Thomas Sänger
492f3867d8
remove (broken) FTS
2019-01-10 12:09:08 +01:00
Dario Ernst
ac64a75743
Simplify alias precedence handling; Remove bogus changelog
2019-01-10 10:28:57 +01:00
mergify[bot]
520ebbb97d
Merge pull request #819 from hoellen/move-spam-1
...
Mark messages as seen when reporting them as spam
2019-01-10 02:08:12 +00:00
hoellen
7247b4b10c
Merge branch 'master' into fix-password-on-user-edit
2019-01-09 21:14:18 +01:00
hoellen
b65d70cf1e
mark spam as seen
2019-01-09 20:12:17 +01:00
hoellen
a59d5dad23
fix edit of fetched acc without changing password
2019-01-09 12:52:05 +01:00
hoellen
f08491dc46
fix forced password on user edit
2019-01-09 12:09:14 +01:00
Ionut Filip
2b0a2d561b
Fix connection to mysql db
2019-01-09 12:53:59 +02:00
Dario Ernst
291f8a457b
Deliver mails to alias-stripped-of-delimeter, even if catchall exists
...
This fixes delivery to an alias minus recipient delimiter in cases where a
wildcard alias would also match. For example,
* foo@xxx.tld
* %@xxx.tld
Sending to foo+spam@xxx.tld would get eaten by the catchall before this fix.
Now, the order of alias resolution is made clearer.
closes #813
2019-01-09 11:41:22 +01:00
hoellen
732b5fe161
change password field type in fetch creation/edit and add validators.
2019-01-08 19:44:27 +01:00
mergify[bot]
4204facd85
Merge pull request #810 from usrpro/feat-logging
...
Implement some degree of logging
2019-01-08 15:53:31 +00:00
Tim Möhlmann
049ca9941f
Cleanup syntax and fix typo
2019-01-08 05:21:03 +02:00
Tim Möhlmann
0ac3cf9617
Don't recursivly chown on mailboxes.
...
This fixes #776 .
Recursion is not needed, as the permissions will only need to be set on the first invocation.
2019-01-08 05:00:15 +02:00
Tim Möhlmann
71cda7983e
Merge branch 'master' into feat-logging
2019-01-08 01:54:33 +02:00
Tim Möhlmann
7d01bb2a4d
LOG_LEVEL docs and changelog entry
2019-01-08 00:58:01 +02:00
Tim Möhlmann
b04a9d1c28
Implement debug logging for template rendering
2019-01-08 00:38:06 +02:00
Tim Möhlmann
b9313488dd
Add logging for tenacity.retry
...
In the process we found that the previous way of tenacity syntax caused it not to honor any args.
In this commit we've refactored to use the @decorator syntax, in which tenacity seems to behave better.
2019-01-07 23:49:10 +02:00
mergify[bot]
3b5f3af207
Merge pull request #778 from Nebukadneza/fix_recipient_delimiter
...
Attempt stripping recipient delimiter from localpart
2019-01-07 19:01:44 +00:00
Ionut Filip
9077bf7313
Merge remote-tracking branch 'upstream/master' into feat-psql-support
2019-01-07 16:29:50 +02:00
Tim Möhlmann
5636e7f5a7
Remove to avoid matching webroot
2019-01-07 14:08:00 +02:00
Ionut Filip
953aa04354
Added postgresql-libs to admin
2019-01-07 14:04:39 +02:00
Tim Möhlmann
561e2fda67
Merge remote-tracking branch 'upstream/master' into fix-favicon
2019-01-07 12:20:06 +02:00
hoellen
501ecf13c1
add migration script
2019-01-06 15:36:57 +01:00
Tim Möhlmann
a358b5305f
Merge pull request #797 from Mailu/upgrade-pyyaml
...
Upgrade PyYAML
2019-01-06 15:56:18 +02:00
Tim Möhlmann
4f93e09028
Implement favicon package
...
Credit to:
- https://stackoverflow.com/a/19590415/1816774
- https://realfavicongenerator.net/
2019-01-06 15:49:40 +02:00
Tim Möhlmann
284d54190a
Upgrade PyYAML to 4.2b4
2019-01-06 14:40:29 +02:00
hoellen
dda64fe91e
allow to disable aliases or users for domains and don't allow negativ values on domain creation/edit
2019-01-05 13:52:13 +01:00
hoellen
8fe1e788b3
add missing route fixes
2019-01-04 21:18:51 +01:00
Tim Möhlmann
3c7bf58211
Upgrade PyYAML
...
