Commit Graph

560 Commits

Author SHA1 Message Date
André
2da228a21e [Watchdog] Remove some check_ping checks
[Watchdog] Add ClamAV check (if SKIP_CLAMD=n)
[Watchdog] Add Unbound check
[Watchdog] Do not use Docker API by default to determine IP of containers (see "IP_BY_DOCKER_API")
[Watchdog] Minor changes
2018-10-14 00:21:31 +02:00
André
a9eddae686 [ACME] Do not add alias domains to auto* domains 2018-10-14 00:19:14 +02:00
André
5705044af0 [ClamAV] Update to 0.100.2 2018-10-14 00:18:21 +02:00
Tobias "Knight" S
7114999c75
remove duplicated import time 2018-10-13 23:30:24 +02:00
André
93917f8385 [Unbound] Upgrade to Alpine 3.8, fixes #1882 2018-10-13 10:12:01 +02:00
André
23e6e52f4f [Postfix] Proper permissions for sql config files
[Dovecot] Proper permissions for sql config files
2018-10-12 10:57:00 +02:00
André
aa39be7ea6 [SOGo] Use mysqladmin status instead of ping to determine readiness
[PHP-FPM] Use mysqladmin status instead of ping to determine readiness
[PHP-FPM] Init database in entrypoint
[PHP-FPM] Change API credential injection
[Dovecot] Use mysqladmin status instead of ping to determine readiness
2018-10-11 11:53:22 +02:00
André
ce135bb773 [ACME] Log acme-client output base64 encoded, use mysqladmin status instead of ping to determine readiness 2018-10-11 11:51:13 +02:00
André
ad63552951 [Dovecot] Check file size of mail crypt key pair, fixes #1859
[Compose] New Dovecot image
2018-10-07 15:10:17 +02:00
André
9f52cd9456 [Docker API] Fix sieve list for users, fixes #1849 2018-10-06 22:09:23 +02:00
André
c6aa3610f0 [Postfix] Enable/create smtp_tls_policy_maps 2018-10-04 14:34:53 +02:00
André
cf28727376 [Dovecot] Add timeouts to sa-rules script, remove with -f flag to return 0 2018-10-03 23:27:31 +02:00
André
d8148bef79 [Docker API] Do not print warning when maildr does not exist 2018-10-03 11:27:52 +02:00
André
2af2f7836d [Dovecot] Remove fixed uid and gid 2018-10-02 10:31:22 +02:00
André
62b27aeacb [Dovecot] Check garbage hourly
[Dovecot] Update SA rules once when container starts
2018-10-02 09:34:21 +02:00
André
ca1e950c61 [Dovecot] Do not query gid and uid 2018-10-02 09:13:33 +02:00
André
d7ca5579dc [Rspamd] Ignore custom files, but keep bad asn map 2018-09-30 18:55:35 +02:00
André
cdca603ff5 [Unbound] Fix logging, fixes #585
[Rspamd] Fix permissions of controller password file
[Unbound] Enable unbound-control
2018-09-30 14:43:18 +02:00
André
4396be2938 [Rspamd] Place socket in _rspamd home and fix permissions
[Compose] Remove volume for Rspamd socket
[Web] Do not exit loop on fuzzy errors when learning a message as spam
2018-09-30 09:53:25 +02:00
André
0fb43f4916 [Docker API] Use TLS encryption for communication with "on-the-fly" created key paris (non-exposed)
[Docker API] Create pipe to pass Rspamd UI worker password
[Dovecot] Pull Spamassassin ruleset to be read by Rspamd (MANY THANKS to Peer Heinlein!)
[Dovecot] Garbage collector for deleted maildirs (set keep time via MAILDIR_GC_TIME which defaults to 1440 minutes)
[Web] Flush memcached after mailbox item changes, fixes #1808
[Web] Fix duplicate IDs, fixes #1792
[Compose] Use SQL sockets
[PHP-FPM] Update APCu and Redis libs
[Dovecot] Encrypt maildir with global key pair in crypt-vol-1 (BACKUP!), also fixes #1791
[Web] Fix deletion of spam aliases
[Helper] Add "crypt" to backup script
[Helper] Override file for external SQL socket (not supported!)
