Commit Graph

1073 Commits

Author SHA1 Message Date
DerLinkman
8026b6c874 Swapped PIGZ instead of gzip 2022-10-19 11:15:12 +02:00
Niklas Meyer
9fb346751c
Merge pull request #4724 from mnin/master
[Netfilter] Fix creating endless SNAT rules for ipv4
2022-10-06 12:18:23 +02:00
Niklas Meyer
8e0b1d8aee
Merge pull request #4703 from devops-ansible/master
Improve send-as behaviour
2022-09-27 15:39:53 +02:00
Peter
852bf750ca
Use utf8mb4 charset and utf8mb4_general_ci collation 2022-09-19 19:29:55 +02:00
FreddleSpl0it
8f6099e3e4 add & to smtp url 2022-09-08 11:02:52 +02:00
FreddleSpl0it
72e204f8fd fix sogo bugs after 2022-08 update 2022-09-08 10:32:07 +02:00
DerLinkman
575eab1cf0 Implemented Check if IPv6 is disabled 2022-08-24 12:26:14 +02:00
DerLinkman
7a23e4fd4e Fix for Sieve error (due to IPv6 Comp from SOGo) 2022-08-24 12:12:41 +02:00
Martin Wilhelmi
f34d3620b1
Remove trailing whitespaces 2022-08-22 22:16:01 +02:00
Martin Wilhelmi
70e99447f9
Fix adding same SNAT rule endless to the ipv4 POSTROUTING chain 2022-08-22 22:15:56 +02:00
Peter
0dcfac8f15
Update SOGo to 5.7.1 2022-08-18 19:06:54 +02:00
andryyy
ad8b7f0894 [Dovecot] Fixes broken sieve compiler in some rare cases when using replication 2022-08-18 15:08:00 +02:00
macwinnie
b985ba4f0e Improve send-as behaviour
Receiving mails for wildcard alias addresses is really easy – but
sending mails from those any-aliases was not possible at all unless
every sender address was added as an explicit alias to the database.

By this change in the database query for allowed sender addresses, the
first finding `not NULL` (see [`SELECT COALESCE`](https://www.w3schools.com/sql/func_sqlserver_coalesce.asp) for how it works)
– either an exact alias `mailbox@domain.tld` or the wildcard alias `@domain.tld`
will be allowed to send mails as the given address ... without the need
of explicit definition within the database.
2022-08-04 01:37:26 +02:00
Niklas Meyer
44a6f09a09 [CLAMAV] Update to 0.105.1 2022-07-29 14:08:26 +02:00
Niklas Meyer
536ab34955
Merge pull request #4634 from opsone-ch/staging 2022-07-05 12:55:10 +02:00
Markus Ritzmann
537a7908f1 Clamd: Fix Docker Healthcheck 2022-06-16 09:50:33 +02:00
DerLinkman
581be02e53 [Dovecot] Update to 2.3.19.1 2022-06-14 15:02:40 +02:00
Peter
2229f87d9b
Update base image to alpine 3.16 and updated some dependencies 2022-06-05 19:36:09 +02:00
Niklas Meyer
d360503443
Merge pull request #4609 from mailcow/unbound-alpine3.16
Unbound base image update
2022-06-05 19:20:15 +02:00
Niklas Meyer
838182a8b4
Merge pull request #4608 from mailcow/watchdog-alpine3.16
Watchdog base image update
2022-06-05 19:18:36 +02:00
Niklas Meyer
967cfedbb3
Merge pull request #4610 from mailcow/olefy-alpine3.16
Olefy base image update
2022-06-05 19:15:06 +02:00
Niklas Meyer
a36645a282
Merge pull request #4611 from mailcow/dockerapi-alpine3.16
Dockerapi base image update
2022-06-05 19:14:33 +02:00
Peter
cd1715ba52
Update base image to alpine 3.16 2022-06-05 19:06:03 +02:00
Peter
0bc2a16093
Update base image to alpine 3.16 2022-06-05 19:04:51 +02:00
Peter
a21b3cd606
Update base image to alpine 3.16 2022-06-05 19:03:37 +02:00
Peter
1c479684fc
Revert "Update base image to alpine 3.16"
This reverts commit c9dbc7c7b7.
2022-06-05 19:02:21 +02:00
Peter
c9dbc7c7b7
Update base image to alpine 3.16 2022-06-05 19:01:55 +02:00
Peter
c41dc9d8c0
Update base image to alpine 3.16 2022-06-05 19:01:06 +02:00
Peter
1db5841424
Update base image to alpine 3.16 2022-06-05 18:59:56 +02:00
Peter
d13be25f45
Update base image to alpine 3.16 2022-06-05 18:38:16 +02:00
Niklas Meyer
05b8609073 [Postfix] Update to 3.5.6 (Rebase to Debian 11) 2022-05-19 18:49:01 +02:00
DerLinkman
ee844c81d2 Changed Base Docker Image to 0.105.0_base 2022-05-08 18:33:29 +02:00
Niklas Meyer
936f07336c
[Netfilter] Exclude banning IPs when dovecot server not reacheble
The new docker tag for mailcow/netfilter is 1.47

