1
0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-14 10:53:30 +02:00
Commit Graph

966 Commits

Author SHA1 Message Date
Dimitri Huisman
39b0d44079
Use first() instead of all() for better performance
Actually return all data for Get user
Remove non-used code
2022-12-27 11:32:57 +01:00
Dimitri Huisman
f9b26bd934
Update User with newly introduced allow spoofing field 2022-12-27 11:32:57 +01:00
Dimitri Huisman
6347c18f8a
Process review comments (PR2464) 2022-12-27 11:32:57 +01:00
Dimitri Huisman
61d092922c
Process review comments (PR2464) 2022-12-27 11:32:57 +01:00
Dimitri Huisman
afb224e796
Update password hash description for user API endpoint 2022-12-27 11:32:57 +01:00
Dimitri Huisman
d4e5db5084
Remove unneeded comment 2022-12-27 11:32:56 +01:00
Dimitri Huisman
7a36f6bbb9
Use hmac.compare_digest to prevent timing attacks. 2022-12-27 11:32:56 +01:00
Dimitri Huisman
5c9cdfe1de
Introduction of the Mailu RESTful API.
Anything that can be configured in the web administration interface,
can also be configured via the Mailu RESTful API.
See the section Advanced configuration in the configuration reference
for the relevant settings in mailu.env for enabling the API.
(API, WEB_API, API_TOKEN).
2022-12-27 11:32:54 +01:00
Alexander Graf
866ad89dfc
first try at api using flask-restx & marshmallow 2022-12-27 11:20:59 +01:00
Alexander Graf
c30944404d
Add "API" flag to config (default: disabled) 2022-12-27 11:20:59 +01:00
bors[bot]
8461a11ff4
Merge #2588
2588: IMAP folder names may contain characters outside of \w: [a-zA-Z0-9] r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

IMAP folder names may contain characters outside of \w: [a-zA-Z0-9]. Typically it may be subfolders...

I have also simplified the regexp since we strip spaces the line below.

This is used for "external accounts"/fetchmail.

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-12-22 13:30:17 +00:00
Johnson Thiang
bd20ef04cc change field type to db.text 2022-12-22 18:10:13 +08:00
Alexander Graf
c38e6aae4e
Add button to mailu-admin in roundcube task menu 2022-12-20 12:30:03 +01:00
bors[bot]
251db0b1af
Merge #2562
2562: Dynamic address resolution everywhere r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Use dynamic address resolution everywhere.
Derive a new key for admin/SECRET_KEY
Cleanup the environment

This should allow restarting containers.

### Related issue(s)
- closes #1341
- closes #1013
- closes #1430

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-12-19 10:12:26 +00:00
Florent Daigniere
c634b9ac04 IMAP folder names may contain characters outside of \w: [a-zA-Z0-9] 2022-12-19 10:33:05 +01:00
fastlorenzo
135207db3e
fix missing casting to int for SESSION_KEY_BITS
Signed-off-by: fastlorenzo <git@bernardi.be>
2022-12-14 01:00:23 +01:00
Florent Daigniere
b630355d03 Autofocus the login form on /sso/login 2022-12-08 15:17:58 +01:00
Florent Daigniere
4e3874b0c1 Enable dynamic resolution of hostnames 2022-12-08 13:00:50 +01:00
bors[bot]
cd5e6c896f
Merge #2568
2568: Fix a bug preventing users without IMAP access to access the webmails r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Fix a bug preventing users without IMAP access to access the webmails

### Related issue(s)
- close #2451

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-11-30 08:03:50 +00:00
Florent Daigniere
c565e69a01
as requested 2022-11-29 13:34:22 +01:00
Florent Daigniere
b553d025eb
remove newline 2022-11-29 13:32:40 +01:00
Florent Daigniere
00f07ef533 close #2451: prevent an auth-loop on webmails 2022-11-29 13:29:03 +01:00
Florent Daigniere
3e38e7b89d Remove the dependency on pyOpenSSL 2022-11-27 16:07:48 +01:00
Florent Daigniere
83ef6d773d Make it clear that we don't delete users 2022-11-27 14:14:00 +01:00
Florent Daigniere
c1062f3db2 set the umask 2022-11-25 17:53:25 +01:00
bors[bot]
033889dc95
Merge #2542 #2559
2542: Implement header authentication via external proxy r=mergify[bot] a=nextgens

