Commit Graph

411 Commits

Author SHA1 Message Date
andryyy
113c6fe018 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2018-11-26 10:41:44 +01:00
andryyy
f76c3ee7f3 [Dovecot] Unsupported examples for IMAP auth via LDAP
[Rspamd] Globel whitelist/blacklist from via multimap
2018-11-26 09:06:51 +01:00
André Peters
a13c2c9359
Merge pull request #1949 from patschi/patch-1
[Postfix] Security: Prefer server-side ciphers
2018-11-22 12:59:06 +01:00
andryyy
224a5ebd9a [Dovecot] Enable mail_log (events: delete undelete expunge copy mailbox_delete mailbox_rename)
[Dovecot] Increase vsz_limit for some services to 1 G
[Dovecot] Enable auth_cache
2018-11-12 21:00:39 +01:00
andryyy
1d9f820b02 [SOGo] Include custom-sogo.js to dynamically add JS to SOGo, increase textarea font of CKeditor by default 2018-11-12 09:59:49 +01:00
andryyy
869e01a9a7 [Rspamd] Add fuzzy hash to msg 2018-11-12 09:57:25 +01:00
andryyy
4f7f493490 [Rspamd] Add SOGo contacts to whitelist 2018-11-12 09:56:54 +01:00
andryyy
e6625501e7 [Nginx] Remove Strict-Transport-Security for subdomains (prevented autoconfig from working without TLS) 2018-11-12 09:53:18 +01:00
andryyy
159c36b531 [Dovecot] Create crypted mail_attachment_fs to store attachments with a min size of 128k
[Dovecot] Shared location to "auto:" to auto-detect legacy mailbox formats across shared mailboxes
[Dovecot] Create config service for crypted mail_attachment_fs
2018-11-12 09:52:12 +01:00
Michael Kuron
4ee546c04a
Reduce rspamd DNS timeout
Fixes #1957
2018-10-29 19:55:24 +01:00
andryyy
f92b20c9ad [Rspamd] Change log level to silent (see docs) 2018-10-27 13:55:55 +02:00
andryyy
af5ce48e8d [ClamAV] Remove AllowSupplementaryGroups from freshclam.conf (deprecated) 2018-10-27 13:24:14 +02:00
andryyy
bf71f9b600 [Postfix] Add tls_preempt_cipherlist to SMTPS 2018-10-27 13:22:29 +02:00
andryyy
42fe16250b [Rspamd] Adjust default values for (perm) failures of DKIM and SPF 2018-10-26 20:04:41 +02:00
Patrik Kernstock
1dc9d3fa27
[Postfix] Security: Prefer server-side ciphers
Prefer server-side ciphers to prevent client-side cipher downgrade. Already enabled in Dovecot.
2018-10-25 23:37:25 +02:00
andryyy
5f02c6006c [Postfix] Do not remove user agent 2018-10-23 23:22:43 +02:00
André
93e0206db4 [Update] Remove mailcow_anonymize_headers.pcre checks
[Postfix] Rename mailcow_anonymize_headers.pcre > anonymize_headers.pcre to prevent collisions
2018-10-23 22:57:38 +02:00
André
66d8f33aac [Postfix] Move "should not"-sign headers out of Postcow check to always remove them, fixes #1911 2018-10-23 21:55:55 +02:00
André Peters
68f2a1c5fc
[Rspamd] Properly close additional Rspamd maps 2018-10-19 11:12:58 +02:00
André
73b48fc13e [Rspamd] Remove deprecated attachments_only in AV module
[Rspamd] Remove old symbol score
2018-10-16 22:59:25 +02:00
André
51dd88abeb [Unbound] Reduce negative max ttl to 60s and min-ttl for all other keys to 5 2018-10-16 20:14:14 +02:00
André
8958449e76 [Postfix] Remove headers only when mail_name matches 2018-10-16 20:11:21 +02:00
André
d99b8aaf69 [Postfix] Change mail_name to Postcow and only replace headers when mail_name matches 2018-10-16 10:26:41 +02:00
Tobias "Knight" S
41c8a8bb46
disabling more functions inside php-fpm 2018-10-15 22:52:30 +02:00
André Peters
83a5eda762
Merge pull request #1434 from apoc4lyps/master
hardening http headers
2018-10-15 22:48:50 +02:00
André
abd0a1b337 [PHP-FPM] Disable some functions by default 2018-10-15 20:52:39 +02:00
André
