self-hosted/Mailu
1
0
Fork 0
mirror of https://github.com/Mailu/Mailu.git synced 2025-01-20 03:29:50 +02:00
Code Issues Releases Activity
337 Commits 121 Branches 130 Tags
Commit Graph

135 Commits

Author SHA1 Message Date
Pierre Jaury
c3b9756000 Announcement to all users, fixes #16 2016-11-10 10:48:37 +01:00
Stefan Auditor
eacf2a363b Add german translation 2016-11-09 21:47:56 +01:00
Pierre Jaury
9ef706517a Add the Docker client helper 2016-11-09 16:49:18 +01:00
Pierre Jaury
9e0718b00f Speed up local builds of the admin container 2016-11-09 16:46:38 +01:00
Pierre Jaury
a8bc8e9d4b Reload Docker containers when certificates are generated 2016-11-09 16:38:30 +01:00
Pierre Jaury
bbf71b262e Move docker related features to a separate module 2016-11-09 16:38:17 +01:00
Pierre Jaury
4246179b88 First working certificate generation code, related to #35 2016-11-09 16:18:16 +01:00
Pierre Jaury
a9cb1e2d11 Change the spam threshold to an integer, related to #103 2016-11-08 20:34:38 +01:00
Pierre Jaury
afbcb9b8c6 Remove an exception trigger in the main init file 2016-11-08 20:34:38 +01:00
d-fens
40820e4701 Fix admin template to reference github repository 2016-11-08 13:35:49 +00:00
Pierre Jaury
c9aff0691b Add a scheduler to the Flask application 2016-11-06 17:00:10 +01:00
Pierre Jaury
d4f93e39db Select translation based on browser configuration, fixes #100 2016-11-06 12:48:24 +01:00
kaiyou
9f09e0c8e0 Update messages.po (POEditor.com) 2016-11-06 12:33:30 +01:00
Pierre Jaury
013286b8e1 Rename the freeposte/mailu directory and database 2016-10-29 13:42:39 +02:00
Pierre Jaury
7be2d458d9 Use Email as a mixin and explicitely specify table names 
This also fixes #77, as explained in the ticket, because Flask
SQlAlchemy is not accessing declared attributes early anymore.
 2016-10-16 17:21:01 +02:00
Pierre Jaury
c7fe29c957 Push the missing messages.pot 2016-10-13 09:37:24 +02:00
Pierre Jaury
c007b37df7 Display error messages when Docker is unreachable properly, related to #78 2016-10-13 09:32:27 +02:00
Pierre Jaury
984b605d05 Compile translations when building the admin container 2016-10-02 17:38:10 +02:00
Pierre Jaury
acf4addae0 Add initial translations, fix #37 2016-10-02 17:35:11 +02:00
Pierre Jaury
c37ad3557f Missing translations 2016-10-02 17:33:34 +02:00
Pierre Jaury
3fa44613b1 Add a default babel configuration 2016-10-02 14:56:33 +02:00
Pierre Jaury
3ade5641d9 Fix the confirmation form 2016-10-02 14:53:01 +02:00
Pierre Jaury
0beeeade41 Enable Babel for all views 2016-10-02 14:52:50 +02:00
Pierre Jaury
a3ad45c8ac Use babel for base views 2016-10-02 14:43:48 +02:00
Pierre Jaury
fe035114e9 Enable Babel for forms 2016-10-02 14:37:06 +02:00
Pierre Jaury
d3436668d8 Enable Babel 2016-10-02 14:23:44 +02:00
Pierre Jaury
676a9a5d2c Do not redirect users to admin pages, fix #74 2016-10-02 10:14:53 +02:00
Pierre Jaury
c028a3799d Write an equivalence test for domains, fixes #65 
(cherry picked from commit 144f427088acf9439fd9971898296137b8339f9a)
 2016-10-02 10:13:45 +02:00
kaiyou
1ae8fe6af1 Merge pull request #73 from diresi/junk_filter 
dovecot: use rspamd X-Spamd-Result percentage to evaluate spam
 2016-10-02 09:46:48 +02:00
Pierre Jaury
c02faada94 Remove deprecated references to flask_wtf.Form, fix #72 2016-10-02 09:33:07 +02:00
Pierre Jaury
e7399e6926 Add a development run.py script 2016-10-02 09:19:34 +02:00
Christoph Rissner
b9de28e910 dovecot: use rspamd X-Spamd-Result percentage to evaluate spam 
- configures dovecot to use the spamtest sieve plugins
- configures sieve to read the score from X-Spamd-Result: headers
- before.sieve applies the ${spam_threshold} to the spamtest percentage
- freeposte.db stores a percentage for ${spam_threshold}
- migrate freeposte.db spam_threshold from X/15 to percentages

the filter investigates the overall ratio of the `rspamd` header
`X-Spamd-Result` that looks something like this:

