1
0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-22 22:13:11 +02:00
Commit Graph

2809 Commits

Author SHA1 Message Date
bladeswords
8010595dd2
Remove SPF type SPF record #1394
As mentioned in #1394 - In accordance with RFC 7208, offer only TXT RRs for SPF.
Agree with @Nebukadneza - but not sure how to go about telling people to remove the old record...
2020-03-09 23:22:13 +11:00
bladeswords
2ddf46ad2b
Update crypto to be modern and inline with tls.conf
Updated to match tls.conf and be aligned to more modern cryptographic standards and only use currently secure protocols and ciphers.
2020-03-09 23:12:02 +11:00
Leigh Morresi
83b51e6597 Place checkbox descriptions after checkboxes and labels, set italic for readability. 2020-03-08 00:57:28 +01:00
Leigh Morresi
1ede5dc301 Grammatical and spelling mistake fixes. 2020-03-08 00:42:38 +01:00
Alexander A. Klimov
313e98c1a2 fetchmail: print unhandled exceptions, but don't crash
refs #1295
2020-03-07 21:41:45 +01:00
Dario Ernst
23f21f8b9c Use pyyaml safe_load instead of load
Since load in unsafe (ref: https://msg.pyyaml.org/load),
switch the only occurrance of `yaml.load` that i could
find to safe_load.

closes #1085
2020-03-07 19:08:52 +00:00
Dario Ernst
afec5f08fb Remove duplicate ports line
closes #1079
2020-03-07 18:54:04 +00:00
micw
e08f4ab7a9
Fix wrong psql lib name 2020-03-07 19:38:12 +01:00
Dario Ernst
dbcab06587 Ignore newlines and comment-lines in postfix overrides
To make postfix override files understandable and readable, users may
want to insert empty newlines and #-commented lines in their postfix
override files too. This will now ignore such bogus-lines and not send
them to `postconf`, which produced ugly errors in the past.

closes #1098
2020-03-07 18:20:56 +00:00
Dario Ernst
09024c8008 Use environment variables for cert paths/names in nginx certwatcher
Previously, nginx certwatcher would only react to the hardcoded paths. It should have
honored the enviroment variables that are used by config.py too for this.

closes #903
2020-03-07 17:17:17 +00:00
bors[bot]
b8b1699f9e
Merge #1359
1359: Refactor the rate limiting code r=mergify[bot] a=kaiyou

## What type of PR?

Enhancement

## What does this PR do?

Rate limiting was already redesigned to use Python limits. This
introduced some unexpected behavior, including the fact that only
one criteria is supported per limiter. Docs and setup utility are
updated with this in mind.

Also, the code was made more generic, so limiters can be delivered
for something else than authentication. Authentication-specific
code was moved directly to the authentication routine.

### Related issue(s)

No specific issue.

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: kaiyou <pierre@jaury.eu>
2020-03-07 09:50:04 +00:00
Dario Ernst
8626326559 Fix dovecot dockerfile (accidentally broken in previous commit) 2020-03-07 10:21:21 +01:00
dependabot[bot]
94cfc31e04
Bump validators from 0.12.5 to 0.12.6 in /core/admin
Bumps [validators](https://github.com/kvesteri/validators) from 0.12.5 to 0.12.6.
- [Release notes](https://github.com/kvesteri/validators/releases)
- [Changelog](https://github.com/kvesteri/validators/blob/master/CHANGES.rst)
- [Commits](https://github.com/kvesteri/validators/commits)

Signed-off-by: dependabot[bot] <support@github.com>
2020-03-06 15:33:41 +00:00
bors[bot]
a3c6002a0a
Merge #1321
1321: Upgrading nginx TLS configuration r=mergify[bot] a=radtkedev

## What type of PR?

Enhancement

## What does this PR do?

Upgrades the TLS protocols and ciphers to the recommended "Intermediate Configuration" and sets the "Old Configuration" for port 25 (SMTP) based on the [Mozilla SSL Configuration Generator](https://ssl-config.mozilla.org/) and adjusted for the nginx mail proxy.