a844adde0f [Postfix] Add mailcow_anonymize_headers to default config 2018-10-15 20:52:06 +02:00
André
c80fe40669 [Unbound] Do not allow from all (dangerous for setups with incorrect netfilter setups) 2018-10-12 11:35:45 +02:00
André
1fce562434 [Dovecot] Set imap_max_line_length = 2 M 2018-10-12 10:56:40 +02:00
André
3db6af5c90 [Unbound] Trust all addresses - do not expose Unbound! 2018-10-12 10:56:17 +02:00
André
32f7ae1d2e [Rspamd] Prefix quarantine error_log messages with "QUARANTINE"
[Rspamd] Fix quarantine max size check (it was ignored)
2018-10-11 11:55:52 +02:00
André
c0b590fff6 [PHP-FPM] Move max_execution_time and max_input_time to general PHP config, removed as fixed php_admin_value 2018-10-11 11:54:38 +02:00
André
c08149adef [SOGo] EAS changes, larger timeout 2018-10-05 11:12:55 +02:00
André
f6b2a6aab2 [Postfix] Enable/create smtp_tls_policy_maps 2018-10-04 14:34:34 +02:00
André
2f18eb5ad0 [Nginx] Avoid php extensions, use rewrite 2018-10-04 14:34:00 +02:00
André
b2067cb521 [SOGo] SOGoMaximumSyncWindowSize = 99 2018-10-04 14:33:32 +02:00
André
b8ebdc3c58 [Postfix] Increase default message size limit to 100 MiB 2018-10-01 22:06:20 +02:00
André
a054182246 [Rspamd] Add desc to high spam networks 2018-09-30 18:56:35 +02:00
André
cdca603ff5 [Unbound] Fix logging, fixes #585
[Rspamd] Fix permissions of controller password file
[Unbound] Enable unbound-control
2018-09-30 14:43:18 +02:00
André
b008211f52 [Rspamd] Controller password placeholder 2018-09-30 09:55:50 +02:00
André
8439daea7e [Rspamd] Revert adding worker-controller-password... 2018-09-30 09:54:19 +02:00
André
4396be2938 [Rspamd] Place socket in _rspamd home and fix permissions
[Compose] Remove volume for Rspamd socket
[Web] Do not exit loop on fuzzy errors when learning a message as spam
2018-09-30 09:53:25 +02:00
André
73b10350d0 [Rspamd] Ignore sa-rules-heinlein file, remove from index 2018-09-29 22:03:48 +02:00
André
0fb43f4916 [Docker API] Use TLS encryption for communication with "on-the-fly" created key paris (non-exposed)
[Docker API] Create pipe to pass Rspamd UI worker password
[Dovecot] Pull Spamassassin ruleset to be read by Rspamd (MANY THANKS to Peer Heinlein!)
[Dovecot] Garbage collector for deleted maildirs (set keep time via MAILDIR_GC_TIME which defaults to 1440 minutes)
[Web] Flush memcached after mailbox item changes, fixes #1808
[Web] Fix duplicate IDs, fixes #1792
[Compose] Use SQL sockets
[PHP-FPM] Update APCu and Redis libs
[Dovecot] Encrypt maildir with global key pair in crypt-vol-1 (BACKUP!), also fixes #1791
[Web] Fix deletion of spam aliases
[Helper] Add "crypt" to backup script
[Helper] Override file for external SQL socket (not supported!)
[Compose] New images for Rspamd, PHP-FPM, SOGo, Dovecot, Docker API, Watchdog, ACME, Postfix
2018-09-29 22:01:23 +02:00
André
c7cef3241f [Rspamd] Controller worker count == 1, fixes #1716 2018-09-12 20:32:59 +02:00
André
1b5409f3fa [Rspamd] Check if ip is valid (KEEP_SPAM symbol), fixes #1759 2018-09-12 15:50:42 +02:00
André
1499094b61 [PHP-FPM] Increase PHP memory limit for "web" to 512M
[Helper] Nextcloud 14
[Rspamd] Fix KEEP_SPAM lua script: skip check if ip is false
2018-09-11 19:35:21 +02:00
André
ea4a26eabf [Nginx] Use SOGo web resources from local mount 2018-09-09 09:51:37 +02:00
André
afc18fd469 [Rspamd] Update bad asn, move KEEP_SPAM to a custom lua function 2018-09-09 09:47:47 +02:00
André
e5b830adea [Dovecot] Fix shared namespace 2018-08-31 23:33:55 +02:00