self-hosted/docker-mailserver
1
0
Fork 0
mirror of https://github.com/docker-mailserver/docker-mailserver.git synced 2025-06-19 04:07:48 +02:00
Code Issues Releases Activity
2,794 Commits 8 Branches 30 Tags
docs/add-compose-example-getmail
Commit Graph

788 Commits

Author SHA1 Message Date
Erik Wramner
23eb7c42ab Merge pull request #1481 from youtous/fix-sieve-folder 
Prevent sieve symlink to be evaluated as a directory by dovecot
 2020-05-02 08:09:09 +02:00
Erik Wramner
0537c6f046 Merge pull request #1482 from youtous/feature-quota-optional 
Feature quota optional.
 2020-05-02 08:07:38 +02:00
youtous
16cd4f9d2d Reduce opportunities for a potential CPU exhaustion attack with NO_RENEGOTIATION 
See https://en.wikipedia.org/wiki/Resource_exhaustion_attack
 2020-05-02 00:04:05 +02:00
youtous
0c838706d0 Option to disable dovecot quota 2020-05-01 23:42:21 +02:00
youtous
e8581be2d3 Prevent sieve symlink to be evaluated as a directory by dovecot 2020-05-01 23:20:15 +02:00
youtous
3aeacef125 remove start-mailserver nested conditions dovecot quota 2020-04-30 16:11:45 +02:00
youtous
d45e6b1c22 #fix 1478 2020-04-30 12:47:12 +02:00
Erik Wramner
35f473ad12 Merge pull request #1474 from polarathene/chore/remove-obsolete-param-usetls 
chore: Remove obsolete postfix parameter `smtpd_use_tls`
 2020-04-30 08:02:11 +02:00
Brennan Kinney
76594c21c4 Add note about tls_ssl_options = NO_COMPRESSION 
[Postfix docs](http://www.postfix.org/postconf.5.html#tls_ssl_options):

> Disable SSL compression even if supported by the OpenSSL library. Compression is CPU-intensive, and compression before encryption does not always improve security.

[Postfix mailing list discussion](http://postfix.1071664.n5.nabble.com/patch-mitigate-CRIME-attack-td57978.html):

> The CRIME attack does not apply to SMTP, because unlike SMTP, there is no javascript in SMTP clients that makes them send thousands of email messages with chosen plaintext compressed together in the same packet with SASL credentials or other sensitive data.
> The auditor completely failed to take the context into account.

[Mailing list discussion of potential compression CRIME-like attack](https://lists.cert.at/pipermail/ach/2014-December/001660.html)

> keeping compression disabled is a good idea.

If you need a good test score, PCI compliance will likely flag compression despite not having any known risk with non-HTTP TLS.
 2020-04-29 19:41:08 +12:00
Brennan Kinney
e7de9bceaf chore: Remove obsolete postfix parameter smtpd_use_tls 
See: http://www.postfix.org/postconf.5.html#smtpd_tls_security_level

> this overrides the obsolete parameters `smtpd_use_tls` and `smtpd_enforce_tls`.
 2020-04-27 23:24:26 +12:00
youtous
03b8f87ffc update dovecot conf comment 2020-04-26 22:23:51 +02:00
youtous
47fac2706f use ffdhe4096 for DHE params 
use by default ffdhe4096 for DHE params 


use by default ffdhe4096 for DHE params
 2020-04-26 22:23:51 +02:00
youtous
f60de0c66e init tests cases ffdhe4096 2020-04-26 22:23:51 +02:00
youtous
2527ebfaf2 added dovecot quota feature 
add postfix service quota check


check-for-changes on quotas


setquota command


fix checkforchanges quota


addquota verify user exists


add setquota in setup.sh


merging addquota into setquota


test quota commands


add ldap tests for dovecot quota


fix smtp only quota postfix rules


test postfix conf


add quota test integration


add quota exceeded test


add wait analyze


fix tests


fix setup typo


add test fixes


fix error output


wip


update startup rules


fix setup


fix setup tests


fix output commands


remove quota on remove user


try to fix sync limit mails


check if file exists


fix path


change used quota user


fix post size


check if quota file exists


update tests


configure virtualmailbox limit for dovecot


last fix


fix quota expr


relax dovecot tests


auto create dovecot-quotas


fix dovecot apply quota test


wip quota warning


trying to fix get dovadm quota


dovecot applies fix


fix quota warning lda path


test count mail on quota


fix quota warning permissiosn


fix test
 2020-04-24 14:56:15 +02:00
Nils Knappmeier
370d08fd33 fail2ban: use filter.d/dovecot.conf from distribution 
closes #972
 2020-04-10 22:21:40 +02:00
Erik Wramner
73b8d65dd3 Merge next into master 2020-04-05 09:28:22 +02:00
Erik Wramner
04777fdb89 Merge pull request #1435 from Drakulix/master 
amavis: fix config permission
 2020-04-05 08:43:47 +02:00
Christian Glahn
ff1248eeee activate shortcircuit plugin, fixes #1442 2020-03-31 17:09:23 +02:00
Jairo Llopis
a00dced8bc Allow to set comfortably inet_protocols 
Setting `inet_protocols = ipv4` is almost a requirement when running behind Docker. Provide a way to make it easy.

