Gnous/mailcow
2
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity
7,092 Commits 2 Branches 0 Tags 47 MiB
65fb4c2aa8
Commit Graph

1126 Commits

Author SHA1 Message Date
FreddleSpl0it
9542698e95
Merge remote-tracking branch 'origin/staging' into nightly 2024-11-12 15:10:03 +01:00
milkmaker
8b2f71f97e
update postscreen_access.cidr (#6129) 2024-11-05 16:20:57 +01:00
Niklas Meyer
b106945c73
Feat/rspamd 3.10.2 (#6122) 
* rspamd: update to 3.10.2

* rspamd: fix broken archive_extension gz
 2024-10-21 16:03:51 +02:00
Niklas Meyer
ee2791d93a
rspamd: update to 3.10.1 (#6115) 
* rspamd: upgrade to 3.10.1

* rspamd: adapt 30s task timeout per default now
 2024-10-18 15:50:45 +02:00
Patrik Kernstock
fce93609dd
Update mime_types.conf configuration (#6013) 
In the last months and years, the default `mime_types.conf` of rspamd has changed and it might be also useful to make some adjustments to the weight of certain file extensions.

This PR is removing all file extensions from `mime_types.conf` which are already in rspamd's default configuration at [rspamd/src/plugins/lua/mime_types.lua](https://github.com/rspamd/rspamd/blob/master/src/plugins/lua/mime_types.lua). If file extension is not present or has a different score compared to rspamd default, it is still in the list.

There are also a few major differences to certain file extensions, which might be useful to discuss and carefully adjust. For example, `.exe` files are rated very 'badly' due to high chance of being malicious, so are other extensions like `bat`, `cmd`, etc.

Current suggestion:
```lua
# Extensions that are treated as 'bad'
# Number is score multiply factor
bad_extensions = {
  apk = 4,
  appx = 4,
  appxbundle = 4,
  bat = 8,
  cab = 20,
  cmd = 8,
  com = 20,
  diagcfg = 4,
  diagpack = 4,
  dmg = 8,
  ex = 20,
  ex_ = 20,
  exe = 20,
  img = 4,
  jar = 8,
  jnlp = 8,
  js = 8,
  jse = 8,
  lnk = 20,
  mjs = 8,
  msi = 4,
  msix = 4,
  msixbundle = 4,
  ps1 = 8,
  scr = 20,
  sct = 20,
  vb = 20,
  vbe = 20,
  vbs = 20,
  vhd = 4,
  py = 4,
  reg = 8,
  scf = 8,
  vhdx = 4,
};

# Extensions that are particularly penalized for archives
bad_archive_extensions = {
  pptx = 0.5,
  docx = 0.5,
  xlsx = 0.5,
  pdf = 1.0,
  jar = 12,
  jnlp = 12,
  bat = 12,
  cmd = 12,
};

# Used to detect another archive in archive
archive_extensions = {
  tar = 1,
  ['tar.gz'] = 1,
};
```

**As a important reminder**: For all remaining and additional file extensions and score weights, please check above default rspamd configuration!
 2024-10-17 09:11:55 +02:00
Niklas Meyer
c53bf85480
postfix: add X-Original-To header per default (#6110) 2024-10-16 10:35:39 +02:00
milkmaker
1538fda71c
update postscreen_access.cidr (#6093) 2024-10-15 10:34:39 +02:00
FreddleSpl0it
0d2046baeb
Merge branch 'staging' into nightly 2024-09-05 14:53:37 +02:00
FreddleSpl0it
b307e0a0d5
[PHP-FPM] Add missing space in log message 2024-09-02 09:57:33 +02:00
milkmaker
af0c61b90a update postscreen_access.cidr 2024-09-01 00:19:09 +00:00
FreddleSpl0it
ef238e5332
[LDAP] skip sync user if username_field in LDAP is empty 2024-08-28 11:28:37 +02:00
Niklas Meyer
ffcd242048
Merge pull request #6027 from mailcow/staging 
Automatic PR to nightly from 2024-08-19T12:28:50Z
 2024-08-20 13:41:54 +02:00
Délano
567ebbc324
Pushover/Quarantine utf 8 fix - fixes #6028 (#6031) 
* Decode rspamd-subject for pushover notifications

Fixes #6028

* Apply iconv_mime_decode to the quarantine function as well
This might contain utf-8 encoded text as well

* Moved the iconv_mime_decode "fix" back to pipe.php
 2024-08-20 13:39:20 +02:00
DerLinkman
3396e1b427
Merge branch 'staging' into nightly 2024-08-13 16:03:30 +02:00
Dmitriy Alekseev
8753ea2be6
[Rspamd] Fix bayes config (#6000) 
* [Rspamd] Fix bayes config

