1
0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-12 10:45:38 +02:00
Commit Graph

617 Commits

Author SHA1 Message Date
bors-mailu[bot]
df5b48a52d
Merge #3100
3100: Do not block webmail when we have a valid SSO session r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Ensure we do not block webmail when we have a valid SSO session

### Related issue(s)
- close  #3094

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-12-22 08:43:12 +00:00
Florent Daigniere
64d83d061e Prevent SMTP smuggling 2023-12-21 18:17:29 +01:00
Florent Daigniere
325aa5452b Do not block webmail when we have a valid SSO sess 2023-12-21 12:37:08 +01:00
Florent Daigniere
0e522fceb7 Upgrade alpine, node, PHP and snappymail 2023-12-20 14:08:49 +01:00
Florent Daigniere
422f005c3f Fix 3095 2023-12-19 18:25:04 +01:00
Florent Daigniere
1f19ac5d8d Slow down the turtle policy 2023-11-30 18:17:53 +01:00
bors-mailu[bot]
bddbfabd82
Merge #3025
3025: Fix SETUP generating invalid files. r=mergify[bot] a=Diman0

## What type of PR?

bug-fix

## What does this PR do?
If JavaScript script is disabled or JS files are blocked from the setup website, the SETUP website would generate invalid configuration. Checks were added to prevent this situation from occurring.

Bootstrap loaded an outdated jquery version 1. We already use Jquery 2. I have disabled this and configured bootstrap to load our jquery js file.

Also fixed a regular expression that makes sure the specified Mailu storage path is valid.

### Related issue(s)
- closes #2396
- closes #2890
- closes #1524  

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [n/a] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
Co-authored-by: Dimitri Huisman <52963853+Diman0@users.noreply.github.com>
2023-11-18 12:10:14 +00:00
Dimitri Huisman
e43fb69864
Update changelog fragment of 2890 2023-11-18 11:16:22 +00:00
Florent Daigniere
aefbd9552c fix clamav handling 2023-11-10 12:00:29 +01:00
bors-mailu[bot]
fd66c76c83
Merge #3033
3033: Enable snowball on FTS r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Enable [snowball](http://snowball.tartarus.org/algorithms/english/stemmer.html), a filter that will significantly cut down the size of FTS indexes.

It looks like the packages for aarch64 haven't been built yet... but this works on x64_86.
Don't unblock as long as  https://dl-cdn.alpinelinux.org/alpine/edge/testing/aarch64/dovecot-fts-flatcurve-0.3.4-r3.apk is 404

### Related issue(s)
- close #2977 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-11-07 15:07:07 +00:00
bors-mailu[bot]
b7ca4eb9f0
Merge #3032
3032: Update all python dependencies r=mergify[bot] a=Diman0

## What type of PR?

enhancement

## What does this PR do?
Updates all dependencies. Unfortunately multiple things were deprecated such as
* `@babel.localeselector` decorator
* app.app.session_cookie_name
* app.before_first_request

Unfortunately flask_debugtoolbar is not compatible with the updated version of flask.
Flask-SQLAlchemy cannot be updated to 3.0.5 because this introduces an error/bug.

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [n/a] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2023-11-06 14:48:09 +00:00
ctrl-i
b74cd17bdd
Upgrade to roundcube 1.6.5 (fix XSS) 2023-11-06 07:55:23 +00:00
Alexander Graf
fa8e8f4f73
Rename 3008.feature to 3023.feature 2023-11-01 18:02:40 +01:00
Alexander Graf
e77b3f0a36
Update newsfragment 2023-11-01 18:01:39 +01:00
Florent Daigniere
b5ecaa278e Enable snowball 2023-11-01 08:12:03 +01:00
Dimitri Huisman
bf79df5c80
Add changelog entry 2023-10-31 20:02:34 +00:00
Dimitri Huisman
67d11c47c8
Added checks to SETUP to make sure JavaScript is enabled and that all JS files could be loaded when loading the site page.
The setup site malfunctions if this is not the case.
Regular expression for checking the Mailu storage path was invalid.
2023-10-29 12:55:40 +00:00
Miłosz
1b175e48d4 testing: Add "download zonefile" button 2023-10-29 09:36:16 +00:00
bors[bot]
d0c6b34002
Merge #3008
3008: Fix issues with log filter and remove POSTFIX_LOG_FILE r=mergify[bot] a=Diman0