@Tecnativa TT22925
 2020-03-25 21:43:29 +01:00
Victor Brekenfeld
c491496b6e avavis fix config permission 2020-03-24 15:43:35 +01:00
Erik Wramner
142b98a209 Merge pull request #1427 from Tecnativa/inet-protocols 
Allow to set comfortably inet_protocols
 2020-03-22 08:56:55 +01:00
Germain Masse
ce41f60888 Move filebeat to its own container 2020-03-20 17:56:18 +01:00
Jairo Llopis
ab22450364 Allow to set comfortably inet_protocols 
Setting `inet_protocols = ipv4` is almost a requirement when running behind Docker. Provide a way to make it easy.

@Tecnativa TT22925
 2020-03-19 08:35:25 +00:00
Wandrille RONCE
d148eeddfb Add an option to place spam in the inbox, and then sort the mail by a sieve rule for example 2020-03-16 18:47:24 +01:00
Robert Pufky
d3f7c56cdf Fix broken fail2ban dovecot filter; use <HOST> instead of undocumented feature. 
* Replace deprecated, undocumented fail2ban feature "(\P<host>\S*)" with
  supported host match "<HOST>".
* Fixes "No failure-id group in '(?: pop3-login|ima ..." fail2ban dovecot filter
  error message.
* See: https://github.com/fail2ban/fail2ban/issues/2130
 2020-03-16 18:45:22 +01:00
Wandrille RONCE
90951876cd Add an option to place spam in the inbox, and then sort the mail by a sieve rule for example 2020-03-15 17:51:12 +01:00
Robert Pufky
a82caf5d9b Fix broken fail2ban dovecot filter; use <HOST> instead of undocumented feature. 
* Replace deprecated, undocumented fail2ban feature "(\P<host>\S*)" with
  supported host match "<HOST>".
* Fixes "No failure-id group in '(?: pop3-login|ima ..." fail2ban dovecot filter
  error message.
* See: https://github.com/fail2ban/fail2ban/issues/2130
 2020-02-01 14:57:03 -08:00
Erik Wramner
f342151b80 Fixed several amavis tests and removed commented code 2020-01-26 16:39:58 +01:00
Erik Wramner
a208748ea2 Configure amavis with D_BOUNCE for spam 2020-01-26 08:34:40 +01:00
Erik Wramner
85ae8a1471 Fix fail2ban issues and install some suggested amavis packages 2020-01-25 15:33:06 +01:00
Erik Wramner
91b2c9834e Upgrade to buster and remove filebeat 2020-01-25 15:33:06 +01:00
Torben Weibert
ca16307729 Added -f flag to chmod command to suppress error when no sieve-pipe scripts exist 2020-01-21 22:18:00 +01:00
Torben Weibert
70d87f5119 Add executable flag for scripts in /usr/lib/dovecot/sieve-pipe 2020-01-21 18:18:16 +01:00
Erik Wramner
ae2aa6eeb4 Merge pull request #1372 from phish108/shortcircuit-bayes-99-mini 
activate SA shortcircuit features via env, fixes #1118 (again)
 2020-01-15 07:28:00 +01:00
Lukas Elsner
35df764107 fix clamav issue in logwatch 2020-01-13 17:58:34 -05:00
Christian Glahn
b8726b80a4 activate SA shortcircuit features via env, fixes #1118 2020-01-13 14:22:14 +01:00
Erik Wramner
d847be2d5a Merge pull request #1331 from Tecnativa/srs-sender-classes 
Allow to configure SRS sender classes easily
 2019-12-06 07:22:46 +01:00
Jairo Llopis
7f1bc8f8b3 Avoid infinite failure log in Amavis with SMTP_ONLY=1 
Fix #801 by simply touching the file if it doesn't exist.

@Tecnativa TT20505
 2019-12-03 13:43:43 +00:00
Jairo Llopis
42348ff353 Allow to configure SRS sender classes easily 
This will allow to forward safely any email from any host, no matter how strict their SPF policy is, by setting `SRS_SENDER_CLASSES=envelope_sender,header_sender`.

@Tecnativa TT20505
 2019-12-03 13:33:51 +00:00
Erik Wramner
da1287c1a5 Changed wrong set options in pflogsumm cron job 2019-12-01 09:19:47 +01:00
Erik Wramner
c882d95deb Merge pull request #1284 from vortex852456/master 
Added optional file user-patches.sh for own patches without recompiling
 2019-11-09 15:13:06 +01:00
Germain Masse
36afac7726 New option DOVECOT_MAILBOX_FORMAT 2019-11-04 15:49:29 +00:00
Germain Masse
e465e659ad Remove unnecessary maildir folders creation 2019-11-01 20:04:37 +00:00
Erik Wramner
37e0082cd7 Set expected permissions in log #1300 2019-10-27 09:22:16 +01:00
Vortex
c30c3bf5de moved user_patches from misc to nearly the end of setups 2019-10-16 18:56:06 +02:00
Daniel Dobko
e441f1318a Tests should work from now on 
Merge branch 'user-patches.sh'

# Conflicts:
#	config/user-patches.sh
#	target/start-mailserver.sh
 2019-10-08 21:55:46 +02:00
Undercover1989
275a83667a base files 2019-10-08 21:22:12 +02:00
Undercover1989
0975b71d72 chown docker:docker /tmp/docker-mailserver/user-patches.sh 2019-10-08 19:24:01 +02:00
Undercover1989
b5c422c3c5 start user-patches.sh native instead of explicit using the bash-command 2019-10-08 15:08:01 +02:00
Undercover1989
b01071f52f Added optional file ./config/user-patches.sh which is executed between configuration and starting daemons (misc-section) 2019-10-07 21:04:49 +02:00