1
0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-14 10:53:30 +02:00
Commit Graph

1978 Commits

Author SHA1 Message Date
Dimitri Huisman
c2348fc28f
Initial changes for new release. Releases.rst and CHANGELOG.md must still be updated. 2024-03-16 16:35:34 +00:00
Florent Daigniere
a1d8ff630f review2 2024-03-11 14:45:59 +01:00
Florent Daigniere
58b1738d8c api 2024-03-11 11:15:15 +01:00
Florent Daigniere
0171c6d0f8 review 2024-03-11 11:12:53 +01:00
Florent Daigniere
b2d37c4323 Make it clear that there may be more than one 2024-03-11 10:26:38 +01:00
Florent Daigniere
7089cfea48 Ensure we also pin ISRG X2 in TLSA 2024-03-11 10:21:54 +01:00
Florent Daigniere
851c4f8403 Alpine 3.19.1 2024-03-10 16:44:18 +01:00
Florent Daigniere
494147eedf Need newer cryptography 2024-03-10 16:17:49 +01:00
Florent Daigniere
8c842ff3aa Create a fake husky to fix the CI 2024-03-10 15:52:59 +01:00
Florent Daigniere
86adf07461 Ensure we always send an ISRG root for DANE 2024-03-10 12:19:40 +01:00
Florent Daigniere
dec5fecdb4 Ensure that nginx and dovecot are reloaded 2024-03-05 10:12:45 +01:00
bors-mailu[bot]
1612b11e62
Merge #3138
3138: Update dependencies and re-enable flask toolbar r=nextgens a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

Update python dependencies to versions without known security vulnerabilities.
Also re-enable flask debug toolbar which was disabled earlier.

werkzeug < 2.3.8: CVE-2023-46136
aiohttp < 3.9.0: CVE-2023-49081 CVE-2023-49082
cryptography >= 3.1 < 41.0.6: CVE-2023-49083
jinja2 < 3.1.3: CVE-2024-22195

Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2024-02-29 17:45:16 +00:00
Florent Daigniere
2afa9dca51 Fix ooo/sieve when proxy protocol is in use 2024-02-29 13:06:15 +01:00
darkclip
1ce76f92cb update zh translation 2024-02-22 14:38:20 +08:00
su-ex
324b723efa
Add trailing semicolon for DMARC authorisation record
This seems to be necessary: https://stackoverflow.com/a/72463456
2024-01-26 12:59:44 +01:00
Alexander Graf
a1e395c581
Update dependencies and re-enable flask toolbar 2024-01-21 18:42:51 +01:00
Alexander Graf
40f26f1ce3
Define copy msg more precisely 2024-01-21 18:38:33 +01:00
Alexander Graf
4213da1ce1
Replace awk with sed 2024-01-21 17:26:27 +01:00
Alexander Graf
b706a16e6b
Improve usage message 2024-01-21 16:03:47 +01:00
bors-mailu[bot]
5fcbe7a2fe
Merge #3097
3097: Upgrade alpine and node r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Upgrade alpine to 3.19.0 and node to node 21

That's php 8.3 and snappymail 2.31.0

### Related issue(s)


## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2024-01-10 16:41:32 +00:00
Florent Daigniere
bc863b4bbc Long term fix against SMTP smuggling 2023-12-28 08:51:50 +01:00
bors-mailu[bot]
df5b48a52d
Merge #3100
3100: Do not block webmail when we have a valid SSO session r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Ensure we do not block webmail when we have a valid SSO session

### Related issue(s)
- close  #3094

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-12-22 08:43:12 +00:00
Florent Daigniere
64d83d061e Prevent SMTP smuggling 2023-12-21 18:17:29 +01:00
Florent Daigniere
325aa5452b Do not block webmail when we have a valid SSO sess 2023-12-21 12:37:08 +01:00
Florent Daigniere
0e522fceb7 Upgrade alpine, node, PHP and snappymail 2023-12-20 14:08:49 +01:00
Florent Daigniere
98848b45c7 Do the minimum to solve the problem at hand 2023-12-20 12:06:44 +01:00
Florent Daigniere
30574445e4 Better regexp 2023-12-20 11:41:45 +01:00
Florent Daigniere
422f005c3f Fix 3095 2023-12-19 18:25:04 +01:00
Florent Daigniere
1f19ac5d8d Slow down the turtle policy 2023-11-30 18:17:53 +01:00
Florent Daigniere
8ae6b4dd89 Doh 2023-11-15 09:45:40 +01:00
bors-mailu[bot]
a1158ec224
Merge #3044
3044: Add a sigterm handler to make docker stop go faster r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