Co-authored-by: Tom Radtke <tom@radtke.dev>
2020-03-06 15:33:03 +00:00
Dario Ernst
dfe092eb46 Use names for docker build stages in dovecot Dockerfile 2020-03-06 16:11:59 +01:00
bors[bot]
1ca4d6769c
Merge #1349
1349: Add support for SRS, related to #328 r=mergify[bot] a=kaiyou

## What type of PR?

Feature

## What does this PR do?

It implements SRS using a Python SRS library.

### Related issue(s)
- closes #328 

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: kaiyou <pierre@jaury.eu>
2020-03-06 15:05:43 +00:00
micw
b4d81f833d
Add pdo_pgsql to Dockerfile 2020-03-06 15:55:35 +01:00
Dario Ernst
da2dda49d4 Prefer specific alias over wildcard, regardless of case
Since direct addresses (not aliases) are case-insensitive since a while,
it makes sense for aliases to behave the same. Up until now, a wildcard
alias could trump a alias not-matching-the-case of the incoming address.
This clarifies this behavior.

closes #1387
2020-03-06 13:56:48 +01:00
Weblate
cc4720d890 Merge branch 'origin/master' into Weblate 2020-02-17 20:23:39 +00:00
NeroPcStation
365f21007d Translated using Weblate (Polish)
Currently translated at 90.2% (147 of 163 strings)

Translation: Mailu/admin
Translate-URL: https://translate.tedomum.net/projects/mailu/admin/pl/
2020-02-17 20:23:38 +00:00
Philip Rosenberg-Watt
7a552f02c3 Add gpg to Roundcube
The web UI was complaining that it couldn't find the GPG binary. Turns out it wasn't installed.
2020-02-10 12:22:46 -07:00
kaiyou
8e88f1b8c3 Refactor the rate limiting code
Rate limiting was already redesigned to use Python limits. This
introduced some unexpected behavior, including the fact that only
one criteria is supported per limiter. Docs and setup utility are
updated with this in mind.

Also, the code was made more generic, so limiters can be delivered
for something else than authentication. Authentication-specific
code was moved directly to the authentication routine.
2020-02-09 17:38:18 +01:00
Philip Rosenberg-Watt
ff1dfec39a Add port to relay if it contains a colon
This closes #1357
2020-02-09 08:05:24 -07:00
bors[bot]
770d09b05b
Merge #1351
1351: Add some faq entries r=hoellen a=kaiyou

## What type of PR?

Documentation

## What does this PR do?

Add missing faq entries

### Related issue(s)
- Closes: #853 
- Closes: #897 
- Closes: #1090 
- Closes: #1315

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: kaiyou <pierre@jaury.eu>
2020-02-08 17:57:22 +00:00
kaiyou
76d2094b07 Apply suggestions from code review
Co-Authored-By: hoellen <hoellen@users.noreply.github.com>
2020-02-08 12:01:51 +01:00
kaiyou
a39249a43a
Update docs/faq.rst
Co-Authored-By: hoellen <hoellen@users.noreply.github.com>
2020-02-08 12:01:08 +01:00
bors[bot]
00d49e2986
Merge #1350
1350: Update the tlv1 faq to indicate that a full config rewrite is required r=mergify[bot] a=kaiyou

## What type of PR?

Documentation

## What does this PR do?

Update the tlv1 faq to indicate that a full config rewrite is required

### Related issue(s)
- Closes: #944 

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: kaiyou <pierre@jaury.eu>
2020-02-08 09:20:05 +00:00
kaiyou
7507345ce9 Fix encoding of custom fields in fetchmailrc 2020-02-07 21:44:23 +01:00
bors[bot]
cd3aca3609
Merge #1334
1334: Update RainLoop to 1.14.0 r=kaiyou a=hoellen

## What type of PR?

enhancement

## What does this PR do?
Update RainLoop to 1.14.0 (see [here](https://github.com/RainLoop/rainloop-webmail/releases/tag/v1.14.0))

Co-authored-by: hoellen <dev@hoellen.eu>
2020-02-07 17:45:34 +00:00
kaiyou
6edf7a7896 Add some faq entries 2020-02-07 17:14:09 +01:00
kaiyou
450be78898 Update the tlv1 faq to indicate that a full config rewrite is required 2020-02-07 15:25:29 +01:00
kaiyou
6ad9b7c2b2 Add a newsfragment 2020-02-07 15:17:29 +01:00
Philip Rosenberg-Watt
27e37577c6 Add IPv6 to allow_nets
Roundcube was not connecting to sieve with IPv6 enabled.