CVE-2017-18342
Vulnerable versions: < 4.2b1
Patched version: 4.2b1
In PyYAML before 4.1, the yaml.load() API could execute arbitrary code. In other words, yaml.safe_load is not used.
2019-01-04 21:52:43 +02:00
hoellen
d5d4d6c337
harden email address validation and fix routes with user_email
2019-01-04 18:05:56 +01:00
Ionut Filip
01ec6e7bf3
Removed undefined function
2019-01-04 16:48:51 +02:00
mergify[bot]
d483ef3c2a
Merge pull request #792 from hoellen/admin-broken-links-1
...
fix broken webmail and logo url in admin
2019-01-02 17:18:46 +00:00
Tim Möhlmann
74fe177297
Merge pull request #785 from TheLegend875/feat-displayed-name
...
Feature: send auto reply with displayed name
2019-01-02 19:14:17 +02:00
hoellen
f617e82c06
fix broken webmail and logo url in admin
2019-01-02 14:08:03 +01:00
Tim Möhlmann
4068c5b751
Versioning for mysqlclient and psycopg2
2018-12-31 18:22:24 +02:00
Tim Möhlmann
b2823c23b8
Merge remote-tracking branch 'upstream/master' into feat-psql-support
2018-12-31 18:20:39 +02:00
Tim Möhlmann
9eaeb80a27
Finalize merge with kaiyou/feat-multiple-db
2018-12-31 18:02:07 +02:00
TheLegend875
999d2a9557
changed default.sieve to send displayed name
2018-12-30 22:06:36 +01:00
TheLegend875
2954d84790
added necessary ui elements
2018-12-30 22:06:36 +01:00
TheLegend875
56f4d4c894
fixed auto-forward
2018-12-30 22:05:33 +01:00
TheLegend875
5bdbbf60d7
fixed display of username when not logged in
2018-12-28 19:30:23 +01:00
Dario Ernst
c2d45a47fe
Attempt stripping recipient delimiter from localpart
...
Since postfix now asks us for the complete email over podop, which
includes the recipient-delimiter-and-what-follows not stripped, we need
to attempt to find both the verbatim localpart, as well as the localpart
stripped of the delimited part ….
Fixes #755
2018-12-27 16:31:59 +01:00
Tim Möhlmann
19df86f13f
Merge pull request #764 from usrpro/fix-alias-bug
...
Added regex validation for alias username
2018-12-27 11:54:43 +02:00
Tim Möhlmann
3a5b763018
Option to disable full text search (lucene)
...
This is a workaround for the bug in issue #751
2018-12-25 13:52:12 +02:00
mergify-bot
983c388150
Merge branch 'master' into 'fix-localpart-chars'
2018-12-21 14:48:36 +01:00
mergify-bot
6cfb74e96c
Merge branch 'master' into 'fix-localpart-chars'
2018-12-21 14:25:19 +01:00
Tim Möhlmann
af086bbdbe
Include DKIM in VOLUME
2018-12-20 17:47:15 +02:00
hoellen
c041a9d45c
allow all characters for username in dovecot
2018-12-19 16:19:37 +01:00
Tim Möhlmann
24828615cf
Webmail on root, fixes #757
2018-12-19 16:20:24 +02:00
Ionut Filip
8fc2846924
Added regex validation for alias username
2018-12-18 17:06:39 +02:00
Tim Möhlmann
3c4ee1b31e
Merge pull request #743 from kaiyou/master
...
Fixes #738 regarding application context
2018-12-14 11:09:27 +02:00
ofthesun9
97b3a85090
Merge pull request #737 from hoellen/fix-alias-match-behaviour
...
fix alias match behaviour
2018-12-13 20:34:09 +01:00
mergify-bot
09a50b6cfc
Merge branch 'master' into 'master'
2018-12-13 19:14:20 +01:00
kaiyou
4060ac2223
Remove some forgotten debugging
2018-12-13 15:19:34 +01:00
kaiyou
087841d5b7
Fix the way we handle the application context
...
The init script was pushing an application context, which maked
flask.g global and persisted across requests. This was evaluated
to have a minimal security impact.
This explains/fixes #738 : flask_wtf caches the csrf token in the
application context to have a single token per request, and only
sets the session attribute after the first generation.
2018-12-13 14:23:17 +01:00
kaiyou
b5f51b0e2e
Update python dependencies
2018-12-13 14:10:43 +01:00
kaiyou
8707b0fcd7
Use a dictionary of db connection string templates
2018-12-10 15:30:53 +01:00
kaiyou
19f18e2240
Lowercase relays as well as other tables
2018-12-10 15:16:30 +01:00
kaiyou
7e388e472a
Handle relay name as an Idna domain
2018-12-10 15:16:30 +01:00
kaiyou
871aa14c9a
Lowercase every domain name and email
2018-12-10 15:16:30 +01:00
kaiyou
3df9b3962d
Add default columns to the configuration table
2018-12-10 15:16:30 +01:00
kaiyou
b88f61f183
Name all constraints when creating them
...