[Compose] New images for Rspamd, PHP-FPM, SOGo, Dovecot, Docker API, Watchdog, ACME, Postfix
2018-09-29 22:01:23 +02:00
André
96c985abad [Rspamd] Move settings file to RSPAMD_CONF root, delete old lua scripts 2018-09-26 13:23:05 +02:00
André
29aeb5b85d [Watchdog] Fix SOGo check, fixes #1750 2018-09-09 21:52:48 +02:00
André
c8a1cbd25a Merge branch 'temp-master' 2018-09-09 21:21:43 +02:00
André
c9554ca022 [Compose] Update watchdog image
[Watchdog] Fix IP detection with multiple networks
[Web] Show API field (no docs, no support, wip)
[Web] haveibeenpwned.com implementation
[Web] User and domain admin ACL (no docs, no support, wip)
[Web] Some minor fixes
2018-09-09 21:18:38 +02:00
André
ad902f0ad8 [SOGo] Remove HTTP server on port 9192 2018-09-09 09:48:11 +02:00
André
8a88514dfd [SOGo] Declare /usr/lib/GNUstep/SOGo as volume
[Nginx] Mount vols from sogo-mailcow to access /usr/lib/GNUstep/SOGo
2018-09-07 16:40:37 +02:00
sriccio
5e56a46c84 [dovecot] Enhancement to allow to use auth_default_realm
When using auth_default_realm in dovecot configuration to setup a default domain name (to allow users to login with only a username instead of the full e-mail address), it breaks the compatibility with imapsync and sogo/sieve vacation.

Adding a domain name to dovecot master user/pass fixes this.

This never made it do the master branch, so I'm trying a PR again :)

See: https://github.com/mailcow/mailcow-dockerized/pull/1331#issuecomment-386534307
2018-08-28 17:14:05 +02:00
André
66ee11c03d [SOGo] Disable display of ACL "any/authenticated" by default
[Dovecot] Disable "any" ACL by default
[SOGo] Might fix theme switching (yes, again)
2018-08-17 21:42:31 +02:00
André
6bd818ceec [ACME] Remove third-party IP tools 2018-08-06 15:15:24 +02:00
André
ff0b9246b5 [ClamAV] Add whitelist file for ClamAV, fixes #1607
[ACME] Test for CAA before running script, fixes #1632
2018-08-05 22:35:20 +02:00
André
9dd17d4609 [SOGo] Change color codes in correct files 2018-08-04 09:23:45 +02:00
André
bf9a180c00 [SOGo] Fix theme switching (99% sure we did it this time, guys) 2018-08-03 20:27:58 +02:00
André
e678292447 [Dovecot] Trim autodiscover logs 2018-08-02 12:19:58 +02:00
André
39b0fc515f [SOGo] Syslog-ng: Do not trim after each push to Redis 2018-08-02 12:17:21 +02:00
André
85f83b1b71 [Rspamd] v1.7.9 (removed explicit ratelimit.lua) 2018-08-02 12:16:55 +02:00
André
f5fb7f6da5 [Watchdog] Do not trim after each push to Redis 2018-08-02 12:16:05 +02:00
André
f8f87d4744 [ACME] Do not trim after each push to Redis 2018-08-02 12:15:41 +02:00
André
bdf7632757 [Postfix] Add '*' as send_as to sender_acl map
[Postfix] Syslog-ng: Do not trim after each push to Redis
2018-08-02 12:15:04 +02:00
André
04b43d0a3b [Dovecot] Add new imapsync + dependencies
[Dovecot] Syslog-ng: Do not trim after each push to Redis
[Dovecot] Add new cronjob to trim all Redis logs every minute (will be moved in the future)
2018-08-02 12:14:13 +02:00
André
15b80760b2 [Postfix] Add scripts to learn from spam/ham traps
[Dovecot] Learn fuzzy when moving mails from/to junk
2018-07-29 00:36:08 +02:00
André
ff463168d1 [SOGo] Override theme-default.css to prevent theme switching, delete theme-green until fixed 2018-07-28 14:26:02 +02:00
André
1115b826f9 [Dovecot] Various fixes for imapsync_cron, new imapsync version 2018-07-27 22:19:14 +02:00