Fixes #1336
2020-02-03 14:53:04 -07:00
Weblate
b248f6a800 Merge branch 'origin/master' into Weblate 2020-01-31 01:23:00 +00:00
Andrási István
395a0d14dc Translated using Weblate (Hungarian)
Currently translated at 100.0% (163 of 163 strings)

Translation: Mailu/admin
Translate-URL: https://translate.tedomum.net/projects/mailu/admin/hu/
2020-01-31 01:22:59 +00:00
hoellen
9c2390ff7e Update RainLoop to 1.14.0 2020-01-30 21:12:35 +01:00
NeroPcStation
0593ccd9f0
Fix bad file path in documentation 2020-01-30 14:34:55 +01:00
bors[bot]
96f832835a
Merge #1278
1278: Limiter implementation r=kaiyou a=micw

## What type of PR?

(Feature, enhancement, bug-fix, documentation)

## What does this PR do?

Adds a custom limter based on the "limits" lirary that counts up on failed auths only

### Related issue(s)
- closes #1195
- closes #634

## Prerequistes

- [X] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Michael Wyraz <michael@wyraz.de>
Co-authored-by: micw <michael@wyraz.de>
2020-01-30 07:19:35 +00:00
bors[bot]
0bc10b7bc5
Merge #1269
1269: Add Fail2Ban section r=hoellen a=iohenkies

## What type of PR?
documentation

## What does this PR do?
This PR adds documentation to setup Fail2Ban to secure Mailu.

### Related issue(s)
- closes #1263

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.

edit [@hoellen]: Give information about the PR and link issue.

Co-authored-by: iohenkies <33115951+iohenkies@users.noreply.github.com>
2020-01-29 18:59:50 +00:00
Michael Wyraz
fe09cf5705 Default to DB_FLAVOR/DB_HOST if ROUNDCUBE_DB_FLAVOR/ROUNDCUBE_DB_HOST is not set 2020-01-29 19:58:58 +01:00
Michael Wyraz
2cb42c31a6 Add changelog 2020-01-29 19:58:58 +01:00
Michael Wyraz
8242ca150d Create/update database on startup 2020-01-29 19:58:58 +01:00
Michael Wyraz
982c93e3a2 Print roundcube error log to stdout 2020-01-29 19:58:58 +01:00
Michael Wyraz
06926561e2 Install php-mysql on roundcube container 2020-01-29 19:58:58 +01:00
Michael Wyraz
9b10e938cf Make roundcube db configurable 2020-01-29 19:58:58 +01:00
iohenkies
ae6f82984d Add Fail2Ban section 2020-01-29 11:41:31 +01:00
Dario Ernst
99ecaee7b9 Use a released git-tag for fts-xapian 2020-01-23 22:35:30 +01:00
bors[bot]
9db709515a
Merge #1308
1308: Use redis 5 on k8s & add selector r=mergify[bot] a=der-eismann

## What type of PR?
Enhancement

## What does this PR do?
This PR is updating Redis to version 5 in the kubernetes manifests. It is already used in the compose and swarm files, so I don't expect any incompatibilities. There is no necessary migration, you just can't go back.
In addition I added a selector to the manifest and applied a consistent formatting.

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Philipp Trulson <philipp@trulson.de>
2020-01-23 16:22:02 +00:00
Tom Radtke
4f973f63e6
Upgrading nginx TLS configuration 2020-01-20 10:09:11 +01:00
bors[bot]
761fade9a9
Merge #1316
1316: Fix the encoding of incoming user email and password r=mergify[bot] a=kaiyou

## What type of PR?

Bug fix

## What does this PR do?

As described in the changes, RFC2616 states that header should be considered ISO8859-1 in HTTP, which obviously nginx does not really care about when forwarding the password from SMTP authentication to the backend. Hence, we need to encode-then-decode passwords to get the proper value in case a special char is in there.

### Related issue(s)
- This fixes #1139 
- This is also related to #1281 
- This is also related to #1139

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: kaiyou <pierre@jaury.eu>
2020-01-19 17:25:19 +00:00