Thanks to @dragoangel
2022-04-22 16:20:35 +02:00
Dmitriy Alekseev
6c5ab7800e
[Netfilter] Exclude banning IPs when dovecot server not reacheble 2022-04-13 13:01:58 +03:00
Kristian Feldsam
4e6c398c8c
[Clamd] fix whitelist (#4541)
Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
2022-04-08 21:39:35 +02:00
Kristian Feldsam
d4e829465b
[Dovecot] Disable imapsync job, when auth details are wrong. Fixes #4276 (#4540)
Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
2022-04-08 21:36:21 +02:00
Peter
fd7269d455
[ClamAV] Move to official ClamAV Docker container (#4525)
Since ClamAV starts to offer Docker containers this PR introduces said containers so we don't need to build the container on our own anymore. This was an easy task until v0.104, but then ClamAV changed its buildprocess to use cmake and with v0.105 it also needs the Rust toolchain -> https://docs.clamav.net/manual/Installing/Installing-from-source-Unix.html#ubuntu--debian

Here are the main changes for the new container

Creates clamd-db-vol-1 volume
Still uses the same config files
Downloads ClamAV databases in said volume
Smaller container footprint 13MB vs 150MB

---

* [ClamAV] Move to official ClamAV Docker container

* [ClamAV] Remove vim + nano

* [ClamAV] Use normal version in docker-compose
2022-03-28 11:07:47 +02:00
Niklas Meyer
c520f21d28
🐄 Moorch Update 2022 - ClamAV, Dovecot & Olefy Update (#4497)
* [API] Fix minor issue in api docs

* [GH-Actions][stale] Add neverstale label to exempt list

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag error handling

* [Web] add github version tag error handling

* Passwordless SOGo auth: support for calendar invitations and calendar/contacts subscriptions

Inviting someone to a calendar event triggers a request to /SOGo/so/otheruser@example.com/freebusy.ifb/ajaxRead. Subscribing to someone's calendar/contacts triggers a request to /SOGo/so/otheruser@example.com/foldersSearch. The email address in the URL is different from the logged-in user, which needs to be handled appropriately by sogo-auth.php.

* [Web] add github version tag - adjust css

* [Compose] Update SOGo Autoreply Schedule to 5m

Based on the advice of inverse (SOGo developer). Thanks to https://github.com/jmber

Closes: https://github.com/mailcow/mailcow-dockerized/issues/4436

* [Web] add github version tag - move twig globals

* [Web] add github version tag - missing </div>

* Passwordless SOGo auth: improvements for when accessing other users

* [WebAuthn] fido2 passwordless auth - fix (#4440)

* [WebAuthn] fido2 revert

* [WebAuthn] set UV flags to 'discouraged'

* [WebAuthn] revert - set UV flags to 'discouraged'

* Update clamav to 0.104.2

* Update clamav to 0.104.2

* Update dovecot to 2.3.18

Update gosu to 1.14
Use debian bullseye as base

* [Web] Updated lang.es.json [CI SKIP] (#4453)

Co-authored-by: Fijxu <fijxu@zzls.xyz>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

Co-authored-by: Fijxu <fijxu@zzls.xyz>

* Fix broken documentation links (#4458)

* Fix broken documentation links

* Fix a few more broken documentation links

* Fix broken documentation links in translation files

* Fall back to empty string if WATCHDOG_NOTIFY_EMAIL undefined (#4457)

By default, `.env` (`mailcow.conf`) does not define `WATCHDOG_NOTIFY_EMAIL`.

Using it in `docker-compose.yml` without having it defined leads to Compose v2 displaying this warning on startup:

> WARNING: The WATCHDOG_NOTIFY_EMAIL variable is not set. Defaulting to a blank string.

Related to https://github.com/mailcow/mailcow-dockerized/issues/4315

* [Web] Updated lang.sk.json [CI SKIP] (#4461)

Co-authored-by: Lukáš Matula <lukas@gbely.net>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

Co-authored-by: Lukáš Matula <lukas@gbely.net>

* oletools: disable template injection detection (#4464)

Seems to be causing a lot of false positives lately

* Fix minor typo in comment (#4466)

Correction of the comment, so that the explanation is correct and can be understood.

* Update issue templates to issue forms (#4465)

This PR updates the issue templates to GitHubs new issue forms

* [Web] Fix padding issue in UI admin panel (#4481)

* [Web] fix admin panel padding issue

* [Web] fix admin panel padding issue

* [Web] Updated lang.sk.json [CI SKIP] (#4489)

Co-authored-by: Lukáš Matula <lukas@gbely.net>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

Co-authored-by: Lukáš Matula <lukas@gbely.net>

* increase opcache.interned_strings_buffer to 16 (#4487)

since version 23.0.2 Nextcloud recommends having a value greater than 8 for `opcache.interned_strings_buffer`. As this memory will be only used when needed this should have no impact on installations that are not using nextcloud.

related discussion: https://help.nextcloud.com/t/nextcloud-23-02-opcache-interned-strings-buffer/134007/19
related nextcloud issue: https://github.com/nextcloud/server/issues/31223

* nextcloud - add missing redirections (#4366)

adds missing location directives to the nginx configuration of nextcloud 22, to prevent warnings in nextcloud admin center of missing redirections

* Update imapsync to 2.178 (#4491)

* Update and fix oletools (#4479)

As noticed by @MAGICCC (#4464 (comment)), our olefy image does not work anymore if you rebuild it. This is because @HeinleinSupport recently updated their repository with the changes from @decalage2's repository, which renamed olvba3 to olevba. Since @HeinleinSupport does not recommend using its own patched branch and is very slow in pulling in changes from upstream (@decalage2), let's switch to the latter. This also allowed me to revert #4464.

