self-hosted/Mailu
1
0
Fork 0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-14 10:53:30 +02:00
Code Issues Releases Activity
272 Commits 115 Branches 124 Tags 117 MiB
883afb30cd
Commit Graph

272 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Pierre Jaury
883afb30cd Remove unnecessary spaces in env file 2016-10-02 09:50:36 +02:00
kaiyou
1ae8fe6af1 Merge pull request #73 from diresi/junk_filter 
dovecot: use rspamd X-Spamd-Result percentage to evaluate spam
 2016-10-02 09:46:48 +02:00
Pierre Jaury
c02faada94 Remove deprecated references to flask_wtf.Form, fix #72 2016-10-02 09:33:07 +02:00
Pierre Jaury
e7399e6926 Add a development run.py script 2016-10-02 09:19:34 +02:00
Christoph Rissner
b9de28e910 dovecot: use rspamd X-Spamd-Result percentage to evaluate spam 
- configures dovecot to use the spamtest sieve plugins
- configures sieve to read the score from X-Spamd-Result: headers
- before.sieve applies the ${spam_threshold} to the spamtest percentage
- freeposte.db stores a percentage for ${spam_threshold}
- migrate freeposte.db spam_threshold from X/15 to percentages

the filter investigates the overall ratio of the `rspamd` header
`X-Spamd-Result` that looks something like this:

X-Spamd-Result: default: True [12.36 / 15.00]
 RBL_SPAMHAUS_XBL(4.00)[]
 BAYES_SPAM(3.06)[92.67%]
 RBL_SPAMHAUS_XBL_ANY(4.00)[]
 ONCE_RECEIVED_STRICT(4.00)[]
 HFILTER_HELO_BAREIP(3.00)[]
 RBL_SORBS_DUL(2.00)[]
 HFILTER_HOSTNAME_UNKNOWN(2.50)[]
 RBL_SPAMHAUS_PBL(2.00)[]
 RBL_SORBS_RECENT(1.50)[]
 MIME_UNKNOWN(0.10)[application/x-rar-compressed]
 RDNS_NONE(1.00)[]
 RBL_SORBS(0.00)[]
 R_SPF_NEUTRAL(0.00)[?all]
 ONCE_RECEIVED(0.10)[]
 RBL_SEM(1.00)[]
 MIME_HTML_ONLY(0.20)[]
 RBL_UCEPROTECT_LEVEL1(1.00)[]
 MIME_GOOD(-0.10)[multipart/mixed]