## What type of PR?

Feature

## What does this PR do?

Implement header authentication via external proxy

### Related issue(s)
- closes #1972
- closes #2183

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


2559: Turns out that php81-ctype is required by roundcube r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

It solves:
```
[25-Nov-2022 08:19:20] WARNING: [pool php] child 335 said into stderr: "NOTICE: PHP message: PHP Fatal error:  Uncaught Error: Call to undefined function Masterminds\HTML5\Parser\ctype_alpha() in /var/www/roundcube/vendor/masterminds/html5/src/HTML5/Parser/Tokenizer.php:140"
[25-Nov-2022 08:19:20] WARNING: [pool php] child 335 said into stderr: "Stack trace:"
[25-Nov-2022 08:19:20] WARNING: [pool php] child 335 said into stderr: "#0 /var/www/roundcube/vendor/masterminds/html5/src/HTML5/Parser/Tokenizer.php(82): Masterminds\HTML5\Parser\Tokenizer->consumeData()"
[25-Nov-2022 08:19:20] WARNING: [pool php] child 335 said into stderr: "#1 /var/www/roundcube/vendor/masterminds/html5/src/HTML5.php(161): Masterminds\HTML5\Parser\Tokenizer->parse()"
[25-Nov-2022 08:19:20] WARNING: [pool php] child 335 said into stderr: "#2 /var/www/roundcube/vendor/masterminds/html5/src/HTML5.php(89): Masterminds\HTML5->parse('<html>\n    <hea...', Array)"
[25-Nov-2022 08:19:20] WARNING: [pool php] child 335 said into stderr: "#3 /var/www/roundcube/program/lib/Roundcube/rcube_washtml.php(700): Masterminds\HTML5->loadHTML('<html>\n    <hea...')"
[25-Nov-2022 08:19:20] WARNING: [pool php] child 335 said into stderr: "#4 /var/www/roundcube/program/actions/mail/index.php(975): rcube_washtml->wash('<html>\n    <hea...')"
[25-Nov-2022 08:19:20] WARNING: [pool php] child 335 said into stderr: "#5 /var/www/roundcube/program/actions/mail/index.php(1019): rcmail_action_mail_index::wash_html('<!doctype html>...', Array, Array)"
[25-Nov-2022 08:19:20] WARNING: [pool php] child 335 said into stderr: "#6 /var/www/roundcube/program/actions/mail/show.php(720): rcmail_action_mail_index::pr..."
```

see https://github.com/roundcube/roundcubemail/issues/7049


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-11-25 10:40:47 +00:00
bors[bot]
e0d42cadc0
Merge #2546
2546: Implement a GUI for WILDCARD_SENDERS r=mergify[bot] a=nextgens

## What type of PR?

Feature

## What does this PR do?

- Implement a GUI for WILDCARD_SENDERS

### Related issue(s)
- closes #2372

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2022-11-25 10:33:19 +00:00
Alexander Graf
b0990460a4
Fix error display 2022-11-25 11:32:21 +01:00
Alexander Graf
53720876b4
Colorize feature badges 2022-11-25 10:47:49 +01:00
Florent Daigniere
3721a6aa02 Merge branch 'master' of https://github.com/Mailu/Mailu into HEAD 2022-11-24 15:20:01 +01:00
bors[bot]
2104c04e3b
Merge #2544
2544: Fix #2242: Make quotas adjustable in 50MiB increments r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Make quotas adjustable in 50MiB increments

### Related issue(s)
- closes #2242

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-11-24 14:18:10 +00:00
Florent Daigniere
19bd9362d3 As suggested by ghost 2022-11-24 14:56:26 +01:00
Florent Daigniere
12117cef37 Reduce the scope of the try: except 2022-11-24 12:16:25 +01:00
Florent Daigniere
546884d10c ghost's requested changes 2022-11-24 09:31:27 +01:00
Florent Daigniere
c1144612be
fix sorting 2022-11-23 17:13:15 +01:00
bors[bot]
9c6e9b05db
Merge #2543
2543: Fix #2231: make public announcements work r=nextgens a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Ensure public announcements bypass filters.