X-Spamd-Result: default: True [12.36 / 15.00]
 RBL_SPAMHAUS_XBL(4.00)[]
 BAYES_SPAM(3.06)[92.67%]
 RBL_SPAMHAUS_XBL_ANY(4.00)[]
 ONCE_RECEIVED_STRICT(4.00)[]
 HFILTER_HELO_BAREIP(3.00)[]
 RBL_SORBS_DUL(2.00)[]
 HFILTER_HOSTNAME_UNKNOWN(2.50)[]
 RBL_SPAMHAUS_PBL(2.00)[]
 RBL_SORBS_RECENT(1.50)[]
 MIME_UNKNOWN(0.10)[application/x-rar-compressed]
 RDNS_NONE(1.00)[]
 RBL_SORBS(0.00)[]
 R_SPF_NEUTRAL(0.00)[?all]
 ONCE_RECEIVED(0.10)[]
 RBL_SEM(1.00)[]
 MIME_HTML_ONLY(0.20)[]
 RBL_UCEPROTECT_LEVEL1(1.00)[]
 MIME_GOOD(-0.10)[multipart/mixed]

the sieve `spamtest :percent :value` in this case would be
   100*12.36/15 = 82.4%
 2016-09-30 11:21:29 +02:00
Pierre Jaury
525089a531 Do not leak information about existing domains or users 2016-09-13 20:59:25 +02:00
Pierre Jaury
2cb4a44b5a Display fetchmail errors to the user, fixes #23 2016-09-10 13:05:55 +02:00
kaiyou
18253b1dd3 Merge pull request #61 from vhf/admin-creation 
Allow admin creation after initial setup
 2016-09-09 12:36:02 +02:00
Victor Felder
3976a5b38e Allow admin creation after initial setup 2016-09-09 11:07:05 +02:00
Victor Felder
97d952d7f1 Fix a typo 2016-09-09 11:06:43 +02:00
Pierre Jaury
e24da96e58 Add some documentation to access decorators 2016-08-29 20:30:59 +02:00
Pierre Jaury
09bec055fd Fix domain deletion permissions 2016-08-29 20:22:44 +02:00
Pierre Jaury
c1f9b61dac Add a simple permission audit script 2016-08-29 20:18:00 +02:00
Pierre Jaury
f8dcef22ef Fix the manager deletion behaviour 2016-08-29 19:40:18 +02:00
Pierre Jaury
f541a951de Remove obsolete utils module 2016-08-29 19:36:37 +02:00
Pierre Jaury
713318f097 Clean imports and remove calls to the utils module 2016-08-29 19:35:09 +02:00
Pierre Jaury
ee9a416696 Implement the decorator-based access control for all views 2016-08-29 19:24:39 +02:00
Pierre Jaury
4e4f2b8037 First shot at improving access control, related to #42 
A couple of things are important to note for this commit:
- it only implements the new access control for alias and admin management
- the access control code is located in access.py

The idea behind simpler access control is auditability. There have been a
couple of bugs related to functions not checking permissions properly. If
checking permissions is as simple as decorating a function, exporting the
permission scheme for an audit should be simple.

Also, this still does not address the information leakage related to 404 errors
when an object does not exist, independently of permissions the user has over
the domain.
 2016-08-28 15:23:57 +02:00
Pierre Jaury
3ea3bc1d8e Enforce permission checks for admin management 2016-08-27 15:05:30 +02:00
Pierre Jaury
6dc9131b97 Fix the wildcard migration script, fixes #53 2016-08-23 22:46:21 +02:00
Pierre Jaury
e3197f9156 Have the admin interface listen on localhost 2016-08-21 15:01:07 +02:00
Pierre Jaury
8601d5b8db Fix #49 when deleting a global admin 2016-08-20 12:46:29 +02:00
Pierre Jaury
0d3c75aa89 Fix a migration issue with wildcard aliases 2016-08-20 12:23:55 +02:00