Prefious commit set the constraint names for existing databases.
New databases can now have named constraints from the ground up.
2018-12-10 15:16:30 +01:00
kaiyou
b8282b1d46
Support named constraints for multiple backends
...
Supporting multiple backends requires that specific sqlite
collations are not used, thus lowercase is applied to all non
case-sensitive columns. However, lowercasing the database requires
temporary disabling foreign key constraints, which is not possible
on SQLite and requires we specify the constraint names.
This migration specific to sqlite and postgresql drops every
constraint, whether it is named or not, and recreates all of them
with known names so we can later disable them.
2018-12-10 15:16:30 +01:00
kaiyou
e022513a94
Fix support for postgres and mysql
2018-12-10 15:16:30 +01:00
kaiyou
a881a1a839
Revert "Make current migrations work with postgresql"
...
This reverts commit 9b9f3731f6
.
2018-12-10 15:03:12 +01:00
kaiyou
76925e82f3
Revert "Implement CIText as NOCASE alternative in postgresql"
...
This reverts commit 0f3c1b9d15
.
2018-12-10 15:01:27 +01:00
kaiyou
f52ae5535c
Revert "Created function for returning email type"
...
This reverts commit 436055f02c
.
2018-12-10 14:58:18 +01:00
kaiyou
f6520eace6
Merge branch 'feat-psql-support' of https://github.com/usrpro/Mailu into usrpro-feat-psql-support
2018-12-10 14:50:38 +01:00
hoellen
8fe9e695f3
prefer non-wildcard aliases over wildcard aliases
2018-12-10 08:40:10 +01:00
Tim Möhlmann
c7dcfee882
Merge pull request #713 from pgeorgi/extend-nginx
...
nginx: Allow extending config with overrides
2018-12-09 21:44:24 +02:00
hoellen
79768c09f6
fix alias matching behaviour
2018-12-09 19:49:23 +01:00
Tim Möhlmann
6ca8ed437d
Merge pull request #732 from Nebukadneza/add_front_certificate_reload
...
Add certificate watcher for external certs to reload nginx
2018-12-08 20:11:09 +02:00
Dario Ernst
1aa97c9914
Add certificate watcher for external certs to reload nginx
...
In case of TLS_FLAVOR=[mail,cert], the user supplies their own certificates.
However, since nginx is not aware of changes to these files, it cannot
reload itself e.g. when the certs get renewed.
To solve this, let’s add a small daemon in the place of
`letsencrypt.py`, which uses a flexible file-watching framework and
reloads nginx in the case the certificates change ….
2018-12-07 16:20:42 +00:00
Tim Möhlmann
c00910ca4b
Merge remote-tracking branch 'upstream/master' into extend-nginx
2018-12-07 16:48:50 +02:00
Tim Möhlmann
97d338e68a
Rectify 'endif' placement
2018-12-07 16:44:42 +02:00
Tim Möhlmann
425cdd5e77
Fix syntax errors
2018-12-07 16:29:41 +02:00
Tim Möhlmann
20f1faf6d0
Send 404 when nothing server at '/'
...
Prevents Nginx welcome screen
2018-12-07 16:10:52 +02:00
Tim Möhlmann
2de4995fec
Don't redirect when webmail is served on '/'
2018-12-07 15:17:04 +02:00
Tim Möhlmann
f0906073e3
Merge remote-tracking branch 'upstream/master' into feat-subnet2
2018-12-07 11:08:28 +02:00
mergify[bot]
a634c7b72d
Merge pull request #725 from usrpro/fix-outlook2019-smtp
...
Add login method to smtp_auth under ssl
2018-12-06 16:02:35 +00:00
Tim Möhlmann
8172f3eab8
Move the Mailu Docker network to a fixed subnet.
...
This will make network configuration and host based authentication
more robust, across different deployment platforms.
The options `RELAYNETS` and`POD_ADDRESS_RANGE` are kept for compatibility.
However, their usage have become optional.
2018-12-06 12:08:22 +02:00
kaiyou
b6aaf57be1
Merge branch 'refactor-config' of github.com:kaiyou/mailu into refactor-config
2018-12-06 10:33:21 +01:00
kaiyou
d0f07984b0
Merge remote-tracking branch 'upstream/master' into refactor-config
2018-12-06 10:23:43 +01:00
Tim Möhlmann
9dd447e23b
Add login method to smtp_auth under ssl
...