They can still time-out... but this is already a big improvement that we should be able to backport.

### Related issue(s)
- closes #2231

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-11-23 09:32:17 +00:00
Florent Daigniere
45b01db9de Fix the language switcher 2022-11-21 11:01:01 +01:00
Florent Daigniere
3fc0a0e7fa Merge branch 'master' of https://github.com/Mailu/Mailu into fetchmail-improvements 2022-11-21 10:40:02 +01:00
Florent Daigniere
4da2db1b0b add comment as requested 2022-11-21 10:38:44 +01:00
Florent Daigniere
c79e8d3852 Fix display bug 2022-11-21 10:37:36 +01:00
bors[bot]
553b02fb3d
Merge #2529
2529: Improve fetchmail r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Improve fetchmail:
- allow delivery via LMTP (faster, bypassing the filters)
- allow several folders to be retrieved
- run fetchmail as non-root
- tweak the compose file to ensure we have all the dependencies

### Related issue(s)
- closes #1231 
- closes #2246 
- closes #711

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.

Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
2022-11-21 09:28:15 +00:00
Florent Daigniere
dcf11aea48 Don't force a password reset 2022-11-20 16:33:21 +01:00
Florent Daigniere
7822b41048 same for domains 2022-11-20 12:35:10 +01:00
Florent Daigniere
ef9cc3c866 Show spoofing on /admin/user/list too 2022-11-20 11:09:04 +01:00
Florent Daigniere
38507b2e1b Close #2372: Implement a GUI for WILDCARD_SENDERS 2022-11-20 10:19:28 +01:00
Florent Daigniere
cf7404e26c Fix #2242: Make quotas adjustable in 50MiB increments 2022-11-19 20:33:20 +01:00
Florent Daigniere
b20bf996ec Fix #2231: make public announcements work 2022-11-19 18:44:30 +01:00
Florent Daigniere
e2d4e3eb2e Implement header authentication via external proxy 2022-11-19 17:59:31 +01:00
bors[bot]
f43c8c652e
Merge #2483 #2535
2483: Introduce FETCHMAIL_ENABLED r=mergify[bot] a=DjVinnii

## What type of PR?

Enhancement

## What does this PR do?
Add `FETCHMAIL_ENABLED` to enable/disable the Fetchmail functionality in the Admin UI.

### Related issue(s)
- closes #2127

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


2535: fix the linux/arm/v7 build r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

The arm builder is running aarch64 ... and there is no package for arm/v7


Co-authored-by: Vincent Kling <v.kling@vinniict.nl>
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-11-16 12:30:33 +00:00
Dimitri Huisman
8afb544a10
Default FETCHMAIL_ENABLED to False 2022-11-16 12:12:04 +00:00
bors[bot]
40bdf7a6d9
Merge #2530
2530: disable SESSION_COOKIE_SECURE when TLS_FLAVOR=notls r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