André
5cc09055a7 [SOGo] Another try to fix theme switching on login screen 2018-07-27 22:16:18 +02:00
André
ef8c79c0e5 [Postfix] Fix alias for spam and ham addresses 2018-07-25 01:21:22 +02:00
André
63ce1ba2d6 [Postfix] Create ham/spam mailboxes @ localhost 2018-07-25 01:05:51 +02:00
André
240eb3abce [Netfilter] Wait for Redis instead of exiting with an exception 2018-07-24 23:30:18 +02:00
André
6cba85eb07 [Postfix] Add tzdata to Postfix 2018-07-17 00:29:07 +02:00
André
b45b9bc5cf [SOGo] Override more theme options to prevent occasional theme switching on login 2018-07-15 16:34:25 +02:00
André
853b924fe1 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2018-07-15 11:56:26 +02:00
André
c372b01909 [Rspamd] Use old ratelimit LUA until custom rl is fixed
[Web] Updated settings preset: Ratelimit was NOT applied when preset for settings map was used (added "RATELIMIT_UPDATE", "RATELIMIT_CHECK" to symbols_enabled)
[Rspamd] v1.7.8
2018-07-13 11:40:37 +02:00
André
e9f60bf06c [SOGo] Missing ) ... 2018-07-12 14:19:06 +02:00
André
e06c3e87ee [SOGo] Refresh sogo static view on start 2018-07-12 14:08:00 +02:00
André
8a9ce0a57c [SOGo] Refresh sogo static view on start 2018-07-12 14:04:31 +02:00
André
d9df322eda [Dovecot] Remove additional hash scheme and let Dovecot decide the hash by prefix 2018-07-12 00:46:17 +02:00
André
2aef18d130 [Dovecot] Remove user queries from passdb + add a second passdb for additional algorithms + create userdb without password queries 2018-07-12 00:23:12 +02:00
André
a4e96a3fe3 [ClamAV] v0.100.1 + rebase on Alpine 3.8 2018-07-12 00:21:46 +02:00
André
cfb0d3b62c [SOGo] Create a sogo_update_password trigger in SQL
[SOGo] prependPasswordScheme=YES in user sources
[SOGo] Use new "static view" as viewURL for much faster table lookups on large systems
2018-07-11 22:08:02 +02:00
André
22cecc3f85 [Postfix] Use Bionic as base image (Postfix 3.3) and replace python-gpgme by python-gpg
[Postfix] Fix syslog-ng config version
2018-07-11 20:01:03 +02:00
André
1e59816665 [Netfilter] Prevent crashes by locking threads
[Netfilter] SNAT6
2018-07-11 19:59:10 +02:00
André
055183257d [Dovecot] v2.3.2.1 + remove some dev packages 2018-07-11 19:07:26 +02:00
André
f8283536ec [Netfilter] Fix chain order watching and other fixes
[Web] Fix perm ban display
2018-07-09 22:23:39 +02:00
André
a72a3734d6 [SOGo, Compose] Add cow to logo... + new SOGo image 2018-07-06 12:10:22 +02:00
André
7b69549881 [SOGo] Fix theme-blue.js contrast and flipping colors on login screen, fixes #1528 2018-07-06 11:54:12 +02:00
André
e352604a9b [Compose, PHP-FPM] Fix script in new image 2018-07-04 11:41:43 +02:00
André
26807823b4 [Netfilter] python-tipbles 0.13.0 plus missing vars for 0.13.0 2018-07-03 23:25:31 +02:00
André
3b5df979e9 [Dovecot, Compose] New Dovecot image, upgrade to 2.3.2 (0.5.2 PH), fixes various bugs including replication over TCP 2018-07-02 10:35:04 +02:00
André
17d3a24d89 [Netfilter] Fix table refresh and rule injection in snat loop 2018-06-29 11:25:26 +02:00
André
73a566b25a [ACME] Fix for multiple additional SAN 2018-06-29 09:35:48 +02:00
André
d6a74e82e3 [ACME] Fix for CNAME response on AAAA dig request 2018-06-28 20:41:44 +02:00
André
a1a6574964 [PHP-FPM] Add tzdata, update APCu and Redis extensions, update PHP to new minor 2018-06-27 22:51:17 +02:00
André
