2023-04-17 14:43:13 +02:00
Florent Daigniere
7b08232049 Sanitize logs as appropriate 2023-04-13 14:46:12 +02:00
Dimitri Huisman
709edb522b
Introduce connection string (database url) for roundcube.
Remove database choice from setup.
Remove the old *DB_* database env variables from the documentation.
The env vars are deprecated now. They will be removed after the upcoming
Mailu release.
2023-03-26 12:21:00 +00:00
Florent Daigniere
459694f4a2 Extend roundcube's session lifetime 2023-03-17 11:37:46 +01:00
bors[bot]
03ff2f2132
Merge #2702
2702: Upgrade snappymail to v2.26.4 r=nextgens a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Upgrade snappymail to v2.26.4

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-03-15 16:23:40 +00:00
Florent Daigniere
22bb0594da Upgrade snappymail to v2.26.4 2023-03-15 08:43:39 +01:00
bors[bot]
b30540c074
Merge #2682
2682: Set snappymail autologout time according to SESSION_TIMEOUT r=mergify[bot] a=Nebukadneza

## What type of PR?
bug-fix

## What does this PR do?
Set the autologout variable in snappymail according with systemwide session configuration so that autologout does not trigger too early or too late, which confuses and unnerves users.

!!!!! Please note that I currently (due to very limited time resources) cannot test on snappymail yet, so this is a "blind" flight PR !!!!!
I know it’s a bit insolent to open PRs with untested code, deferring the testing work to somebody else, but that’s the best I can do ATM. Sorry!

### Related issue(s)
- closes #2680 
- 1.9 backport siebling: #

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.

 

Co-authored-by: Dario Ernst <dario@kanojo.de>
2023-03-15 07:39:30 +00:00
Dario Ernst
384d11ddaa Set snappymail autologout time according to PERMANENT_SESSION_LIFETIME
closes #2680
2023-03-14 09:51:01 +01:00
Florent Daigniere
7d21966114 fix #2693 2023-03-10 19:47:27 +01:00
Alexander Graf
d017b3f22a
Zero quota is unlimited 2023-02-07 08:45:54 +01:00
Florent Daigniere
0ec9f1797f Close #2258: sieve scripts should be utf8 encoded 2023-02-05 14:48:08 +01:00
Alexander Graf
3c9c01f8eb
Add style for responsive design 2023-01-30 10:49:09 +01:00
Alexander Graf
842be9b7c3
Skip listen to v6 when SUBNET6 is not set 2023-01-28 19:40:23 +01:00
Florent Daigniere
926570f1ca Need this too 2023-01-28 18:30:33 +01:00
Florent Daigniere
9803c51d55 Use a hostname 2023-01-28 18:23:10 +01:00
Florent Daigniere
6533f41f48 Trust the IP address from the local subnet
This will only work when SUBNET autodetection is merged
2023-01-28 17:37:16 +01:00
Florent Daigniere
760ec301e3 harden the trusted hosts 2023-01-28 17:22:52 +01:00
Florent Daigniere
9d2046f43f Upgrade webmails 2023-01-28 16:59:09 +01:00
bors[bot]
7e60ba4e98
Merge #2613
2613: Enhance network segregation r=nextgens a=nextgens

## What type of PR?

enhancement

## What does this PR do?

- put radicale and webmail on their own network: this is done for security: that way they have no privileged access anywhere (no access to redis, no access to XCLIENT, ...)
- remove the EXPOSE statements from the dockerfiles. These ports are for internal comms and are not meant to be exposed in any way to the outside world.

### Related issue(s)
- #2611

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-01-24 09:28:29 +00:00