People are unlikely to proxy everything

### Related issue(s)
- closes #2527

Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-11-15 12:20:49 +00:00
Florent Daigniere
b9e5560fb6 Better way to express the same thing
Thanks @ghostwheel42
2022-11-15 12:47:38 +01:00
Florent Daigniere
66de1dcec8 Change the logic
The idea here is that if you have set SESSION_COOKIE_SECURE we should
honor that... and if you haven't we should try to do the right thing.
2022-11-15 10:47:20 +01:00
Florent Daigniere
19af2944d7 Refactor as requested 2022-11-14 19:05:41 +01:00
Alexander Graf
6b470ac403
Allow proper JS debugging, speed-up assets dev-build, disable redirect-debug by default. 2022-11-14 17:40:26 +01:00
Florent Daigniere
6474108056 Use a join() instead 2022-11-14 16:36:37 +01:00
Florent Daigniere
c0c91691fd Fix the issue on /admin/fetch/edit 2022-11-14 16:24:09 +01:00
Florent Daigniere
505bb79a78 Don't set the secure Cookie flag if TLS_FLAVOR=notls 2022-11-14 15:11:11 +01:00
Florent Daigniere
08a9ab9a56 Improve fetchmail 2022-11-14 12:18:35 +01:00
bors[bot]
8a90f83bd0
Merge #2514
2514: Update deps r=mergify[bot] a=ghostwheel42

## What type of PR?

update python dependencies

## What does this PR do?

Update python deps in base image


Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2022-11-11 15:53:25 +00:00
bors[bot]
0839490beb
Merge #2479
2479: Rework the anti-spoofing rule r=mergify[bot] a=nextgens

## What type of PR?

Feature

## What does this PR do?

We shouldn't assume that Mailu is the only MTA allowed to send emails on behalf of the domains it hosts.
We should also ensure that it's non-trivial for email-spoofing of hosted domains to happen

Previously we were preventing any spoofing of the envelope from; Now we are preventing spoofing of both the envelope from and the header from unless some form of authentication passes (is a RELAYHOST, SPF, DKIM, ARC)

### Related issue(s)
- close #2475

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-11-09 15:16:36 +00:00
Alexander Graf
e0d2432c6b
Rename data-ordered to data-sort 2022-11-08 16:22:24 +01:00
Alexander Graf
2a4402cdc2
Fix datatable for list fo sign-up domains 2022-11-08 13:27:57 +01:00
Alexander Graf
af6cf5fd1d
Fix language selector without session 2022-11-08 13:27:57 +01:00
Alexander Graf
2778641e78
Fix screen reader title of language selector 2022-11-08 13:27:56 +01:00
Alexander Graf
4776094ea7
Configure datatables on missing tables, add sign in button to sso page. 2022-11-08 13:27:56 +01:00
Alexander Graf
6218b36372
configure datatables via html5 data attributes 2022-11-08 13:27:56 +01:00
Alexander Graf
a74396a9ef
Fix wtforms usage 2022-11-08 13:27:33 +01:00
Alexander Graf
4b179d9008
Merge branch 'master' into hibp 2022-11-07 23:05:51 +01:00
Alexander Graf
defd533319
Don't duplicate hidden fields 2022-11-07 16:16:09 +01:00
Alexander Graf
fd8570ec34
Remove unused QUOTA_STORAGE_URL 2022-11-04 22:20:08 +01:00
Alexander Graf
1d90dc3ea3
Allow running without redis 2022-11-04 18:54:59 +01:00
Alexander Graf
8732b70b30
Add shell script to run admin dev environment 2022-11-04 18:08:23 +01:00
Alexander Graf
311f41c331
Add missing hidden fields 2022-11-04 13:35:38 +01:00
Alexander Graf
27a5f9db65
Reformatting 2022-11-04 13:35:13 +01:00
Vincent Kling
83fdc07a6f Default FETCHMAIL_ENABLED to True 2022-11-04 11:59:26 +01:00
bors[bot]
e0ff135a00
Merge #2498
2498: Implement ITERATE in podop r=mergify[bot] a=nextgens

## What type of PR?

Feature

## What does this PR do?

This makes ``doveadm -A`` work.

The easiest way to try it out is:
```
doveadm dict iter proxy:/tmp/podop.socket:auth shared/userdb

or 

doveadm user '*'
```

The protocol is described at https://doc.dovecot.org/developer_manual/design/dict_protocol/
The current version of dovecot is not using flags... so there's little gain in implementing them.