729bba5b57 [ACME, Compose] Add new image; fix AAAA check for ADDITIONAL_SAN 2018-06-27 12:09:51 +02:00
André
8adf3d27db [ACME, Compose] Add new image; fix AAAA check for MAILCOW_HOSTNAME 2018-06-26 23:35:17 +02:00
André
f88a72eedd [ACME] Validate AAAA, if any, before A - fail on AAAA mismatch (LE prioritization) 2018-06-26 23:10:24 +02:00
André
071024db4c Fix indentation 2018-06-26 07:49:14 +02:00
André
aa6a136c1f [Dockerapi, Dovecot] Fix missing active user filter 2018-06-20 07:25:10 +02:00
André
27d3388579 [Rspamd] Remove antivirus debugging 2018-06-10 14:30:30 +02:00
André
6ded3dbd95 [API] Allow to set API options in mailcow.conf, fixes #1457 2018-06-08 09:11:03 +02:00
André
4a403e9323 [Dovecot] Imapsync: Set is_running = 0 on restart 2018-06-03 19:22:44 +02:00
André
37e6c50a9b [Watchdog] Add missing package for IPv6 with smtp-cli, fixes #1430 2018-05-27 21:40:53 +02:00
André
a38424d3ad [Watchdog] Find exact matches for service names, shuffle scaled services, check if ip is in mailcow network 2018-05-26 22:19:17 +02:00
André
b26aa04a9b [Dovecot] Imapsync: Increase timeout1 value 2018-05-24 17:34:43 +02:00
André
74008735ca [SOGo] Always show GAL contacts 2018-05-06 14:33:20 +02:00
André
9e53ed4daf [Watchdog] Update to new image with smtp-cli 3.9 2018-05-06 09:15:35 +02:00
eXtremeSHOK
8a9319c3f0
Update smtp-cli to v3.9
https://github.com/mludvig/smtp-cli/tree/v3.9
2018-05-06 03:43:59 +02:00
André
d14e6c184b [ClamAV] Modify /dev/console to fit permissions 2018-05-02 21:08:40 +02:00
André
27fc98d12e [Netfilter] Use Alpine 3.6 2018-04-27 21:55:25 +02:00
André
435fee2bc9 [Compose] Update PHP-FPM image 2018-04-26 22:04:59 +02:00
André
30cea1da9a [SOGo] Increase workers count to 20
[Postfix] Add extended TLS header
[Web] Increase timeout to 10 for docker API connections
[Postfix] Add perl package
2018-04-26 14:08:45 +02:00
André
7181ee4658 [Rspamd] Apply ratelimit against authenticated user instead of envelope from
[PHP-FPM] Create PHP-FPM listeners 9001 (system) and 9002 (web), drop 9000
[Rspamd] Parse quarantine messages as utf8
[Rspamd] Use new schema for Rspamd bayes hashes and expire them in Redis
[SOGo] Change default logo
[SOGo] Use different keyserver by default in Dockerfile
[Rspamd] Add bad ASN list (disabled by default)
[Watchdog] Change the way we check PHP-FPM, change SOGo check
[Nginx] Change ports according to new PHP-FPM listeners
[Update] Fix PHP-FPM ports for existing non-mailcow Nginx sites
2018-04-26 13:56:07 +02:00
André
f53006f6ab [Dovecot] Dovecot 2.3.1, Pigeonhole 0.5.1
[ClamAV] 0.100.0, new log method without pipes
[Compose] New images for Dovecot and ClamAV, add persistent tty to clamd-mailcow
2018-04-26 12:36:13 +02:00
André
05e026db3a [Netfilter] New ban method, allow to set blacklists 2018-04-25 10:54:13 +02:00
André
7031af4cc8 [Compose] New dockerapi-mailcow image
[Docker API] Fix for rspamd-mailcow rspamadm pw command
2018-04-19 12:56:49 +02:00
André Peters
d2e11df0d4
[SOGo] Wait for view to be created
Creating sogo_view can fail when run before init_db.
2018-03-03 23:20:41 +01:00
André Peters
e3b542e73a Merge branch 'dev' of https://github.com/mailcow/mailcow-dockerized into dev 2018-02-28 17:36:02 +01:00
André Peters
b175125d02
Merge branch 'dev' into master 2018-02-28 15:38:56 +01:00
André Peters
b6137cca2a
[ACME] Do not delete private key
...when reg key is invalid.