## What type of PR?

bug-fix

## What does this PR do?
Fixed log filter not filtering out log messages for dovecot/nginx/postfix.
Fixed postfix not logging to standard out.
Fixed not all containers logging to journald.
Removed POSTFIX_LOG_FILE functionality. A new FAQ entry is created that documents how to log to file with journald & rsyslog.

Thank you `@Lex999` for providing the sample code in #2839 for how to capture the standard out of called sub processes.

### Related issue(s)
- closes #2839
- closes #2819 
- closes #2939 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2023-10-27 20:49:25 +00:00
Dimitri Huisman
60b9ff0090
Fixed log filter not filtering out log messages for dovecot/nginx/postfix.
Fixed postfix not logging to standard out.
Fixed not all containers logging to journald.
Removed POSTFIX_LOG_FILE functionality. Added documentation on how to achieve the same (log to file) via journald & rsyslogd (see new FAQ entry 'How can I view and export the logs of a Mailu container?').
2023-10-27 14:10:13 +00:00
Florent Daigniere
3e2a6d84ce doh 2023-10-27 13:41:51 +02:00
Florent Daigniere
435508be1e Introduce AUTH_REQUIRE_TOKENS 2023-10-27 13:39:36 +02:00
Florent Daigniere
9f93ed6593 Fix letsencrypt on master 2023-10-17 13:58:38 +02:00
bors[bot]
d0d4876a85
Merge #2982
2982: Switch to upstream's clamav image r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Switch to upstream's clamav image. The only downside is that it doesn't support armv7... but odds are it won't have enough RAM anyway.

Why do we want this?
- faster build times
- will be easier to upgrade
- less maintenance required for us
- it may fix the CI tests failing because of clamav/EICAR not getting caught
- it will save bandwidth (as we won't re-download the definitions from fresh: they are in the base image)
- it puts clamav on its own network (security)

### Related issue(s)
- close #2059

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-10-17 09:41:49 +00:00
bors[bot]
0441903361
Merge #2981
2981: Further improvements to fts r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

- update instructions
- set a timeout on search: if the indexes are not up to date, it will take at most 50s to fail
- limit parallelism to 1 (is that what we want?)
- switch to a different image that has ARM support
- ensure that journald logs the output of tika and oletools
- update the upgrade instructions to ensure one doesn't DoS his server while re-indexing
- add a healthcheck for tika

### Related issue(s)


## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-10-17 09:31:48 +00:00
Florent Daigniere
2a570d0f6f Roundcube 1.6.4 2023-10-16 13:38:49 +02:00
Florent Daigniere
6a2169096c Switch to upstream's clamav image 2023-10-13 16:24:10 +02:00
Florent Daigniere
c56b58149b Further improvements 2023-10-13 09:43:34 +02:00
jonathan
7a258c19ad #2948 Add Traditional Chinese translation 2023-10-13 11:08:35 +08:00
bors[bot]
62104501d4
Merge #2972
2972: switch to fts-flatcurve r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Switch from fts-xapian to fts-flatcurve. This should address the problem with indexes getting too big and will be the default in dovecot 2.4.

Don't forget to nuke old indexes to reclaim space.

### Related issue(s)
- close #2390
- close #2184
- close #2976

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-10-12 18:45:55 +00:00
Dimitri Huisman
0026b8db24
Enhance RESTful API user retrieval with quota used bytes. This is the current size of the user's email box in bytes. 2023-10-11 15:49:52 +00:00
Florent Daigniere
054fde8ac1 Tika v1 2023-10-11 15:49:04 +02:00
Florent Daigniere
954fe40134 Towncrier 2023-10-10 15:07:37 +02:00
bors[bot]
d21eb8bea8
Merge #2974
2974: Add support for managing authentication tokens to RESTful API r=mergify[bot] a=Diman0

## What type of PR?

enhancement

## What does this PR do?
Authentication tokens could not be managed yet via the RESTful API. Support for this has been added to the RESTful API. It also contains a small bug fix for updating domains. 

