self-hosted/Mailu
1
0
Fork 0
mirror of https://github.com/Mailu/Mailu.git synced 2025-01-06 00:26:08 +02:00
Code Issues Releases Activity
2,872 Commits 120 Branches 128 Tags 117 MiB
3afaeecfbb
Commit Graph

2872 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erriez
a5534a34dc Update Alpine version from 3.10 to 3.14 2021-08-14 09:03:57 +02:00
Florent Daigniere
9e5cfaaec8 towncrier 2021-08-14 09:03:57 +02:00
Florent Daigniere
ee54a615c1 Alpine has removed support for btree and hash 2021-08-14 09:03:57 +02:00
Diman0
4e16c9000b Give docker containers in each test one more minute for starting. 2021-08-14 09:03:57 +02:00
Diman0
146b081119 enhanced security changelog entry and added recommendation to recreate secret_key 2021-08-14 09:03:57 +02:00
Diman0
2132adcc38 Fixed typing error. 2021-08-14 09:03:57 +02:00
Diman0
e3fbf48c5a Improved changelog entry 2021-08-14 09:03:57 +02:00
Dimitri Huisman
9b2afbfa89 Resolve merge conflict 2021-08-14 09:03:57 +02:00
Diman0
b7db90b7ff Update documentation config and release notes page. 2021-08-14 09:03:57 +02:00
Diman0
529994c095 Update CHANGELOG.md and process towncrier newsfragments. 2021-08-14 09:03:57 +02:00
David Fairbrother
24747e33de Add ability to set no WEBROOT_REDIRECT to Nginx 
Adds a 'none' env option to WEBROOT_REDIRECT so that no `location /`
configuration is written to nginx.conf.

This is useful for setting up Mailu and Mailman where we override the
root to proxy to the mailing list server instead. Without this change
the nginx container will not start, or for 1.7 users can set their
WEBMAIL_PATH to / with no webmail to get the same results.

This fix means that future users don't have to choose between webmail
and a root override and makes the configuration intention clear.
 2021-08-14 09:03:57 +02:00
Florent Daigniere
0b16291153 doh 2021-08-14 08:49:28 +02:00
Florent Daigniere
7b847852af fix typo 2021-08-14 08:48:42 +02:00
Florent Daigniere
1db08018da Ensure that we get certificate validation on top90 
I have found a list of the top100 email destinations online and ran them
through a script to ensure that all of their MX servers had valid
configuration... this is the result
 2021-08-14 08:48:42 +02:00
Florent Daigniere
e1a7657999 Now that postfix has CAs we can switch to secure 
encrypt means "ensure we have some confidentiality" whereas secure means
"ensure we have confidentiality while talking to the right peer"
(protects against passive or/and active MITM attacks)
 2021-08-14 08:48:42 +02:00
Florent Daigniere
6149c759f4 doc 2021-08-14 08:48:42 +02:00
Florent Daigniere
b066a5e2ac add a default tls_policy_map 2021-08-14 08:48:42 +02:00
Florent Daigniere
1df79f8132 give PFS a chance 2021-08-14 08:48:04 +02:00
Erriez
10f2c17979 Restore Roundcube PHP files 2021-08-13 23:21:12 +02:00
Erriez
5a1d89aaac Restore Rainloop Dockerfile HEALTHCHECK 2021-08-13 23:20:41 +02:00
Florent Daigniere
925105075c this is required in fact 2021-08-13 20:35:40 +02:00
Diman0
5afbf37292 Resolve build issues 2021-08-13 15:12:33 +02:00
Dimitri Huisman
df64601b28
Merge branch 'master' into AdminLTE-3 2021-08-13 14:06:46 +02:00
Erriez
556a5897d1 Install php7-pdo and php7-pdo_sqlite for contacts 2021-08-12 21:10:06 +02:00
Erriez
d0a0ba6727 Optimize PHP pm setting to ondemand 
The ondemand setting results in lower memory consumption in idle.
 2021-08-12 20:49:58 +02:00
Erriez
0fd97124f7 Process review feedback 2021-08-12 17:23:24 +02:00
Florent Daigniere
772e5efb7d Disable pipelining to prevent bypass 2021-08-11 22:47:29 +02:00
Erriez
d472900efa Optimize Rainloop to NGINX 
- Reduce build time.
- Reduce image size.
- Faster user response using CGI.
 2021-08-10 21:47:14 +02:00
Florent Daigniere
c76a76c0b0 make it optional, add a knob 2021-08-10 12:19:51 +02:00
Florent Daigniere
5e1ba9d4ff towncrier 2021-08-10 12:09:11 +02:00
Florent Daigniere
109a8aa000 Ensure that we always have CERT+INTERMEDIARY CA 
Let's encrypt may change things up in the future...
 2021-08-10 10:55:21 +02:00
Florent Daigniere
dccd8afd51 Thanks @Diman0! 
ENEEDSLEEP
 2021-08-10 10:20:15 +02:00
Florent Daigniere
974bcba5ab Restore LOGIN as tests assume it's there 2021-08-10 09:05:02 +02:00
Florent Daigniere
2b05e72ce4 Revert "maybe fix the tests" 
This reverts commit f971b47fb9.
 2021-08-10 08:51:55 +02:00
Florent Daigniere
f971b47fb9 maybe fix the tests 2021-08-10 08:22:23 +02:00
Florent Daigniere
4a871c0905 this causes trouble with the test 2021-08-09 23:29:17 +02:00
Florent Daigniere
12c842c4b9 In fact in fullchain we want all but the last 2021-08-09 23:27:03 +02:00
Florent Daigniere
24f9bf1064 format certs for nginx 2021-08-09 22:51:23 +02:00
Florent Daigniere
98b903fe13 don't send the rootcert 2021-08-09 21:38:03 +02:00
Florent Daigniere
92ec446c20 doh 2021-08-09 21:29:05 +02:00
Florent Daigniere
f05cc99dc0 Add ECC certs for modern clients 2021-08-09 21:06:15 +02:00
Florent Daigniere
cb68cb312b Reduce the size of the RSA key to 3072bits 
This is already generous for certificates that have a 3month validity!

We rekey every single time.
 2021-08-09 20:40:56 +02:00
Florent Daigniere
5e7d5adf17 AUTH shouldn't happen on port 25 2021-08-09 20:10:49 +02:00
Florent Daigniere
55cdb1a534 be explicit about what we support 2021-08-09 17:42:33 +02:00
Florent Daigniere
ecadf46ac6 fix PFS 2021-08-09 17:39:15 +02:00
Florent Daigniere
7285c6bfd9 admin won't understand LOGIN 2021-08-09 17:29:42 +02:00
Florent Daigniere
de3620da4a Don't send credentials in clear ever 2021-08-09 17:29:42 +02:00
Florent Daigniere
4535c42e70 This isn't required 2021-08-09 17:29:42 +02:00
Florent Daigniere
1101e401e8 Apply the restriction on the right port 2021-08-09 14:58:58 +02:00
Florent Daigniere
6d244222da better error message 2021-08-09 09:28:19 +02:00