2018-02-28 11:13:17 +01:00
André Peters
a27f34d9df [SOGo] Add v4 repo, new logo 2018-02-27 20:55:41 +01:00
André Peters
bf5b6732cf [Dovecot] Fix passdb query 2018-02-27 20:55:12 +01:00
André Peters
6a01411460 [Dovecot] Fix imapsync 2018-02-27 15:12:21 +01:00
André Peters
0553dc5959 [Postfix] Fix query 2018-02-27 15:02:31 +01:00
André Peters
55cd58f14c
Update imapsync_cron.pl 2018-02-27 15:00:27 +01:00
Lucky88888
48c85d08f2
fix maxbytespersecond issue
Fixed $maxbytespersecond configurable option. This was still not working because it took the DB value of maxage. 
"First GitHub update for me, so please tell if I should have something different. ;) "
2018-02-26 15:26:17 +00:00
André Peters
3829135d93 [ClamAV] Add directory to make bootstrap not complain about missing directories 2018-02-26 09:19:14 +01:00
André Peters
944b91a4b8 [Dockerapi] Add du command, push version 2018-02-22 09:21:37 +01:00
André Peters
bbbe52f560 [SOGo] Add blue (default) and red theme 2018-02-22 09:20:46 +01:00
André Peters
ff3328ea8c [SOGo] Use indigo theme, copy logo and theme.js to image 2018-02-19 12:56:45 +01:00
André Peters
39f289fc3c [Web, Dovecot, Postfix] Fix JSON attribute for login 2018-02-19 10:17:29 +01:00
André Peters
fc53a69a44 [Helper] Nextcloud 13; Additional header for Nextcloud site
[PHP-FPM] Build gd with TTF support
2018-02-18 20:59:32 +01:00
André Peters
ab720bf164 [Web, Postfix] Move TLS policy to mailbox attributes 2018-02-17 11:12:16 +01:00
André Peters
2bdc3f94c0 [Web] Database schema test 2018-02-17 09:50:58 +01:00
André Peters
31a9bb446c [Netfilter] Fixes a f2boptions not defined error 2018-02-17 08:51:41 +01:00
André Peters
1f09544f32 Fix conflict 2018-02-16 22:44:02 +01:00
André Peters
2865c892a6 [Multi] Fixes #1058 by including a 'force password update' option and also introduces a attributes json object to be used for further mailbox configurations in the future 2018-02-16 22:40:51 +01:00
eXtremeSHOK
8eb05d1450
Fix for large Mailboxes to avoid timeouts 2
Missing ' (sorry my editor keeps correcting the '" to " )
2018-02-14 14:02:56 +02:00
eXtremeSHOK
a37a8e3b2a
Fix for large Mailboxes to avoid timeouts
** I agree to the code of conduct and the contributory guidelines **

Tested with 80+GB single inbox via imap

``` --nofoldersizes --skipsize --fast ``` file and folder sizes are only used for statistics, which are completely useless. Before the actual data is transfered the message and folder sizes need to be calculated on a 200 000+ message inbox, this will almost never complete.

``` --buffersize 8192000 ``` sets the io buffer to 8mb, the default buffer is 4kbyte, this is speeds up syncs.

```  --skipheader 'X-*' ``` X headers vary wildly from system to system and do not ensure message uniqueness, they are not needed.

```  --split1 3000 --split2 3000 ```    split the requests in several parts on the server, 3000 is the number of messages handled per request.

``` --fastio1 --fastio2 ``` use fastio
2018-02-14 13:27:30 +02:00
Phoenix Eve Aspacio
42868b1710
Merge pull request #1037 from klausenbusk/empty
Remove "empty" folders
2018-02-14 08:15:13 +08:00
Kristian Klausen
a0cdc1e4ff Remove "empty" folders
There seems to be no reason for this empty folders.