Finally, a minor patch to rspamd is necessary. While the documentation says

In the extended mode the oletools module will not trigger on specific categories, but will always set a threat string with all found flags when at least a macro was found.

This is not actually true -- it only sets it when suspicious or autoexec threats were detected. But it's a one-line patch to make rspamd behave as documented and we should submit that patch to @rspamd too. With this patch, I have confirmed that Mailcow will reject any incoming, non-whitelisted message containing attachments with macros.

* [Web] Fix excluded domain list in quaratine view

Previously excluded domains from quarantine were not shown.

* [Dovecot] Update syslogng Version to 3.28 (#4496)

Co-authored-by: Niklas Meyer <niklas.meyer@tinc.gmbh>

Co-authored-by: ntimo <git@nowitzki.me>
Co-authored-by: Peter <magic@kthx.at>
Co-authored-by: FreddleSpl0it <patschul@posteo.de>
Co-authored-by: FreddleSpl0it <75116288+FreddleSpl0it@users.noreply.github.com>
Co-authored-by: Michael Kuron <mkuron@users.noreply.github.com>
Co-authored-by: milkmaker <milkmaker@mailcow.de>
Co-authored-by: Fijxu <fijxu@zzls.xyz>
Co-authored-by: Slavi Pantaleev <slavi@devture.com>
Co-authored-by: Lukáš Matula <lukas@gbely.net>
Co-authored-by: Max <mail@heavygale.de>
Co-authored-by: Michael Cramer <michael@bigmichi1.de>
Co-authored-by: Robert Christian <soulsymphonies@users.noreply.github.com>
Co-authored-by: André <andre.peters@debinux.de>
Co-authored-by: Niklas Meyer <niklas.meyer@tinc.gmbh>
2022-03-02 16:32:17 +01:00
Michael Gerdemann
b1314bd9a3
[dovecot] Fix delayed quarantine notification (#4470)
Fixes: #4469
2022-03-02 11:17:08 +01:00
Niklas Meyer
fac8d9d28a
[Netfilter] Update to Alpine 3.15 + GeoIP Fix
Added xtables-addon to netfilter container to handle iptables rules with geoip
**Commited by: @marcvorwerk**
2022-01-21 09:22:25 +01:00
Niklas Meyer
9c7faa9fe8
[Netfilter] Update to Alpine 3.15 2022-01-20 10:11:39 +01:00
Niklas Meyer
8f89968421
[SOGo] Update SOGo to 5.5.0 + syslog Version Update (in Config)
This PR is updating SOGo to the new 5.5.0 Release (https://github.com/inverse-inc/sogo/releases/tag/SOGo-5.5.0) <-- Available in master.

It also includes the nsyslog Update to 3.28 (since the new SOGo builds are using a newer version), which fix a warning message inside the sogo container that the nsyslog version is outdated and can be upgraded to 3.28

This new release will have the Docker Image Tag: mailcow/sogo:1.106
2022-01-20 10:04:01 +01:00
Niklas Meyer
d4fe4a7f87
[Watchdog] Update to Alpine 3.15 2022-01-19 16:43:27 +01:00
Niklas Meyer
a195e6e121
[SOGo] Update syslog-ng-redis_slave Version to 3.28 2022-01-19 10:31:34 +01:00
Niklas Meyer
a5e84b483a
[SOGo] Update syslog-ng Version to 3.28 2022-01-19 10:30:57 +01:00
Niklas Meyer
9f8a16b8c1
[Olefy] Use local olefy.py (instead of Github)
This is temporarily until the issue fix is merged into master.
2022-01-18 20:55:44 +01:00
Niklas Meyer
cbb64e316e
[Olefy] Add local Olefy.py
Temporarily fix for https://github.com/HeinleinSupport/olefy/pull/14
2022-01-18 20:53:03 +01:00
Niklas Meyer
c08e520a75
[Olefy] Update to Alpine 3.15 2022-01-18 20:51:49 +01:00
Niklas Meyer
6fcb52bcc6
[Config (Clamd)] Update SSL Path to new style (dynamic)
Thanks to @mkuron this fix will change the ssl path to be dynamic (not hardcoded) to ensure that acme is still working with Alpine 3.15 or higher.

This PR is included in the Docker tag: mailcow/acme:1.81 (including the Alpine 3.15 update)
2022-01-18 16:48:50 +01:00
Niklas Meyer
1e6f927ac5
[Config (Clamd)] Update SSL Path to new style (dynamic) 2022-01-18 16:44:48 +01:00