e448b5e53e
chore: disable F2B postfix-sasl jail ( #4535 )
...
Signed-off-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com >
2025-08-03 10:37:41 +02:00
b6e5d34cd4
docs: Podman - Document how to setup DMS with Quadlet ( #4183 )
...
Merged in it's current state due to time constraints to revise to desired state when the revised docs would still be beneficial to users. Final revision deferred to a follow-up PR.
---------
Co-authored-by: Casper <casperklein@users.noreply.github.com >
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com >
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com >
2025-08-01 12:24:55 +12:00
7a0b499c18
docs: Fix path in dkim helper script (rspamd) ( #4531 )
...
The path was still referring to an internal location used prior to preferring the DMS config volume, this has been corrected.
---------
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com >
2025-08-01 12:06:40 +12:00
8011772feb
chore(deps): Bump anchore/scan-action from 6.4.0 to 6.5.0 ( #4533 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-07-28 18:22:24 +02:00
e4c319b39c
docs: fix minor typo ( #4532 )
2025-07-27 12:10:40 +00:00
fcd9909841
fix(fail2ban): configure logrotate only when Fail2Ban is enabled ( #4523 )
...
Co-authored-by: Casper <casperklein@users.noreply.github.com >
2025-07-11 17:02:42 +02:00
337ae071d2
open-dkim: use numerical uid and gid for chown ( #4517 )
...
Co-authored-by: Casper <casperklein@users.noreply.github.com >
2025-07-10 22:14:39 +00:00
20798411a3
chore(deps): Bump anchore/scan-action from 6.3.0 to 6.4.0 ( #4519 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-07-07 20:12:30 +02:00
6bc4d243e2
docs: fix minor typo ( #4513 )
...
Co-authored-by: Casper <casperklein@users.noreply.github.com >
2025-06-23 20:18:15 +02:00
63f183dfc1
chore(deps): Bump docker/setup-buildx-action from 3.11.0 to 3.11.1 ( #4514 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-06-23 20:16:00 +02:00
eb87c88339
docs: Adjust PROXY Protocol port names ( #4511 )
2025-06-20 06:42:12 +02:00
ade4ef528e
chore(deps): Bump docker/setup-buildx-action from 3.10.0 to 3.11.0 ( #4509 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Casper <casperklein@users.noreply.github.com >
2025-06-17 18:52:04 +02:00
5fb87e11ac
chore(deps): Bump anchore/scan-action from 6.2.0 to 6.3.0 ( #4510 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-06-17 18:46:01 +02:00
0c3aff21ff
chore(deps): Bump docker/build-push-action from 6.17.0 to 6.18.0 ( #4500 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-06-02 15:00:35 +02:00
3c193a101e
chore: Simplify compose.yaml healthcheck ( #4498 )
2025-06-02 07:27:53 +00:00
e296eb4f26
docs: Revise docs for the OVERRIDE_HOSTNAME ENV ( #4492 )
...
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com >
2025-06-02 19:22:04 +12:00
8fa6e6deba
chore: Avoid logging a warning when LOG_LEVEL is unset ( #4497 )
2025-06-02 17:01:00 +12:00
ea03808c8f
fix: packages.sh - Remove Postfix hostname workaround ( #4493 )
2025-05-27 23:03:10 +02:00
f6381d3bb0
fix: Ensure DMS config volume can be accessed by non-root users ( #4487 )
2025-05-23 16:05:20 +12:00
61c9b21f94
docs: PROXY protocol (Traefik) - Fix config typo ( #4483 )
2025-05-23 10:49:50 +12:00
e5728cf7b6
docs: Revise TLS_LEVEL ENV description ( #4482 )
2025-05-21 21:06:32 +12:00
a0e0013260
chore: Typo fix for debug log ( #4480 )
2025-05-21 11:50:05 +12:00
7b6f1cf7ea
chore(deps): Bump docker/build-push-action from 6.16.0 to 6.17.0 ( #4477 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-19 16:19:46 +02:00
53c36194d9
feat: Enable reading env vars from files ( #4359 )
...
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com >
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com >
2025-05-17 23:37:43 +02:00
c9aac24a72
docs: mailserver.env - Remove unsupported SASL auth mechanisms ( #4472 )
2025-05-11 12:16:04 +12:00
902354552f
chore(deps): Bump anchore/scan-action from 6.1.0 to 6.2.0 ( #4468 )
...
Bumps [anchore/scan-action](https://github.com/anchore/scan-action ) from 6.1.0 to 6.2.0.
- [Release notes](https://github.com/anchore/scan-action/releases )
- [Changelog](https://github.com/anchore/scan-action/blob/main/RELEASE.md )
- [Commits](https://github.com/anchore/scan-action/compare/v6.1.0...v6.2.0 )
---
updated-dependencies:
- dependency-name: anchore/scan-action
dependency-version: 6.2.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-06 13:52:44 +02:00
fc51996e43
docs(xapian): Add note about config compatibility ( #4464 )
2025-05-02 09:44:52 +12:00
0ee8d83764
chore(deps): Bump docker/build-push-action from 6.15.0 to 6.16.0 ( #4459 )
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 6.15.0 to 6.16.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v6.15.0...v6.16.0 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-version: 6.16.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-01 11:47:21 +02:00
491c30b194
fix: setup email list should only work with ACCOUNT_PROVISIONER=FILE ( #4453 )
...