2018-02-13 23:45:49 +01:00
André Peters
66a3df16ed [Netfilter] Fixes empty f2b options 2018-02-09 10:32:12 +01:00
André Peters
83094a773e [Watchdog] Use socket to pipe to Rspamd 2018-02-08 22:57:29 +01:00
André Peters
004d262e41 [Rspamd] Create missing password include as placeholder 2018-02-08 22:57:17 +01:00
André Peters
ac4982d706 [Dovecot] Use socket to pipe to Rspamd 2018-02-08 22:56:43 +01:00
André Peters
a2ca550aa0 [Dovecot] Use socket instead of worker IP 2018-02-08 22:29:43 +01:00
André Peters
e3854a8037 [Dockerapi] Fixes recent chang in exec_run return 2018-02-08 22:29:06 +01:00
root
fae542534d Merge remote-tracking branch 'origin/master' into dev 2018-02-08 19:54:14 +01:00
Joshua Hesketh
2fc13bdfbe Fix imapsync for large mailboxes
Where there is a lot of folders in a mailbox the output may be larger
than TEXT will allow (64KiB). Instead use MEDIUMTEXT (16MiB) which
should be ample.

Additionally check that a sync isn't already running before starting
a new one.

Fixes: #1011
2018-02-08 15:24:04 +11:00
andre.peters
cf1e46723a [Dovecot] Fixes CVE-2017-15132 - take 2 2018-02-01 23:37:10 +01:00
andre.peters
3f9e0a8023 [Dovecot] Fixes CVE-2017-15132 - take 2 2018-02-01 23:36:06 +01:00
andre.peters
ae4ccd4d17 [Dovecot] Fixes CVE-2017-15132 - take 2 2018-02-01 23:35:55 +01:00
andre.peters
6ebcd00521 [Dovecot] Fixes CVE-2017-15132 2018-02-01 22:43:28 +01:00
andre.peters
c5f9b065f6 [Dovecot] Fixes CVE-2017-15132 2018-02-01 22:27:48 +01:00
andre.peters
a0d9efba00 [PHP-FPM] Remove old migration scripts 2018-02-01 13:40:59 +01:00
andre.peters
f4ae354c0c [SOGo] Do not try to use foreign mailboxes as alias 2018-02-01 13:40:13 +01:00
andre.peters
38a819771b [Netfilter] Rename fail2ban to netfilter, use iptables-python 2018-02-01 13:39:27 +01:00
andre.peters
0773448b35 [Dockerapi] Fix jsonify output 2018-02-01 13:38:42 +01:00
André Peters
912ba9b4ff
Fixes #979 2018-01-29 14:42:51 +01:00
Michael Kuron
c30448c4d8 Merge branch 'master' of https://github.com/andryyy/mailcow-dockerized into recipient_map
Conflicts:
	data/web/inc/init_db.inc.php
2018-01-27 17:22:08 +01:00
andre.peters
7433b6dc91 [ClamAV] Build from source, fix bugs...
[Compose] New clamd-mailcow image
2018-01-27 10:26:12 +01:00
andre.peters
04f9d74339 [Web, Dovecot] Add new options to imapsync, other minor changes to forms, partly fixes #955 2018-01-24 12:59:11 +01:00
andre.peters
1aaa5682b4 [Fail2ban] Allow to set subnet size for banned networks 2018-01-24 09:11:33 +01:00
andre.peters
f2f4dabce4 [Postfix] postconf wrapper for correct config location, fixes #949 2018-01-24 09:10:43 +01:00
andre.peters
46aafff627 [ClamAV] Outsource config 2018-01-24 08:40:13 +01:00
Michael Kuron
e86565e283 Expose Postfix's recipient_canonical_maps through web UI 2018-01-23 20:02:31 +01:00
andre.peters
a7a7b3f3fd [Postfix] Use name instead of IP 2018-01-21 15:01:51 +01:00
andre.peters
d24bb16947 [Watchdog] Check PHP-FPM port 9000 and 9001 2018-01-21 15:01:35 +01:00
andre.peters
737c41379f [PHP-FPM] Move opcache config to local config file, define new PECL versions 2018-01-21 15:01:02 +01:00
andre.peters
83a21259f7 [Rspamd] Use names instead of IPs 2018-01-21 15:00:05 +01:00
andre.peters
08c8976a95 [SOGo] Show shared aliases and "allow to send as" addresses as FROM fields in SOGo 2018-01-21 14:58:16 +01:00
andre.peters
8419266678 [Web] Important fixes for quarantaine; other minor changes 2018-01-17 15:23:33 +01:00
andre.peters
09b6c20bad [DockerAPI] Hide stderr from rspamadm output 2018-01-14 18:44:06 +01:00
andre.peters
5d5d36fc60 [Dovecot] Revert to 2.2 to fix various errors 2018-01-14 10:44:06 +01:00