### Related issue(s)
n/a1

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2023-10-10 11:35:20 +00:00
Dimitri Huisman
16e9d152dd
Forbidden_file_extension.map could not be overridden. 2023-10-10 08:19:36 +00:00
Florent Daigniere
25964b61d5 Add the working command 2023-10-10 09:16:05 +02:00
Florent Daigniere
9ae8715a6a Clarify how one should upgrade 2023-10-10 08:46:13 +02:00
Dimitri Huisman
fa2fb1369d
Add changelog entry 2023-10-09 16:23:22 +00:00
Florent Daigniere
36236848d2 switch to fts-flatcurve 2023-10-09 17:15:28 +02:00
Florent Daigniere
ad5b6fe27e Upgrade dovecot: fix proxying ipv6 via xclient 2023-10-09 11:08:04 +02:00
bors[bot]
26e1077bd8
Merge #2950
2950: Upgrade snuffleupagus r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Upgrade snuffleupagus

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-10-09 07:24:09 +00:00
bors[bot]
04d69141c3
Merge #2961
2961: Hardened malloc was not disabled for oletools when an CPU with missing flags is used r=Diman0 a=Diman0

## What type of PR?
bug fix

## What does this PR do?
Updates oletools to also disable hardened malloc when used CPU misses flags

### Related issue(s)
- closes #2959 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [n/a ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
Co-authored-by: Dimitri Huisman <52963853+Diman0@users.noreply.github.com>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-10-08 13:14:28 +00:00
Florent Daigniere
a6f57ca3d4 Upgrade snappymail to v2.29.1 2023-10-08 14:58:39 +02:00
Florent Daigniere
92e861d4fa There is no reason not to enable it ourselves. 2023-10-07 10:09:04 +02:00
Florent Daigniere
dd58d51156 change the logic as discussed 2023-10-07 09:45:59 +02:00
bors[bot]
dd1de62eb0
Merge #2958
2958: Upgrade to alpine 3.18.4 r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Upgrade to alpine 3.18.4. This has a newer musl that fixes the DNS issue linked below.

I am not sure whether it would be wise to backport it to stable. We should discuss.

I mark it WIP for now as the mirror-image workflow is broken and CI will fail anyway.

### Related issue(s)
- close #2934
- close #2919

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2023-10-06 12:50:22 +00:00
Florent Daigniere
5230c28713 Fix letsencrypt on master 2023-10-06 13:48:09 +02:00
Dimitri Huisman
e70db935ec
Hardened malloc also requires AVX2 cpu flag 2023-10-06 10:27:31 +00:00
Dimitri Huisman
77c4829401
Hardened malloc was not disabled for oletools when an CPU with missing flags is used 2023-10-06 09:48:50 +00:00
Florent Daigniere
85cf7e6a7f Upgrade to alpine 3.18.4 2023-10-05 18:55:33 +02:00
Florent Daigniere
9ae6eafb24 Remove the version pinning on hardened malloc 2023-10-04 17:13:56 +02:00
Florent Daigniere
83fd29c597 Upgrade snuffleupagus 2023-09-20 18:00:36 +02:00
bors[bot]
d386609c75
Merge #2935
2935: Add Persian (aka Farsi) Translation r=mergify[bot] a=hosni

Hello,
First of anything, thanks for this project that make setup email server easier that ever.
In this pull request, I added Persian (aka Farsi) translation to Mailu project.
I hope it's being useful for community.