Fixes #704
2018-12-06 01:00:16 +02:00
Patrick Georgi
eac4d553a9
nginx: Allow extending config with overrides
...
To facilitate this, the default redirect at / can be disabled, even if
the default remains at redirecting to the webmailer.
The extensions are within the host scope and are read from
$ROOT/overrides/nginx/*.conf.
2018-12-05 23:54:52 +01:00
mergify[bot]
2d4bac03ad
Merge pull request #723 from usrpro/clean-healthcheck-logs
...
Admin: Prevent redirects during health checking
2018-12-05 18:09:14 +00:00
mergify[bot]
a382f74680
Merge pull request #705 from usrpro/fix-recaptcha
...
Fix recaptcha
2018-12-05 18:05:22 +00:00
mergify[bot]
37027cfce7
Merge pull request #633 from kaiyou/fix-sender-checks
...
Improve sender checks
2018-12-05 16:03:24 +00:00
Tim Möhlmann
d18cf7cb25
Prevent redirects during health checking
2018-12-05 17:43:42 +02:00
Tim Möhlmann
c9df311a0d
Set forward_destination to an empty list
...
The value of `None` resulted in an error, since a list was expected.
2018-12-04 16:22:18 +02:00
Tim Möhlmann
eff6c34632
Catch asterisk before resolve_domain
...
Asterisk results in IDNA error and a 500 return code.
2018-12-04 15:40:07 +02:00
Ionut Filip
7b8835070d
Added tenacity retry fir migrations connection
2018-12-03 15:25:10 +02:00
David Rothera
88c174fb7a
Query alternative table for domain matches
...
At present postfix checks this view for matches in the domain table and is used to accept/deny messages sent into it however it never checks for matches in the alternative table.
Fixes #718
2018-12-02 11:21:42 +00:00
Ionut Filip
436055f02c
Created function for returning email type
2018-11-21 13:43:06 +01:00
Tim Möhlmann
47a3fd47b5
Fix DB_FLAVOR condition testing for models.py
2018-11-20 18:18:33 +02:00
Tim Möhlmann
0f3c1b9d15
Implement CIText as NOCASE alternative in postgresql
2018-11-20 14:41:17 +02:00
Tim Möhlmann
9b9f3731f6
Make current migrations work with postgresql
2018-11-19 19:10:38 +02:00
Tim Möhlmann
8bdc0c71af
Allow for setting a different DB flavor
2018-11-14 14:58:54 +02:00
Ionut Filip
fed7146873
Captcha check on signup form
2018-11-09 12:30:49 +02:00
Tim Möhlmann
4783e61693
Fix password context
...
Fixes the following error:
```
admin_1 | [2018-11-09 09:44:10,533] ERROR in app: Exception on /internal/auth/email [GET]
admin_1 | Traceback (most recent call last):
admin_1 | File "/usr/lib/python3.6/site-packages/flask/app.py", line 2292, in wsgi_app
admin_1 | response = self.full_dispatch_request()
admin_1 | File "/usr/lib/python3.6/site-packages/flask/app.py", line 1815, in full_dispatch_request
admin_1 | rv = self.handle_user_exception(e)
admin_1 | File "/usr/lib/python3.6/site-packages/flask/app.py", line 1718, in handle_user_exception
admin_1 | reraise(exc_type, exc_value, tb)
admin_1 | File "/usr/lib/python3.6/site-packages/flask/_compat.py", line 35, in reraise
admin_1 | raise value
admin_1 | File "/usr/lib/python3.6/site-packages/flask/app.py", line 1813, in full_dispatch_request
admin_1 | rv = self.dispatch_request()
admin_1 | File "/usr/lib/python3.6/site-packages/flask/app.py", line 1799, in dispatch_request
admin_1 | return self.view_functions[rule.endpoint](**req.view_args)
admin_1 | File "/usr/lib/python3.6/site-packages/flask_limiter/extension.py", line 544, in __inner
admin_1 | return obj(*a, **k)
admin_1 | File "/app/mailu/internal/views/auth.py", line 18, in nginx_authentication
admin_1 | headers = nginx.handle_authentication(flask.request.headers)
admin_1 | File "/app/mailu/internal/nginx.py", line 48, in handle_authentication
admin_1 | if user.check_password(password):
admin_1 | File "/app/mailu/models.py", line 333, in check_password
admin_1 | context = User.pw_context
admin_1 | AttributeError: type object 'User' has no attribute 'pw_context'
```
2018-11-09 11:45:08 +02:00