1
0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-14 10:53:30 +02:00
Commit Graph

1162 Commits

Author SHA1 Message Date
Florent Daigniere
cab27f77c1 Don't send ooo messages to noreply@ 2023-05-16 10:29:39 +02:00
bors[bot]
6710a29c5e
Merge #2772
2772: Always exempt app-tokens from rate limits r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Always exempt app-tokens from rate limits
Ensure that unsuccessful login attempts against a valid account hit the ip-based rate-limit too

### Related issue(s)


## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-04-20 10:12:01 +00:00
Florent Daigniere
5a55d1824e Make it happen post-deduplication 2023-04-16 12:57:20 +02:00
Florent Daigniere
21ed7b69a8 ratelimit: ensure we hit the ip-ratelimit on unsuccesful attempts
against a valid account
2023-04-16 11:30:14 +02:00
Florent Daigniere
775033391a doh 2023-04-14 13:56:39 +02:00
Florent Daigniere
c363378005 Always exempt app-tokens from rate limits 2023-04-14 12:51:43 +02:00
Florent Daigniere
7b08232049 Sanitize logs as appropriate 2023-04-13 14:46:12 +02:00
Dimitri Huisman
c54271db32
Fix config-import. Config with dkim key could not be imported. 2023-04-07 14:19:17 +00:00
bors[bot]
0cc7c2fd05
Merge #2735
2735: Mailu 2.0 release r=mergify[bot] a=Diman0

## What type of PR?

feature

## What does this PR do?
Changes for releasing Mailu 2.0.  I must still proofread the release notes I wrote.

### Related issue(s)
- closes #2215

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-04-05 07:03:37 +00:00
Florent Daigniere
94ef62a884 Don't rate-limit port 25, ever. 2023-04-04 12:47:11 +02:00
Florent Daigniere
ab7b82d05b Clarify 2023-04-04 11:33:34 +02:00
Florent Daigniere
040dd82d3e fix bug 2023-04-04 11:30:59 +02:00
Dimitri Huisman
e88fa6a1f5
Merge branch 'master' into new-release-mailu 2023-04-04 08:00:25 +00:00
bors[bot]
b68e132369
Merge #2733
2733: Ensure we always ask for the existing password before allowing a change r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Ensure we always ask for the existing password before allowing a change.

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-04-04 07:11:56 +00:00
bors[bot]
cae01a36b4
Merge #2732
2732: Only account for distinct attempts in rate limits r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Only account for distinct attempts in rate limits. This is solving the problem related to users changing their passwords and having their client hammer the old credentials.

Reduce the default to 50 distinct passwords per day

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
2023-04-03 20:40:10 +00:00
Dimitri Huisman
453acad21f
Initial changes for Mailu 2.0 release 2023-04-02 16:45:42 +00:00
Florent Daigniere
c0f1f58f55 No need for that 2023-04-02 18:03:44 +02:00
Florent Daigniere
7dc2912770
Update core/admin/mailu/limiter.py
Co-authored-by: Dimitri Huisman <52963853+Diman0@users.noreply.github.com>
2023-04-02 17:11:16 +02:00
Florent Daigniere
52de10a5e5 resets don't need the current password 2023-04-02 16:41:12 +02:00
Florent Daigniere
616e4a7734 Ensure we always ask for the existing password before allowing a change 2023-04-02 16:35:15 +02:00
Florent Daigniere
795a7bafa2 should never happen but heh 2023-04-01 12:22:44 +02:00
Florent Daigniere
04a2cdab2f Only account for distinct attempts in rate limits 2023-04-01 11:33:02 +02:00
Didier 'OdyX' Raboud
e31dc0eb90
l10n fr: uppercase accented 'status' 2023-03-28 13:22:56 +02:00
Didier 'OdyX' Raboud
45f1a4b5f7
l10n fr: add DNS TLS and autoconfig translations 2023-03-28 13:22:41 +02:00
Didier 'OdyX' Raboud
4d6457af1a
l10n fr: fix Relayed domains' plural 2023-03-28 13:22:23 +02:00
Dimitri Huisman
709edb522b
Introduce connection string (database url) for roundcube.
Remove database choice from setup.
Remove the old *DB_* database env variables from the documentation.
The env vars are deprecated now. They will be removed after the upcoming
Mailu release.
2023-03-26 12:21:00 +00:00
Dimitri Huisman
f20208fb4b
Fix error in check for proxy scenario 2023-03-18 09:05:18 +00:00
Dimitri Huisman
20bf0e8a65
Add fix for wrong redirect in proxy scenario and accessing WEBROOT_REDIRECT 2023-03-18 08:40:45 +00:00
Dimitri Huisman
29bfc9dd9d
Add fallback just in case X-Forwarded-By is empty. 2023-03-18 08:16:30 +00:00
Dimitri Huisman
25b9db4b00
Proxy endpoint was checking real client ip instead of proxy ip
for validating PROXY_AUTH_WHITELIST
2023-03-18 08:14:46 +00:00
bors[bot]
5fbfb3cb1c
Merge #2566
2566: Make it clear that we don't delete users r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Make it clear that we don't delete users. Users can and should be disabled when not in use anymore.

