self-hosted/Mailu
1
0
Fork 0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-16 10:59:53 +02:00
Code Issues Releases Activity
737 Commits 115 Branches 124 Tags 117 MiB
e9f4719a40
Commit Graph

737 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Pierre Jaury
7be2d458d9 Use Email as a mixin and explicitely specify table names 
This also fixes #77, as explained in the ticket, because Flask
SQlAlchemy is not accessing declared attributes early anymore.
 2016-10-16 17:21:01 +02:00
Pierre Jaury
c7fe29c957 Push the missing messages.pot 2016-10-13 09:37:24 +02:00
Pierre Jaury
c007b37df7 Display error messages when Docker is unreachable properly, related to #78 2016-10-13 09:32:27 +02:00
kaiyou
fe8e25485d Merge pull request #75 from kaiyou/feat-babel 
Implement babel translation for I18N
 2016-10-02 17:49:09 +02:00
Pierre Jaury
984b605d05 Compile translations when building the admin container 2016-10-02 17:38:10 +02:00
Pierre Jaury
acf4addae0 Add initial translations, fix #37 2016-10-02 17:35:11 +02:00
Pierre Jaury
c37ad3557f Missing translations 2016-10-02 17:33:34 +02:00
Pierre Jaury
3fa44613b1 Add a default babel configuration 2016-10-02 14:56:33 +02:00
Pierre Jaury
3ade5641d9 Fix the confirmation form 2016-10-02 14:53:01 +02:00
Pierre Jaury
0beeeade41 Enable Babel for all views 2016-10-02 14:52:50 +02:00
Pierre Jaury
a3ad45c8ac Use babel for base views 2016-10-02 14:43:48 +02:00
Pierre Jaury
fe035114e9 Enable Babel for forms 2016-10-02 14:37:06 +02:00
Pierre Jaury
d3436668d8 Enable Babel 2016-10-02 14:23:44 +02:00
Pierre Jaury
676a9a5d2c Do not redirect users to admin pages, fix #74 2016-10-02 10:14:53 +02:00
Pierre Jaury
c028a3799d Write an equivalence test for domains, fixes #65 
(cherry picked from commit 144f427088)
 2016-10-02 10:13:45 +02:00
Pierre Jaury
883afb30cd Remove unnecessary spaces in env file 2016-10-02 09:50:36 +02:00
kaiyou
1ae8fe6af1 Merge pull request #73 from diresi/junk_filter 
dovecot: use rspamd X-Spamd-Result percentage to evaluate spam
 2016-10-02 09:46:48 +02:00
Pierre Jaury
c02faada94 Remove deprecated references to flask_wtf.Form, fix #72 2016-10-02 09:33:07 +02:00
Pierre Jaury
e7399e6926 Add a development run.py script 2016-10-02 09:19:34 +02:00
Christoph Rissner
b9de28e910 dovecot: use rspamd X-Spamd-Result percentage to evaluate spam 
- configures dovecot to use the spamtest sieve plugins
- configures sieve to read the score from X-Spamd-Result: headers
- before.sieve applies the ${spam_threshold} to the spamtest percentage
- freeposte.db stores a percentage for ${spam_threshold}
- migrate freeposte.db spam_threshold from X/15 to percentages

the filter investigates the overall ratio of the `rspamd` header
`X-Spamd-Result` that looks something like this:

X-Spamd-Result: default: True [12.36 / 15.00]
 RBL_SPAMHAUS_XBL(4.00)[]
 BAYES_SPAM(3.06)[92.67%]
 RBL_SPAMHAUS_XBL_ANY(4.00)[]
 ONCE_RECEIVED_STRICT(4.00)[]
 HFILTER_HELO_BAREIP(3.00)[]
 RBL_SORBS_DUL(2.00)[]
 HFILTER_HOSTNAME_UNKNOWN(2.50)[]
 RBL_SPAMHAUS_PBL(2.00)[]
 RBL_SORBS_RECENT(1.50)[]
 MIME_UNKNOWN(0.10)[application/x-rar-compressed]
 RDNS_NONE(1.00)[]
 RBL_SORBS(0.00)[]
 R_SPF_NEUTRAL(0.00)[?all]
 ONCE_RECEIVED(0.10)[]
 RBL_SEM(1.00)[]
 MIME_HTML_ONLY(0.20)[]
 RBL_UCEPROTECT_LEVEL1(1.00)[]
 MIME_GOOD(-0.10)[multipart/mixed]