the sieve `spamtest :percent :value` in this case would be
   100*12.36/15 = 82.4%
 2016-09-30 11:21:29 +02:00
kaiyou
79adbbb76c Merge pull request #69 from aminb/message_size_limit 
Default message_size_limit to 50MB
 2016-09-25 11:49:04 +02:00
Amin Bandali
b5aec1f065 Default message_size_limit to 50MB 
Add MESSAGE_SIZE_LIMIT variable in .env to allow setting the message
size limit for postfix.
 2016-09-24 19:46:10 -04:00
Pierre Jaury
525089a531 Do not leak information about existing domains or users 2016-09-13 20:59:25 +02:00
Pierre Jaury
dcda715382 Force temporary files to /tmp, related to #54 2016-09-10 13:17:55 +02:00
Pierre Jaury
2cb4a44b5a Display fetchmail errors to the user, fixes #23 2016-09-10 13:05:55 +02:00
Pierre Jaury
709869d4ba Escape fetchmail parameters properly 2016-09-10 12:27:43 +02:00
Pierre Jaury
55d5121816 Buld the proper http image 2016-09-10 12:08:22 +02:00
Pierre Jaury
f07615c4a4 Do not expose the Web admin interface by default, fixes #40 2016-09-10 12:08:22 +02:00
Pierre Jaury
ec5a75f603 Proxify to webmail only if enabled, related to #40 2016-09-10 12:08:22 +02:00
kaiyou
18253b1dd3 Merge pull request #61 from vhf/admin-creation 
Allow admin creation after initial setup
 2016-09-09 12:36:02 +02:00
kaiyou
c1770a1dc1 Merge pull request #62 from vhf/typofix 
Fix a typo in the admin UI
 2016-09-09 12:35:29 +02:00
Victor Felder
3976a5b38e Allow admin creation after initial setup 2016-09-09 11:07:05 +02:00
Victor Felder
97d952d7f1 Fix a typo 2016-09-09 11:06:43 +02:00
Pierre Jaury
3f6175c34a Remove deprecated awl settings 2016-09-03 14:40:50 +02:00
Pierre Jaury
382030a7aa Revert to using 'latest' for testing 2016-09-03 14:16:13 +02:00
Pierre Jaury
d60ef1991c Add a rainloop Webmail image, fixes #58 2016-09-03 14:10:42 +02:00
Pierre Jaury
f5b9f569ca Add a link to the demo server documentation 2016-09-03 12:39:30 +02:00
kaiyou
cbc6bb5dd6 Merge pull request #55 from kaiyou/feat-refactor-permissions 
Refactor the access control code
 2016-08-31 13:45:50 +02:00
Pierre Jaury
40b9883c8c Filter outgoing email headers, fixes #52 2016-08-29 22:41:31 +02:00
Pierre Jaury
92bbfde195 Add a PNG logo for rendering 2016-08-29 21:17:29 +02:00
Pierre Jaury
56e6c7565e Add a draft logo 2016-08-29 21:15:20 +02:00
Pierre Jaury
e24da96e58 Add some documentation to access decorators 2016-08-29 20:30:59 +02:00
Pierre Jaury
09bec055fd Fix domain deletion permissions 2016-08-29 20:22:44 +02:00
Pierre Jaury
c1f9b61dac Add a simple permission audit script 2016-08-29 20:18:00 +02:00
Pierre Jaury
f8dcef22ef Fix the manager deletion behaviour 2016-08-29 19:40:18 +02:00
Pierre Jaury
f541a951de Remove obsolete utils module 2016-08-29 19:36:37 +02:00
Pierre Jaury
713318f097 Clean imports and remove calls to the utils module 2016-08-29 19:35:09 +02:00
Pierre Jaury
ee9a416696 Implement the decorator-based access control for all views 2016-08-29 19:24:39 +02:00
Pierre Jaury
4e4f2b8037 First shot at improving access control, related to #42 
A couple of things are important to note for this commit:
- it only implements the new access control for alias and admin management
- the access control code is located in access.py

The idea behind simpler access control is auditability. There have been a
couple of bugs related to functions not checking permissions properly. If
checking permissions is as simple as decorating a function, exporting the
permission scheme for an audit should be simple.

Also, this still does not address the information leakage related to 404 errors
when an object does not exist, independently of permissions the user has over
the domain.
 2016-08-28 15:23:57 +02:00
Pierre Jaury
3ea3bc1d8e Enforce permission checks for admin management 2016-08-27 15:05:30 +02:00
kaiyou
ee6e9b2690 Add a reference to the Freenode IRC channel. 2016-08-27 14:39:58 +02:00
Pierre Jaury
6dc9131b97 Fix the wildcard migration script, fixes #53 2016-08-23 22:46:21 +02:00
Pierre Jaury
26f7f5a73b Change the env file name in the README file 2016-08-21 16:06:59 +02:00
Pierre Jaury
bac20081ee Split the environment file into sections 2016-08-21 15:53:00 +02:00
Pierre Jaury
d2d84acd5f Comment all 'build' directives 2016-08-21 15:08:29 +02:00
Pierre Jaury
e3197f9156 Have the admin interface listen on localhost 2016-08-21 15:01:07 +02:00
Pierre Jaury
1b6c514dc5 Disable the frontend Web server by default 2016-08-21 14:24:07 +02:00
Pierre Jaury
a8eafc508a Default listen on localhost only 2016-08-20 17:01:12 +02:00
Pierre Jaury
7ac44eabeb Add a VERSION variable to avoid modifying the docker-compose file 2016-08-20 16:52:44 +02:00
Pierre Jaury
14ec783ef7 Add a dynamic Webmail option with a 'none' container 2016-08-20 16:48:29 +02:00
Pierre Jaury
cf84b82c57 Move the configuration file to .env to support global variables 2016-08-20 16:32:10 +02:00
Pierre Jaury
581a0882af Pull images from Docker Hub by default 2016-08-20 14:49:42 +02:00
Pierre Jaury
8fc95a96d2 Disable debug and set an explicit default secret key 2016-08-20 14:35:42 +02:00
Pierre Jaury
ef5d3a77c6 Pull images from Docker Hub by default 2016-08-20 14:34:52 +02:00
Pierre Jaury
8601d5b8db Fix #49 when deleting a global admin 2016-08-20 12:46:29 +02:00