### Related issue(s)
- close #2499

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2022-11-03 16:54:24 +00:00
Alexander Graf
c57706ad27
Duh 2022-11-03 17:50:39 +01:00
Alexander Graf
46773f639b
Return 404 is user-id cannot be parsed 2022-11-03 17:45:21 +01:00
Alexander Graf
595b32cf97
Fix quota return value 2022-11-03 17:37:21 +01:00
Alexander Graf
bec0b1c3b2
Fix variable name 2022-11-03 17:26:27 +01:00
Florent Daigniere
001acd60ac doh2 2022-11-03 16:44:18 +01:00
Alexander Graf
dec5309ef9
Fix typo 2022-11-03 16:39:29 +01:00
Florent Daigniere
6b7026ef69 Here too 2022-11-03 16:28:07 +01:00
Florent Daigniere
66250e396c refactor 2022-11-03 16:19:44 +01:00
wkr
d920b3d037 fix(auto-reply): include start and end dates in the auto-reply period; issue #2512 2022-11-02 17:48:22 +01:00
Alexander Graf
91f86a4c2a
Resolve using socrate function 2022-10-31 23:58:52 +01:00
Florent Daigniere
9cb8df57c6 enforce at least 8 chars 2022-10-31 19:48:13 +01:00
Florent Daigniere
afbaabd8cd v1 2022-10-31 19:41:40 +01:00
Florent Daigniere
c1f571a4c3 Speed things up.
If we want to go further than this we should change podop's incr(), pass
the flags and make admin process the results.
2022-10-31 08:48:55 +01:00
Florent Daigniere
cf34be967c Implement ITERATE 2022-10-30 20:15:10 +01:00
bors[bot]
12480ccbff
Merge #2328
2328: Feature: Configurable default spam threshold used for new users r=mergify[bot] a=enginefeeder101

## What type of PR?

Feature

## What does this PR do?

This PR adds functionality to set a custom default spam threshold
for new users. The environment variable ``DEFAULT_SPAM_THRESHOLD`` is
used for this purpose. When not set, it defaults back to 80%, as the
default value was before.

If ``DEFAULT_SPAM_THRESHOLD`` is set to a value that Python cannot
parse as an integer, a ValueError is thrown. There is no error handling
for that case built-in. Should that be done?

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: enginefeeder101 <enginefeeder101@users.noreply.github.com>
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2022-10-29 11:44:04 +00:00
Dimitri Huisman
06b784da57
Shorten default function by using lambda 2022-10-29 08:57:48 +00:00
bors[bot]
9975a793fe
Merge #2458
2458: Fix: Don't update updated_at on quota_bytes_used change r=mergify[bot] a=DjVinnii

## What type of PR?

bug-fix

## What does this PR do?

This PR makes sure that the `updated_at` field is not updated when `quota_bytes_used` is updated. All other updates to the `User` model still updates the `updated_at` field. 

This is done by explicitly using an method in the `Base` class triggering [`flag_modified`][url-flag-modified].

### Related issue(s)
- closes #1363

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.

<!-- LINKS-->
[url-flag-modified]: https://docs.sqlalchemy.org/en/14/orm/session_api.html#sqlalchemy.orm.attributes.flag_modified


Co-authored-by: Vincent Kling <v.kling@vinniict.nl>
2022-10-28 20:09:10 +00:00
Vincent Kling
6363acf30a Add dont_change_updated_at to fetch_done 2022-10-28 10:19:30 +02:00
Vincent Kling
6b785abb01 Rename flag_updated_at_as_modified to dont_change_updated_at 2022-10-28 10:05:47 +02:00
Florent Daigniere
84a722eabc Optimize the query 2022-10-24 19:31:53 +02:00
Vincent Kling
8a60b658b4 Implement FETCHMAIL_ENABLED 2022-10-20 13:41:35 +02:00
Vincent Kling
23d06a5761 Fix a bunch of typos 2022-10-19 19:41:49 +02:00
Florent Daigniere
0204c9e59d doh 2022-10-19 16:08:29 +02:00
Florent Daigniere
8775a2bf04 untested code that may just work 2022-10-19 15:28:20 +02:00
Florent Daigniere
3e51d15b03 Remove the strict anti-spoofing rule. 2022-10-18 15:58:53 +02:00
Vincent Kling
bda404182f Replace before update listener with method in the Base class 2022-10-07 11:17:46 +02:00
bors[bot]
1cdc4e76b4
Merge #2455
2455: Fix/missing tanslations r=mergify[bot] a=DjVinnii

