self-hosted/Mailu
1
0
Fork 0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-14 10:53:30 +02:00
Code Issues Releases Activity
441 Commits 115 Branches 124 Tags 117 MiB
d099e24f18
Commit Graph

441 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Pierre Jaury
713318f097 Clean imports and remove calls to the utils module 2016-08-29 19:35:09 +02:00
Pierre Jaury
ee9a416696 Implement the decorator-based access control for all views 2016-08-29 19:24:39 +02:00
Pierre Jaury
4e4f2b8037 First shot at improving access control, related to #42 
A couple of things are important to note for this commit:
- it only implements the new access control for alias and admin management
- the access control code is located in access.py

The idea behind simpler access control is auditability. There have been a
couple of bugs related to functions not checking permissions properly. If
checking permissions is as simple as decorating a function, exporting the
permission scheme for an audit should be simple.

Also, this still does not address the information leakage related to 404 errors
when an object does not exist, independently of permissions the user has over
the domain.
 2016-08-28 15:23:57 +02:00
Pierre Jaury
3ea3bc1d8e Enforce permission checks for admin management 2016-08-27 15:05:30 +02:00
kaiyou
ee6e9b2690 Add a reference to the Freenode IRC channel. 2016-08-27 14:39:58 +02:00
Pierre Jaury
6dc9131b97 Fix the wildcard migration script, fixes #53 2016-08-23 22:46:21 +02:00
Pierre Jaury
26f7f5a73b Change the env file name in the README file 2016-08-21 16:06:59 +02:00
Pierre Jaury
bac20081ee Split the environment file into sections 2016-08-21 15:53:00 +02:00
Pierre Jaury
d2d84acd5f Comment all 'build' directives 2016-08-21 15:08:29 +02:00
Pierre Jaury
e3197f9156 Have the admin interface listen on localhost 2016-08-21 15:01:07 +02:00
Pierre Jaury
1b6c514dc5 Disable the frontend Web server by default 2016-08-21 14:24:07 +02:00
Pierre Jaury
a8eafc508a Default listen on localhost only 2016-08-20 17:01:12 +02:00
Pierre Jaury
7ac44eabeb Add a VERSION variable to avoid modifying the docker-compose file 2016-08-20 16:52:44 +02:00
Pierre Jaury
14ec783ef7 Add a dynamic Webmail option with a 'none' container 2016-08-20 16:48:29 +02:00
Pierre Jaury
cf84b82c57 Move the configuration file to .env to support global variables 2016-08-20 16:32:10 +02:00
Pierre Jaury
581a0882af Pull images from Docker Hub by default 2016-08-20 14:49:42 +02:00
Pierre Jaury
8fc95a96d2 Disable debug and set an explicit default secret key 2016-08-20 14:35:42 +02:00
Pierre Jaury
ef5d3a77c6 Pull images from Docker Hub by default 2016-08-20 14:34:52 +02:00
Pierre Jaury
8601d5b8db Fix #49 when deleting a global admin 2016-08-20 12:46:29 +02:00
Pierre Jaury
1273571299 Add a changelog 2016-08-20 12:43:30 +02:00
Pierre Jaury
0d3c75aa89 Fix a migration issue with wildcard aliases 2016-08-20 12:23:55 +02:00
Pierre Jaury
bfe9ededbc Fix spam filtering when the score is negative 2016-08-19 21:59:04 +02:00
Pierre Jaury
2602ef2883 Add a feature item about freedom 2016-08-19 19:38:19 +02:00
Pierre Jaury
e916998bb2 Apply the BetterCrypto nginx configuration, related to #45 2016-08-19 15:07:16 +02:00
Pierre Jaury
3d1e5523d4 Use a non-starttls configuration for SMTPS port, related to #45 2016-08-19 15:06:52 +02:00
Pierre Jaury
a6ab917aea Do not enforce TLS on the default SMTP port, related to #45 2016-08-19 15:04:51 +02:00
Pierre Jaury
e3e9012183 Add a link to the BetterCrypto reference 2016-08-19 13:55:34 +02:00
Pierre Jaury
c0f6a3e387 Apply the BetterCrypto Dovecot configuration, related to #45 2016-08-19 13:54:47 +02:00
Pierre Jaury
8909033c26 Apply the BetterCrypto Postfix configuration, related to #45 2016-08-19 13:51:56 +02:00
Pierre Jaury
5a3242d9d3 Apply the BetterCrypto Postfix configuration, related to #45 2016-08-19 13:49:58 +02:00
Pierre Jaury
5bc0948248 Add some documentation to the Postfix configuration 2016-08-19 13:43:01 +02:00
kaiyou
207e351276 Merge pull request #43 from d-fens/patch-2 
Update postfix SSL/TLS configuration
 2016-08-19 13:33:52 +02:00
kaiyou
2f9319e454 Merge pull request #44 from d-fens/patch-1 
Update dovecot SSL/TLS configuration
 2016-08-19 13:33:43 +02:00
d-fens
a3d8daa585 Update postfix SSL/TLS configuration 
Ensure that RC4 and SSLv3 is not used. This is based off mailinabox project settings, while not the most ideal settings this improves the configuration from what it is currently.
 2016-08-19 12:20:50 +01:00
d-fens
62b1df04a0 Update dovecot SSL/TLS configuration 
Ensure that RC4 and SSLv3 is not used. This is based off mailinabox project settings, while not the most ideal settings this improves the configuration from what it is currently.
 2016-08-19 12:19:05 +01:00
Pierre Jaury
84769cab3e Switch to form-based confirmations, fixes #20 2016-08-19 10:49:05 +02:00
Pierre Jaury
5a69ada041 Add an action confirmation form, related to #20 2016-08-19 10:36:13 +02:00
Pierre Jaury
6bfdabe8c1 Format the authors file properly 2016-08-18 21:26:21 +02:00
Angedestenebres
acf4dae72e Update AUTHORS.md 2016-08-18 21:18:32 +02:00
Pierre Jaury
bd94d24a1f Put a link to the Github contributors list 2016-08-18 21:08:35 +02:00
Pierre Jaury
dfb1c19441 Fix a typo in the author list 2016-08-18 21:01:59 +02:00
Pierre Jaury
01fc0863b1 Add an authors file 2016-08-18 21:01:08 +02:00
Pierre Jaury
23f414e672 Update the license file 2016-08-18 20:59:11 +02:00
Pierre Jaury
58337d7dd6 Set a proper default for spam thresholds 2016-08-18 20:42:55 +02:00
Pierre Jaury
1ce0bf2ef7 Update the user settings view with a slider 2016-08-18 20:42:35 +02:00
Pierre Jaury
76c33df91f Flatten sieve imports 2016-08-18 20:17:04 +02:00
Pierre Jaury
93f33e956d Filter spam before forward and auto-reply 2016-08-18 20:14:03 +02:00
Pierre Jaury
daf8c4bad3 Honor per-user spam settings, fixes #21 2016-08-18 20:09:11 +02:00
Pierre Jaury
2a3f62fc65 Disable rmilter configuration overrides for now 2016-08-18 16:43:36 +02:00
Pierre Jaury
7d612793de Fix indentation in the rmilter configuration 2016-08-18 16:25:13 +02:00