the sieve `spamtest :percent :value` in this case would be
   100*12.36/15 = 82.4%
 2016-09-30 11:21:29 +02:00
kaiyou
79adbbb76c Merge pull request #69 from aminb/message_size_limit 
Default message_size_limit to 50MB
 2016-09-25 11:49:04 +02:00
Amin Bandali
b5aec1f065 Default message_size_limit to 50MB 
Add MESSAGE_SIZE_LIMIT variable in .env to allow setting the message
size limit for postfix.
 2016-09-24 19:46:10 -04:00
Pierre Jaury
525089a531 Do not leak information about existing domains or users 2016-09-13 20:59:25 +02:00
Pierre Jaury
dcda715382 Force temporary files to /tmp, related to #54 2016-09-10 13:17:55 +02:00
Pierre Jaury
2cb4a44b5a Display fetchmail errors to the user, fixes #23 2016-09-10 13:05:55 +02:00
Pierre Jaury
709869d4ba Escape fetchmail parameters properly 2016-09-10 12:27:43 +02:00
Pierre Jaury
55d5121816 Buld the proper http image 2016-09-10 12:08:22 +02:00
Pierre Jaury
f07615c4a4 Do not expose the Web admin interface by default, fixes #40 2016-09-10 12:08:22 +02:00
Pierre Jaury
ec5a75f603 Proxify to webmail only if enabled, related to #40 2016-09-10 12:08:22 +02:00
kaiyou
18253b1dd3 Merge pull request #61 from vhf/admin-creation 
Allow admin creation after initial setup
 2016-09-09 12:36:02 +02:00
kaiyou
c1770a1dc1 Merge pull request #62 from vhf/typofix 
Fix a typo in the admin UI
 2016-09-09 12:35:29 +02:00
Victor Felder
3976a5b38e Allow admin creation after initial setup 2016-09-09 11:07:05 +02:00
Victor Felder
97d952d7f1 Fix a typo 2016-09-09 11:06:43 +02:00
Pierre Jaury
3f6175c34a Remove deprecated awl settings 2016-09-03 14:40:50 +02:00
Pierre Jaury
382030a7aa Revert to using 'latest' for testing 2016-09-03 14:16:13 +02:00
Pierre Jaury
d60ef1991c Add a rainloop Webmail image, fixes #58 2016-09-03 14:10:42 +02:00
Pierre Jaury
f5b9f569ca Add a link to the demo server documentation 2016-09-03 12:39:30 +02:00
kaiyou
cbc6bb5dd6 Merge pull request #55 from kaiyou/feat-refactor-permissions 
Refactor the access control code
 2016-08-31 13:45:50 +02:00
Pierre Jaury
40b9883c8c Filter outgoing email headers, fixes #52 2016-08-29 22:41:31 +02:00
Pierre Jaury
92bbfde195 Add a PNG logo for rendering 2016-08-29 21:17:29 +02:00
Pierre Jaury
56e6c7565e Add a draft logo 2016-08-29 21:15:20 +02:00
Pierre Jaury
e24da96e58 Add some documentation to access decorators 2016-08-29 20:30:59 +02:00
Pierre Jaury
09bec055fd Fix domain deletion permissions 2016-08-29 20:22:44 +02:00
Pierre Jaury
c1f9b61dac Add a simple permission audit script 2016-08-29 20:18:00 +02:00
Pierre Jaury
f8dcef22ef Fix the manager deletion behaviour 2016-08-29 19:40:18 +02:00
Pierre Jaury
f541a951de Remove obsolete utils module 2016-08-29 19:36:37 +02:00
Pierre Jaury
713318f097 Clean imports and remove calls to the utils module 2016-08-29 19:35:09 +02:00
Pierre Jaury
ee9a416696 Implement the decorator-based access control for all views 2016-08-29 19:24:39 +02:00
Pierre Jaury
4e4f2b8037 First shot at improving access control, related to #42 
A couple of things are important to note for this commit:
- it only implements the new access control for alias and admin management
- the access control code is located in access.py

The idea behind simpler access control is auditability. There have been a
couple of bugs related to functions not checking permissions properly. If
checking permissions is as simple as decorating a function, exporting the
permission scheme for an audit should be simple.

Also, this still does not address the information leakage related to 404 errors
when an object does not exist, independently of permissions the user has over
the domain.
 2016-08-28 15:23:57 +02:00
Pierre Jaury
3ea3bc1d8e Enforce permission checks for admin management 2016-08-27 15:05:30 +02:00