Add hint about classifier name, and add missing learn_condition

* Update statistic.conf
 2024-08-12 10:05:08 +02:00
DerLinkman
772d5c51fd
Merge branch 'staging' into nightly 2024-08-07 14:21:23 +02:00
DerLinkman
b6c036496d
rspamd: fixed dqs rbl insertion handling 2024-08-07 14:00:04 +02:00
DerLinkman
4b400eadb1
rspamd: Added DQS RBLs when key is set 2024-08-07 13:59:26 +02:00
Niklas Meyer
68616c2d57
Merge pull request #5972 from rallisf1/dovecot-folders-greek 
Greek names of dovecot folders
 2024-08-06 12:28:23 +02:00
FreddleSpl0it
9b86ff764e
Merge pull request #5975 from mailcow/staging 
Automatic PR to nightly from 2024-08-01T03:13:55Z
 2024-08-01 11:07:55 +02:00
milkmaker
ff34eb12e2 update postscreen_access.cidr 2024-08-01 00:16:46 +00:00
FreddleSpl0it
57bc03b878
Merge remote-tracking branch 'origin/staging' into nightly 2024-07-31 10:35:44 +02:00
John Rallis
e426c3a7e7
Greek names of dovecot folders 
Names taken from MSO 2016
 2024-07-29 16:46:03 +03:00
Dmitriy Alekseev
7f7a869678
Do not add MAILCOW_WHITE on failed DMARC 2024-07-28 13:19:03 +02:00
DerLinkman
73257151c4
postfix: remove forced helo restrictions from master.cf 2024-07-24 15:29:28 +02:00
milkmaker
8e2d3a6db5 update postscreen_access.cidr 2024-07-01 00:16:56 +00:00
Niklas Meyer
cf6594220c
dovecot: add Flatcurve FTS Engine as EXPERIMENTAL (#5920) 
* dovecot: experimental added flatcurve backend + switch

* dovecot: bump docker image
 2024-06-26 11:28:18 +02:00
Niklas Meyer
2cf952eb36
[Postfix] Upgrade to Deb12 + PF to 3.7.10 & Drop TLS 1.0/1.1 per default (#5635) 
* postfix: removed TLS1.0/1.1 support (natively)

* postfix: upgrade to deb12 + pf to 3.7.9

* compose: increased postfix tag

* postfix: shortened TLS syntax with new format of 3.6+
 2024-06-26 10:44:07 +02:00
Daniel
38b0641742
Remove unnecessary log lines in Postfix's log (#5817) 
* Update main.cf

In order to avoid unnecessary log lines, changed:

smtpd_discard_ehlo_keywords = chunking
to this one:

# The non-logging alternative:
smtpd_discard_ehlo_keywords = chunking, silent-discard

Update main.cf to remove unnecessary log lines in Postfix log
 2024-06-10 14:51:55 +02:00
Niklas Meyer
18d7a55b15
Merge pull request #5901 from mailcow:sorbs 
Remove discontinued SORBS DNSBL
 2024-06-10 12:18:43 +02:00
Michael Kuron
9ca2fb7ccf Remove discontinued SORBS DNSBL 2024-06-08 12:29:08 +02:00
milkmaker
11e9a77840 update postscreen_access.cidr 2024-06-01 00:15:03 +00:00
Patrick Schult
17d797cee4
Merge pull request #5751 from mailcow/fix/rspamd-rewrite-ct 
[Rspamd] milter update Content-Type and Content-Transfer-Encoding header
 2024-04-03 10:49:21 +02:00
Patrick Schult
75550eeea3
Merge pull request #5812 from mailcow/limit-local-addrs 
[Rspamd] Set local_addrs lo mailcow networks
 2024-04-03 10:48:46 +02:00
milkmaker
237a25e6b0
update postscreen_access.cidr (#5811) 2024-04-02 02:20:31 +02:00
Dmitriy Alekseev
26be1cb602
Set local_addrs in Rspamd 2024-04-01 11:28:06 +03:00
milkmaker
e0eb3a4f13 update postscreen_access.cidr 2024-03-01 00:14:54 +00:00
DerLinkman
d7430bf516
sogo: add new options to sogo.conf for update 5.10.0 2024-02-26 17:17:34 +01:00
FreddleSpl0it
39a4b115ed
[SOGo] fix plist_ldap.sh example 2024-02-26 13:14:08 +01:00
FreddleSpl0it
881c2d6e02
[SOGo] remove custom logout from toolbar 2024-02-26 13:13:50 +01:00
FreddleSpl0it
d237157c0b
init identity_provider only after all conditions are met 2024-02-26 13:12:44 +01:00
FreddleSpl0it
6928eb632e
[Dovecot] move sogo sso to mailcowauth.php 2024-02-26 13:10:08 +01:00
FreddleSpl0it
010d898786
[Web] apply LDAP filter 2024-02-23 10:01:56 +01:00
FreddleSpl0it
766c270b1f
[SOGo] fix custom html elements and wrong redirection 2024-02-23 09:12:17 +01:00
FreddleSpl0it
132e37bfec
[SOGo] use bash script for ldap plist template 2024-02-20 12:42:37 +01:00
FreddleSpl0it
a06c78362a
[Web] add ldap idp 2024-02-20 10:31:14 +01:00
FreddleSpl0it
98cdb95bc0
[Rspamd] milter update Content-Type and Content-Transfer-Encoding header after need_rewrite_ct 2024-02-19 11:20:19 +01:00
FreddleSpl0it
86ba019ca0
[Rspamd] apply domain wide footer to alias domains 2024-02-09 14:59:14 +01:00
DerLinkman
27ef04baa0
Update Dovecot to reuse lz4 compression 2024-02-08 12:42:32 +01:00
FreddleSpl0it
3a4c0c84a3
fix keycloak mailpassword flow 2024-02-08 12:42:31 +01:00
FreddleSpl0it
597d98e1d7
Fixes #5408 2024-02-08 12:42:30 +01:00
FreddleSpl0it
788f03e993
[Dovecot] remove passwd-verify.lua generation 2024-02-08 12:42:29 +01:00
DerLinkman
7ec7bd21cb
Changed Dovecot Base to Bullseye again (Self compile) 2024-02-08 12:42:27 +01:00
FreddleSpl0it
3d486678ae
[Web] remove keycloak sync disabled warning 2024-02-08 12:42:23 +01:00
FreddleSpl0it
7b47159478
rework auth - move dovecot sasl log to php 2024-02-08 12:42:22 +01:00
FreddleSpl0it
3179c0e712
[Dovecot] mailcowauth minor fixes 2024-02-08 12:42:19 +01:00
FreddleSpl0it
f8647bb15e
[Web] add keycloak sync crontask 2024-02-08 12:42:18 +01:00
FreddleSpl0it
e202d00beb
[Dovecot] group auth files 2024-02-08 12:42:11 +01:00
FreddleSpl0it
dca5f1baab
[Web] move /process/login to internal endpoint 2024-02-08 12:42:11 +01:00
Patrick Schult
087481ac12
Merge pull request #5696 from mailcow/fix/netfilter 
[Netfilter] add mailcow isolation rule to MAILCOW chain
 2024-02-02 14:33:01 +01:00
FreddleSpl0it
b236fd3ac6
[Netfilter] add mailcow isolation rule to MAILCOW chain 
[Netfilter] add mailcow rule to docker-user chain

[Netfilter] add mailcow isolation rule to MAILCOW chain

[Netfilter] add mailcow isolation rule to MAILCOW chain

[Netfilter] set mailcow isolation rule before redis

[Netfilter] clear bans in redis after connecting

[Netfilter] simplify mailcow isolation rule for compatibility with iptables-nft

[Netfilter] stop container after mariadb, redis, dovecot, solr

[Netfilter] simplify mailcow isolation rule for compatibility with iptables-nft

[Netfilter] add exception for mailcow isolation rule for HA setups

[Netfilter] add exception for mailcow isolation rule for HA setups

[Netfilter] add DISABLE_NETFILTER_ISOLATION_RULE

[Netfilter] fix wrong var name

[Netfilter] add DISABLE_NETFILTER_ISOLATION_RULE to update and generate_config sh
 2024-02-02 10:10:11 +01:00
milkmaker
cc77caad67 update postscreen_access.cidr 2024-02-01 00:13:56 +00:00
FreddleSpl0it
90a7cff2c9
[Rspamd] check if footer.skip_replies is not 0 2024-01-17 12:05:51 +01:00
Niklas Meyer
89540aec28
Merge pull request #5612 from mailcow/feat/domain-wide-footer 
[Rspamd] add option to skip domain wide footer on reply e-mails
 2024-01-09 11:10:35 +01:00
Niklas Meyer
fd206a7ef6
Merge pull request #5621 from mailcow/align-ehlo-keywords-to-fuctions 
[Postfix] Remove pipeling from ehlo keywords as we block it in data
 2024-01-08 09:52:28 +01:00
Niklas Meyer
7f58c422f2
Merge pull request #5625 from mailcow/update/postscreen_access.cidr 
[Postfix] update postscreen_access.cidr
 2024-01-08 09:51:27 +01:00
milkmaker
de00c424f4 update postscreen_access.cidr 2024-01-01 00:15:27 +00:00
Mathilde
a249e2028d
Add new SOGoMailHideInlineAttachments option to sogo.conf 
SOGoMailHideInlineAttachments = YES; will allow to hide inline (body and footer) images being shown as attachments.
 2023-12-30 10:16:25 +01:00
Dmitriy Alekseev
68036eeccf
Update main.cf 2023-12-29 22:06:18 +02:00
FreddleSpl0it
6ff6f7a28d
[Postfix] set smtpd_forbid_bare_newline = yes 2023-12-29 20:19:26 +01:00
Dmitriy Alekseev
b4bb11320f
Update main.cf 2023-12-29 16:04:52 +02:00
Dmitriy Alekseev
c61938db23
[Postfix] Remove pipeling from ehlo keywords as we block it in data restrictions 2023-12-29 15:59:16 +02:00
Patrick Schult
acf9d5480c
Merge pull request #5504 from FELDSAM-INC/feldsam/do-not-remove-x-mailer 
[Postfix] Do not remove X-Mailer header
 2023-12-27 18:40:19 +01:00
Kristian Feldsam
100e8ab00d [Postfix] Do not remove X-Mailer header 
some providers, like seznam.cz use X-Mailer in DKIM signatures

Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
 2023-12-27 16:32:50 +01:00
FreddleSpl0it
efab11720d
add option to skip footer on reply e-mails 2023-12-22 10:39:07 +01:00
DerLinkman
d81f105ed7
[Rspamd] Added customizable global ratelimit file (disabled by default) 2023-12-07 12:04:45 +01:00
DerLinkman
d3ed225675
[Rspamd] Removed global ratelimit override 2023-12-07 12:04:06 +01:00
milkmaker
5da089ccd7 update postscreen_access.cidr 2023-12-01 00:15:24 +00:00
FreddleSpl0it
b3ac94115e
[Rspamd] fix excluding alias from domain wide footer 2023-11-27 16:20:44 +01:00
FreddleSpl0it
d2e3867893
[Web][Rspamd] implement custom mailbox attributes and improve domain wide footer 2023-11-23 16:12:43 +01:00
FreddleSpl0it
392967d664
[Rspamd] domain wide footer check for empty strings 2023-11-21 10:19:00 +01:00
FreddleSpl0it
8ba1e1ba9e
[Rspamd] workaround - remove "--\x0D\x0A" prefix from rewritten cts 2023-11-20 12:38:37 +01:00
milkmaker
a1895ad924 update postscreen_access.cidr 2023-11-01 00:14:31 +00:00
Niklas Meyer
ce4b9c98dc
Merge pull request #5402 from cero1988/staging 
enable search in bodies from EAS
 2023-10-12 11:13:04 +02:00
DerLinkman
c134078d60 Add comment about experimental thingy 2023-10-12 11:11:50 +02:00
milkmaker
24ff70759a update postscreen_access.cidr 2023-10-01 00:15:06 +00:00
FreddleSpl0it
d132a51a4d
Merge remote-tracking branch 'origin/staging' into feat/domain-wide-footer 2023-09-13 12:44:41 +02:00
FreddleSpl0it
2111115a73
[Rspamd] domain-wide-footer add more template vars 2023-09-13 12:42:12 +02:00
FreddleSpl0it
5ae9605e77
[Rspamd] domain-wide-footer add jinja templating 2023-09-12 12:19:46 +02:00
Mirko Ceroni
8d75b570c8
Update data/conf/sogo/sogo.conf 
Co-authored-by: Peter <magic@kthx.at>
 2023-09-04 21:43:24 +02:00
Mirko Ceroni
25d6e0bbd0
enable search in bodies from EAS 
enable search in bodies from EAS
 2023-09-02 11:34:29 +02:00
Patrick Schult
372b1c7bbc
Merge pull request #5383 from Dexus-Forks/Dexus-patch-1 
Update config for nginx >=1.25.1 (http2, server_names_hash_max_size, server_names_hash_bucket_size)
 2023-08-29 12:05:44 +02:00
Josef Fröhle
095d59c01b Update listen_ssl.template deprecated http2 on listener 2023-08-12 16:59:15 +02:00
Josef Fröhle
1a2f145b28 Update site.conf: server_names_hash_bucket_size 128 2023-08-12 16:58:26 +02:00
FreddleSpl0it
025fd03310
[Rspamd] remove X-Moo-Tag header if unnecessary 2023-08-07 14:26:30 +02:00
FreddleSpl0it
c45684b986
[Postfix] rework dns_blocklists.cf generation 2023-08-02 16:36:59 +02:00
milkmaker
31cb0f7db1 update postscreen_access.cidr 2023-07-31 10:06:07 +00:00
DerLinkman
6d17b9f504 Added dns_blocklists.cf for customizations 2023-07-31 12:03:31 +02:00
DerLinkman
815572f200 Merge branch 'feat/spamhaus-dqs-asn' into staging 2023-07-28 10:33:34 +02:00
Niklas Meyer
2b009c71c1
Merge pull request #5316 from mailcow/feat/rspamd-securite-symbols 
[Rspamd] Native mailcow Support for Securite ClamAV Signatures
 2023-07-12 08:27:20 +02:00