- Add a sigterm handler to make ``docker stop`` go way faster
- Ensure we don't log requests to /ping in admin
- Fixup doc
- Upgrade WTForms to fix alias creation

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
2023-11-14 19:10:40 +00:00
Florent Daigniere
ffe823d6bc Upgrade to WTForms==3.1.1 2023-11-14 14:47:16 +01:00
Florent Daigniere
e3675a676c Reject on OLETOOLS too 2023-11-10 12:24:14 +01:00
Florent Daigniere
aefbd9552c fix clamav handling 2023-11-10 12:00:29 +01:00
Florent Daigniere
38b6d360d3
Update system.py
promote to log.critical()
2023-11-09 10:26:04 +01:00
Florent Daigniere
e75834f746
Update system.py
143 is the standard following SIGTERM
2023-11-09 10:20:42 +01:00
Florent Daigniere
81b458efe2 Maybe fix the log-filter on admin 2023-11-07 17:02:32 +01:00
Florent Daigniere
1c26368b37 Add a sigterm handler to make docker go faster 2023-11-07 16:55:24 +01:00
bors-mailu[bot]
fd66c76c83
Merge #3033
3033: Enable snowball on FTS r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Enable [snowball](http://snowball.tartarus.org/algorithms/english/stemmer.html), a filter that will significantly cut down the size of FTS indexes.

It looks like the packages for aarch64 haven't been built yet... but this works on x64_86.
Don't unblock as long as  https://dl-cdn.alpinelinux.org/alpine/edge/testing/aarch64/dovecot-fts-flatcurve-0.3.4-r3.apk is 404

### Related issue(s)
- close #2977 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-11-07 15:07:07 +00:00
bors-mailu[bot]
b7ca4eb9f0
Merge #3032
3032: Update all python dependencies r=mergify[bot] a=Diman0

## What type of PR?

enhancement

## What does this PR do?
Updates all dependencies. Unfortunately multiple things were deprecated such as
* `@babel.localeselector` decorator
* app.app.session_cookie_name
* app.before_first_request

Unfortunately flask_debugtoolbar is not compatible with the updated version of flask.
Flask-SQLAlchemy cannot be updated to 3.0.5 because this introduces an error/bug.

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [n/a] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2023-11-06 14:48:09 +00:00
bors[bot]
a69071628f
Merge #3023
3023: Add zonefile download r=mergify[bot] a=MajliTech

## What type of PR?

Feature

## What does this PR do?
On /admin/domain/details/{domain}, adds a button to redirect to /admin/domain/details/{domain}/zonefile, which downloads a zonefile for this domain.

closes #2618

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [X] In case of feature or enhancement: documentation updated accordingly
- [X] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Miłosz <hello@majlitech.pl>
Co-authored-by: Miłosz Thiede <git@majlitech.pl>
Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2023-11-02 16:01:03 +00:00
Alexander Graf
901e4a772d
Remove surplus double quote 2023-11-02 15:58:15 +01:00
Florent Daigniere
a918cdb6bd Increase the timeout of oletools to match clamav's 2023-11-01 08:19:25 +01:00
Florent Daigniere
b5ecaa278e Enable snowball 2023-11-01 08:12:03 +01:00
Dimitri Huisman
5bee3c031b
Update all dependencies.
All changes were recreated due to deprecated functionalities introduced
by updating the dependencies
2023-10-31 19:55:58 +00:00
Dimitri Huisman
ac9a8a458f
Increase connect timeout for clamav (hopefully this fixs CI filter test) 2023-10-31 12:49:05 +00:00
Alexander Graf
16af54b15d
Only use split key in zonefile, not in gui/api/export 2023-10-30 16:00:43 +01:00
Miłosz Thiede
9905806c97 create a button 2023-10-29 11:50:43 +01:00
Miłosz Thiede
1504483677 make it save as a file, name {domain}-zonefile.txt 2023-10-29 11:50:36 +01:00
Miłosz Thiede
83f3b7722c add a button to download zonefile 2023-10-29 11:30:06 +01:00