3221: Better PROXY_PROTOCOL r=mergify[bot] a=nextgens
## What type of PR?
Feature
## What does this PR do?
- Disable IMAP, POP3 and Submission by default; see https://nostarttls.secvuln.info/ on why explicit TLS is going away.
- Change the semantic of PROXY_PROTOCOL to make it configurable per port
- fix TLS_FLAVOR=notls not working with snappymail
- fix TLS_PERMISSIVE
- remove KUBERNETES_INGRESS; shouldn't be needed anymore
- update the documentation and the reverse proxy example
### Related issue(s)
- close#3162
- close#3061
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
3033: Enable snowball on FTS r=mergify[bot] a=nextgens
## What type of PR?
enhancement
## What does this PR do?
Enable [snowball](http://snowball.tartarus.org/algorithms/english/stemmer.html), a filter that will significantly cut down the size of FTS indexes.
It looks like the packages for aarch64 haven't been built yet... but this works on x64_86.
Don't unblock as long as https://dl-cdn.alpinelinux.org/alpine/edge/testing/aarch64/dovecot-fts-flatcurve-0.3.4-r3.apk is 404
### Related issue(s)
- close#2977
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2950: Upgrade snuffleupagus r=mergify[bot] a=nextgens
## What type of PR?
enhancement
## What does this PR do?
Upgrade snuffleupagus
### Related issue(s)
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2961: Hardened malloc was not disabled for oletools when an CPU with missing flags is used r=Diman0 a=Diman0
## What type of PR?
bug fix
## What does this PR do?
Updates oletools to also disable hardened malloc when used CPU misses flags
### Related issue(s)
- closes#2959
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [n/a ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
Co-authored-by: Dimitri Huisman <52963853+Diman0@users.noreply.github.com>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2790: Implement managesieve support r=mergify[bot] a=nextgens
## What type of PR?
Feature
## What does this PR do?
This is a better a alternative to #2773
Expose managesieve to the outside world.
### Related issue(s)
- close#2773
- #428
- #113
- #81
- #1222
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2771: Sanitize logs as appropriate r=mergify[bot] a=nextgens
## What type of PR?
enhancement
## What does this PR do?
- Sanitize logs as appropriate.
- change the healthcheck of radicale to something less verbose
- disable hardened-malloc if we detect a processor not supporting the AVX extension set
Should we backport something like that? It could be argued it's a bugfix.
### Related issue(s)
- close#2644
- close#2764
- #2541
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
For attachment download in snappymail to work, at least mailsoliteral is
needed. The additionally used stream types (from looking at the
snappymail source) have also been added, to ensure compatability with
whatever feature might rely on them ….
Remove database choice from setup.
Remove the old *DB_* database env variables from the documentation.
The env vars are deprecated now. They will be removed after the upcoming
Mailu release.
2702: Upgrade snappymail to v2.26.4 r=nextgens a=nextgens
## What type of PR?
enhancement
## What does this PR do?
Upgrade snappymail to v2.26.4
### Related issue(s)
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2682: Set snappymail autologout time according to SESSION_TIMEOUT r=mergify[bot] a=Nebukadneza
## What type of PR?
bug-fix
## What does this PR do?
Set the autologout variable in snappymail according with systemwide session configuration so that autologout does not trigger too early or too late, which confuses and unnerves users.
!!!!! Please note that I currently (due to very limited time resources) cannot test on snappymail yet, so this is a "blind" flight PR !!!!!
I know it’s a bit insolent to open PRs with untested code, deferring the testing work to somebody else, but that’s the best I can do ATM. Sorry!
### Related issue(s)
- closes#2680
- 1.9 backport siebling: #
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Dario Ernst <dario@kanojo.de>
2613: Enhance network segregation r=nextgens a=nextgens
## What type of PR?
enhancement
## What does this PR do?
- put radicale and webmail on their own network: this is done for security: that way they have no privileged access anywhere (no access to redis, no access to XCLIENT, ...)
- remove the EXPOSE statements from the dockerfiles. These ports are for internal comms and are not meant to be exposed in any way to the outside world.
### Related issue(s)
- #2611
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