## What type of PR?

Fix/Enhancement

## What does this PR do?
Add missing Dutch translation, as well as the German translation for `Start of vacation`

### Related issue(s)
- closes #2217

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Vincent Kling <v.kling@vinniict.nl>
Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2022-10-05 12:44:18 +00:00
Dimitri Huisman
5b21fae968 Add missing Dutch translation 2022-10-05 07:22:42 +00:00
Alexander Graf
7682b4fa7f
Fix typo and translate Website with Webseite 2022-09-27 11:50:16 +02:00
Alexander Graf
ffa7d6c565
Updated german translation 2022-09-26 15:22:38 +02:00
Vincent Kling
102d96bc7d Implement event lister to keep updated_at unchanged on quota_bytes_used updates 2022-09-26 09:48:29 +02:00
Vincent Kling
a02a2c26a7 Fix typo 2022-09-25 10:34:41 +02:00
Vincent Kling
486dd06ca8 Add missing German translation for Start of vacation 2022-09-23 15:17:26 +02:00
Vincent Kling
84f60116ea Add missing Dutch translations 2022-09-23 15:14:15 +02:00
Florent Daigniere
6a0e881522 Introduce TLS_PERMISSIVE for port 25
This new advanced setting to harden cipher configuration on port 25. Changing the default is strongly discouraged, please read the documentation before doing so.
2022-09-12 12:53:57 +02:00
Vincent Kling
bab3f0f5a4 Remove POD_ADDRESS_RANGE 2022-09-01 15:08:26 +02:00
Florent Daigniere
355589a23c Apparently SQLAlchemy needs to be told explictely 2022-08-30 14:26:10 +02:00
Florent Daigniere
30b3a3771e Prevent signups with accounts where an alias exists 2022-08-27 18:09:52 +02:00
Dimitri Huisman
81c9e01d24 finishing touches for PR# 2328
Antispam.rst contained a syntax error.
Move config description to common section which is more fitting.
Fixed wrong assignment of default value for DEFAULT_SPAM_THRESHOLD in models.py.
2022-08-19 17:58:33 +00:00
bors[bot]
bae15c0af3
Merge #2404
2404: Forwarding emails option in user settings did not support 1 letter do… r=mergify[bot] a=Diman0

…mains.

## What type of PR?

Bug-fix

## What does this PR do?

Forwarding emails option in user setting did not support 1 letter domains. The regex for checking the validity of  multiple email addresses string has been modified to allow 1 letter domains and to allow 1 letter local part.

### Related issue(s)
- closes #2402 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [n/a] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2022-08-04 15:33:11 +00:00
Dimitri Huisman
57865495d4 Forwarding emails option in user settings did not support 1 letter domains. 2022-08-04 14:51:20 +00:00
Alexander Graf
c478e26d68
Encode domain part of email addresses before returning. 2022-07-28 16:21:34 +02:00
Alexander Graf
5179cf0618
Fix localpart splitting and make code more readable. 2022-07-28 16:20:01 +02:00
enginefeeder101
82860d0f80
Moved parsing environment variable to global application config dictionary
Per requested changes added the ``DEFAULT_SPAM_THRESHOLD`` to the main
application configuration dictionary in ``configuration.py`` and updated
``models.py`` accordingly.
No error handling is added, as that was not required.
2022-06-08 17:13:38 +02:00
enginefeeder101
6c83d25312
Configurable default spam threshold used for new users
This commit adds functionality to set a custom default spam threshold
for new users. The environment variable ``DEFAULT_SPAM_THRESHOLD`` can
be used for this purpose. When not set, it defaults back to 80%, as the
default value was before
If ``DEFAULT_SPAM_THRESHOLD`` is set to a value that Python cannot
parse as an integer, a ValueError is thrown. There is no error handling
for that case built-in.
2022-06-08 16:59:28 +02:00
Florent Daigniere
04b7ddfffd Merge remote-tracking branch 'upstream/master' into Riscue-master 2022-05-22 19:01:31 +02:00
Florent Daigniere
d2aa647a9f l10n 2022-05-22 19:00:46 +02:00
hitech95
fc8926493c admin: graceful fail on user fetch in basic auth
Signed-off-by: hitech95 <nicveronese@gmail.com>
2022-03-27 13:17:57 +02:00
bors[bot]
c15e4e6015
Merge #2276
2276: Autoconfig of email clients r=mergify[bot] a=nextgens