Co-authored-by: Hossein Hosni <hosni.hossein@gmail.com>
Co-authored-by: Hossein Hosni <47793698+hosni@users.noreply.github.com>
2023-09-18 14:47:39 +00:00
Hossein Hosni
4718b95f33 Add towncrier entry 2023-09-18 00:53:33 +03:30
Florent Daigniere
9402a3beec Upgrade webmails
roundcube 1.6.3
rcmcarddav 5.1.0
snappymail 2.28.4
2023-09-16 10:38:26 +02:00
Alexander Graf
b12bdef4b8
Add newsfragment 2023-09-10 11:27:06 +02:00
Florent Daigniere
5402d00be0 Maybe fix fetchmail when used with pop3 2023-08-30 13:17:50 +02:00
bors[bot]
585549ce92
Merge #2924
2924: Remove the usage of capabilities, use port 8080 for admin r=nextgens a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

In the real world users can't get them to work... I wonder if they use patched-up kernels or if xattrs are lost somehow... in any case, we can do without capabilities so let's do that.

Ensure that dovecot doesn't attempt to bind a v6 socket if SUBNET6 is not configured

Also, document that systemd-resolve may cause trouble with DNSSEC.

### Related issue(s)
- closes #2906
- closes #2913

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-08-29 06:19:42 +00:00
Florent Daigniere
b2a5a80e12 Ensure that dovecot doesn't bind v6 if not required 2023-08-28 11:56:25 +02:00
Florent Daigniere
562cd8c135 Remove the usage of capabilities use port 8080
In the real world users can't get them to work...
2023-08-28 11:34:51 +02:00
Florent Daigniere
086c05a42c Make rspamd retry for longer when connecting to clamav 2023-08-25 14:47:51 +02:00
Florent Daigniere
1731f45d83 Delete the PID file to avoid race conditions
Apparently sometimes the podop subprocess can be re-assigned the same
PID when the container is restarted, causing havok.
2023-08-25 13:40:22 +02:00
bors[bot]
fb97cec238
Merge #2901
2901: Force pw change r=mergify[bot] a=nextgens

## What type of PR?

Feature

## What does this PR do?

Allow administrators to force a user to change his password. Prune web-sessions on password change.

### Related issue(s)
- closes #2877 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
2023-08-20 21:12:55 +00:00
Florent Daigniere
a1f9fb4347 Prevent rspamc zombies, ensure that triggering learn-spam works 2023-08-15 10:46:13 +02:00
Florent Daigniere
bd4c40b596 Prune sessions that are unrelated when changing passwords 2023-08-10 12:27:47 +02:00
Helmuth Breitenfellner
5d8b1940e1 Add a newsfragment for CHANGELOG 2023-08-08 21:45:11 +02:00
Dimitri Huisman
4cf9993117
Fix issue #2811. Clamav Healthcheck created zombie processes 2023-06-28 08:33:04 +00:00
bors[bot]
69229436cf
Merge #2866
2866: Improve tokens (add ipranges) r=nextgens a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Allow multiple IP addresses/networks to be set for tokens.

### Related issue(s)


## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-06-26 10:02:58 +00:00
Florent Daigniere
a6d217c455 increase the number of postfix workers 2023-06-24 18:54:18 +02:00
Florent Daigniere
ea0f63ae0d newsfragment 2023-06-24 16:13:05 +02:00
Florent Daigniere
29cd857c5f Allow multiple IP addresses/networks to be set for tokens 2023-06-23 15:56:41 +02:00
Florent Daigniere
50f8a5cb65 Ensure we log which account is invalid 2023-06-02 11:39:42 +02:00
Dimitri Huisman
5f94be871c
Authentication failed for email clients when the password contained a non latin-1 character. 2023-05-30 14:09:16 +00:00
bors[bot]
589c426601
Merge #2818
2818: Improve auth-related logging r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Improve auth-related logging

### Related issue(s)
- closes #2803 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
2023-05-30 09:01:42 +00:00
bors[bot]
b6c093dfd6
Merge #2790
2790: Implement managesieve support r=mergify[bot] a=nextgens

## What type of PR?

Feature

## What does this PR do?

This is a better a alternative to #2773

Expose managesieve to the outside world.