### Related issue(s)
- closes #1820

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
Co-authored-by: Dimitri Huisman <52963853+Diman0@users.noreply.github.com>
2023-03-17 11:55:11 +00:00
Dimitri Huisman
c482c71f6c
Add missing () 2023-03-16 22:49:07 +01:00
Dimitri Huisman
31faee4218
Merge branch 'master' into delete-disable 2023-03-15 18:16:46 +01:00
Florent Daigniere
1831ca3b1e Handle WEBROOT_REDIRECT better 2023-03-14 09:40:43 +01:00
Florent Daigniere
f44cd24bf8 doh 2023-03-12 19:54:27 +01:00
Florent Daigniere
925c753f40 Merge branch 'master' of https://github.com/Mailu/Mailu into guess-target 2023-03-12 19:43:05 +01:00
Florent Daigniere
b607375603 Fix 2692: make the external auth proxy usable 2023-03-12 19:40:44 +01:00
Florent Daigniere
dd912169fb Make the login page guess where to redirect 2023-03-12 18:07:25 +01:00
Florent Daigniere
1b045b4a94 Introduce AUTH_PROXY_LOGOUT_URL 2023-03-12 18:07:25 +01:00
S474N
92be819053
Update messages.po 2023-02-21 16:26:50 +01:00
S474N
d6757514af
Czech translation
Czech translation
2023-02-21 16:20:57 +01:00
Florent Daigniere
6a4d8603fc Create the user before logging it in 2023-02-14 13:41:46 +01:00
Florent Daigniere
f125420400 Fix the bug reported by fastlorenzo 2023-02-14 11:33:16 +01:00
Florent Daigniere
66b7c76836 Doh. Without this email delivery from RELAYNET is broken 2023-02-09 16:04:13 +01:00
bors[bot]
aea7407044
Merge #2646
2646: Smarter ratelimit r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Only account for **distinct** usernames in the IP rate-limiter.

This enables to have a much tighter default as a user with a misconfigured device will now only account for a single attempt.

The goal here is to make the rate-limiter more acceptable and to avoid people disabling it altogether.

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2023-02-09 12:18:41 +00:00
Florent Daigniere
085bac6e08 Change AUTH_RATELIMIT_IP_V6_MASK from /56 to /48 2023-02-07 09:54:50 +01:00
Alexander Graf
fa084d7b1c
Styling only 2023-02-07 08:54:13 +01:00
Florent Daigniere
caa8412d82 close #1236: Allow + in localpart of addresses 2023-02-06 13:00:17 +01:00
Florent Daigniere
294ac4adb2 Revert "Clarify"
This reverts commit 35e9bfb8ab.
2023-02-04 17:08:26 +01:00
Florent Daigniere
35e9bfb8ab Clarify 2023-02-04 16:54:25 +01:00