## What type of PR?

Feature

## What does this PR do?

It provides auto-configuration templates for email clients and encourages them to use implicit TLS (see https://nostarttls.secvuln.info/)

There are numerous caveats:
- it will only work if suitable DNS records are created and certificates obtained (autoconfig, autodiscover, ...)
- the mobileconfig file isn't signed
- the credentials will be prompted... we could/should provision a token on each request instead
- it currently doesn't advertise caldav
- it's IMAP only

### Related issue(s)
- close #224 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-03-22 08:53:47 +00:00
Alexander Graf
64ad6931e9
Move 'is_valid_user = user is not None' into else 2022-03-18 20:08:16 +01:00
Alexander Graf
630a4e9b5e
Update auth.py
Add spaces
2022-03-18 20:05:16 +01:00
Maximilian Fischer
8775dc5b15 Fixing AUTH_RATELIMIT_IP not working on imap/pop3/smtp
#2283
2022-03-17 20:36:23 +01:00
Florent Daigniere
ce9dc3a335 ghostwheel42's suggestion 2022-03-17 11:39:57 +01:00
Florent Daigniere
83140322e0 ghostwheel42's suggestion 2022-03-17 11:38:22 +01:00
Florent Daigniere
3aa735cc2d ghostwheel42's suggestion 2022-03-17 11:37:01 +01:00
Florent Daigniere
9bc963f19b don't think the escaping is required but it was there 2022-03-16 14:58:43 +01:00
Florent Daigniere
3e6f3a95a4 Reflect the data from the POST 2022-03-16 14:43:14 +01:00
Florent Daigniere
14931c4acd doh 2022-03-16 14:14:03 +01:00
Florent Daigniere
c6c444cfa7 simplify 2022-03-16 14:04:02 +01:00
Florent Daigniere
373e6d2161 doh 2022-03-16 14:04:02 +01:00
Florent Daigniere
184c9bc566 Add json redirect 2022-03-16 14:04:02 +01:00
Florent Daigniere
9a2d8d63a3 Search and replace wasn't a good idea 2022-03-16 14:04:02 +01:00
Florent Daigniere
c50750054b Allow POST 2022-03-16 14:04:02 +01:00
Florent Daigniere
71897f4ff0 Doh 2022-03-16 14:04:02 +01:00
Florent Daigniere
6fc1273b58 Add a link to autoconfigure apple devices 2022-03-16 14:04:02 +01:00
Florent Daigniere
0bccb5045c STARTTLS is a bad idea 2022-03-16 14:04:02 +01:00
Florent Daigniere
81b592f3cb try to get LE certs for the new names 2022-03-16 14:04:02 +01:00
Florent Daigniere
a3f9e2beee Use priorities instead 2022-03-16 14:04:02 +01:00
Florent Daigniere
2b62a6327a Do explicit TLS where possible 2022-03-16 14:04:02 +01:00
Florent Daigniere
c817eaf608 Add the SRV record for autodiscover 2022-03-16 14:04:02 +01:00
Florent Daigniere
cdc92aa65b Mobileconfig apple style 2022-03-16 14:04:02 +01:00
Florent Daigniere
ccd2cad4f1 Autodiscovery microsoft style 2022-03-16 14:04:02 +01:00
Florent Daigniere
523cee1680 Autoconfig mozilla-style 2022-03-16 14:04:02 +01:00