### Related issue(s)
- close #2773
- #428
- #113
- #81
- #1222

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-05-26 14:11:33 +00:00
bors[bot]
9921b1c224
Merge #2829
2829: update docs r=mergify[bot] a=nextgens

## What type of PR?

documentation

## What does this PR do?

Update the documentation:
 - debian Stretch -> debian stable (see #2826)
 - docker 24.0.0 is broken (see #2827)
 - document how to get rid of "mount: Deactivated successfully" messages from moby (see #2797)

### Related issue(s)
- closes #2826
- closes #2827 
- closes #2797

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-05-19 15:25:12 +00:00
Florent Daigniere
41757334e2 update docs 2023-05-19 14:58:51 +02:00
Florent Daigniere
cab27f77c1 Don't send ooo messages to noreply@ 2023-05-16 10:29:39 +02:00
Florent Daigniere
6ee913502e Improve auth-related logging 2023-05-06 17:37:16 +02:00
Florent Daigniere
bee8ce9357 Fix2805 2023-05-06 09:06:12 +02:00
Florent Daigniere
1512493764 Fix roundcube's spellchecker 2023-04-27 12:43:38 +02:00
Florent Daigniere
167cd93153 Merge remote-tracking branch 'upstream/master' into managesieve-proxy 2023-04-22 17:59:50 +02:00
Florent Daigniere
e71c653c8c fix #2139 2023-04-22 08:24:36 +02:00
Florent Daigniere
36fcb9b830 dovecot is creating zombies 2023-04-21 17:27:59 +02:00
Florent Daigniere
eec9d1201f Fix logs in the SMTP container 2023-04-21 15:56:47 +02:00
Florent Daigniere
86ff5f7b71 Merge remote-tracking branch 'upstream/master' into managesieve-proxy 2023-04-20 18:53:17 +02:00
Florent Daigniere
ede331f657 LD_PRELOAD may not be in ENV 2023-04-20 17:46:27 +02:00
Florent Daigniere
107b0ab5ff Implement managesieve support 2023-04-20 15:36:17 +02:00
bors[bot]
6710a29c5e
Merge #2772
2772: Always exempt app-tokens from rate limits r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Always exempt app-tokens from rate limits
Ensure that unsuccessful login attempts against a valid account hit the ip-based rate-limit too

### Related issue(s)


## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-04-20 10:12:01 +00:00
bors[bot]
d8f6a53a1e
Merge #2771
2771: Sanitize logs as appropriate r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

- Sanitize logs as appropriate. 
- change the healthcheck of radicale to something less verbose
- disable hardened-malloc if we detect a processor not supporting the AVX extension set

Should we backport something like that? It could be argued it's a bugfix.

### Related issue(s)
- close #2644 
- close #2764
- #2541

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-04-20 09:23:25 +00:00
Dario Ernst
b0c71559d0 Whitelist all mailso* stream types in snuffleupagus for snappymail
For attachment download in snappymail to work, at least mailsoliteral is
needed. The additionally used stream types (from looking at the
snappymail source) have also been added, to ensure compatability with
whatever feature might rely on them ….
2023-04-17 14:43:13 +02:00
Florent Daigniere
21ed7b69a8 ratelimit: ensure we hit the ip-ratelimit on unsuccesful attempts
against a valid account
2023-04-16 11:30:14 +02:00
Florent Daigniere
c363378005 Always exempt app-tokens from rate limits 2023-04-14 12:51:43 +02:00
Florent Daigniere
b6ed4fd83e fix #2764 2023-04-14 10:09:51 +02:00
Florent Daigniere
7b08232049 Sanitize logs as appropriate 2023-04-13 14:46:12 +02:00
Florent Daigniere
8686e5154f Fix #2720 2023-04-12 12:33:33 +02:00
Florent Daigniere
a09c23d8de Fix it 2023-04-08 11:32:46 +02:00
Dimitri Huisman
c54271db32
Fix config-import. Config with dkim key could not be imported. 2023-04-07 14:19:17 +00:00
Dimitri Huisman
c6c4cd71f6
Add release note for PR 2748 2023-04-07 10:41:43 +00:00
Dimitri Huisman
0faae50302
Improve releases.rst.
Add extra links to relevant sections in documentation.
Add example of using the new override location for rspamd.
Add clarification  in rspamd section for rspamd override change and new autoconfig.* endpoint
2023-04-06 09:04:04 +00:00