---------
Signed-off-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com >
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com >
2025-04-25 10:06:35 +12:00
4b0e3a5002
tests: Reference the new testssl image location ( #4454 )
2025-04-23 22:16:36 +02:00
f2e5891b16
feat: Configurable poll rate for check-for-changes.sh ( #4450 )
...
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com >
Co-authored-by: Casper <casperklein@users.noreply.github.com >
2025-04-23 18:43:41 +02:00
b653d9a586
docs: Contributing (tests) - Link to guidance for TEST_TMP_CONFIG ( #4451 )
2025-04-21 17:29:39 +02:00
23bb1c8e50
refactor: setup CLI open-dkim ( #4375 )
...
Refactoring this `setup` CLI command as part of the effort to unify our DKIM feature support between OpenDKIM + Rspamd:
- Adds a `main()` method similar to other setup CLI commands.
- Help text more aligned with equivalent rspamd DKIM setup CLI command.
- DRY some repetition such as hard-coded paths to use variables.
- OpenDKIM config files are created / initialized early on now with `_create_opendkim_configs()`. `while` loop only needs to append entries, so is easier to grok.
- `_create_dkim_key()` to scope just the logic (_and additional notes_) to key generation via `opendkim-genkey`
- Now overall logic with the `while` loop of the script occurs in `_generate_dkim_keys()`:
- Ownership fixes are now applied after the `while` loop as that seems more appropriate than per iteration.
- Temporary VHOST config is now removed since it's no longer useful after running.
- Tests adjusted for one new log for adding of default trusted hosts content.
Overall this should be nicer to grok/maintain. Some of this logic will be reused for the unified DKIM generation command in future, which is more likely to shift towards all domains using the same keypair by default with rspamd/opendkim config generated at runtime rather than reliant upon DMS config volume to provide that (_still expected for private key_).
---------
Co-authored-by: Casper <casperklein@users.noreply.github.com >
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com >
2025-03-31 11:27:28 +02:00
229ebba1b8
docs: Dovecot Solr - Add compatibility note ( #4433 )
...
Co-authored-by: Casper <casperklein@users.noreply.github.com >
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com >
2025-03-31 11:00:57 +13:00
df7a98ec50
chore: Fix broken README link for SRS ( #4434 )
2025-03-29 12:11:29 +01:00
5027f4f5b6
release: v15.0.2 ( #4432 )
...
* chore: prepare for release of v15.0.2
Signed-off-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com >
* Update CHANGELOG.md
---------
Signed-off-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com >
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com >
2025-03-27 00:09:31 +01:00
c2c48b2b83
fix: ensure message content is not modified by header filter ( #4429 )
2025-03-26 12:24:20 +13:00
70d645d863
release: v15.0.1 ( #4423 )
...
Signed-off-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com >
2025-03-23 01:27:47 +01:00
a3571a88c1
fix: DMS state volume must ensure o+x permission ( #4420 )
2025-03-18 23:48:12 +01:00
8ca2bd212c
chore: Gender-neutral language ( #4421 )
...
Co-authored-by: itycodes <tranquillitycodes@proton.me >
2025-03-18 19:08:56 +01:00
0362fa682e
fix: include all files in change detection of Rspamd ( #4418 )
2025-03-18 00:08:14 +01:00
7c680a0fbc
fix: start-mailserver.sh requires mail_state.sh to be sourced on restarts ( #4417 )
2025-03-16 15:34:51 +01:00
a156c2c031
docs: Update Dovecot link in mailserver.env ( #4415 )
2025-03-16 21:04:32 +13:00
6b1a566497
docs: Fail2Ban - Add example with required ENV to enable ( #4402 )
2025-03-06 08:29:39 +01:00
02f068b2b2
fix: Use correct Postfix parameter for postfix-receive-access.cf ( #4399 )
2025-03-05 11:00:06 +13:00
d0629f4cb6
chore: Revise utility install scripts + add Smallstep step CLI ( #4376 )
...
Changes:
- `jaq` should probably live in `/usr/local/bin` with other third-party sourced binaries.
- `swaks` install properly with just `tar`, no `mv` + `rm` needed.
- Added Smallstep `step` CLI. This serves similar purpose to `openssl` commands, but is generally nicer for usage with generation and inspection of certs/keys. I've talked up using in DMS a few times in the past for our TLS helper and unifying DKIM support (_instead of separate OpenDKIM/Rspamd generators_).
- Including `step` for both AMD64 / ARM64 archs needs the alternate naming convention that it's published to GH releases with.
- Added commentary about the `tar` usage. The ownership is a common concern with GH release sources, technically a non-issue when running as `root`
2025-03-03 22:58:42 +01:00
1756ba04fb
fix: Support chmod on /var/log/mail/* when dir is empty ( #4391 )
...
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com >
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com >
2025-03-03 21:28:15 +00:00
807f4f7118
chore(deps): Bump docker/setup-qemu-action from 3.4.0 to 3.6.0 ( #4392 )
2025-03-03 21:58:58 +01:00
0fbbc44dd3
chore(deps): Bump docker/build-push-action from 6.14.0 to 6.15.0 ( #4393 )
2025-03-03 20:52:28 +00:00
3c833d8ee8
chore(deps): Bump docker/setup-buildx-action from 3.9.0 to 3.10.0 ( #4394 )
2025-03-03 20:50:17 +00:00
