Commit Graph

927 Commits

Author SHA1 Message Date
andryyy
1cd0a96ad0
[Nginx, SOGo] Set mime type text/plain instead of returning 403 when opening risky attachments 2021-05-17 21:21:35 +02:00
andryyy
6a8aa699d9
[SOGo, Nginx] Deny access to some extensions from SOGo web ui to mitigate security concerns 2021-05-12 10:44:42 +02:00
Dmitriy Alekseev
bb1b76454d
[Rspamd] Remove score from SIEVE_HOST (#4080)
Commit e7a5c98704 remove upstream spam flag score
2021-05-04 18:51:07 +02:00
Maximilian
5df8a24c84
server_tokens off in default settings (#4073)
Co-authored-by: Maximilian Leith <accounts.maximilan@leith.de>
2021-04-26 13:20:23 +02:00
Dmitriy Alekseev
bbb75b0d32
[Rspamd] Fix for Respect Redis REPLICA in reputation plugin (#4046) 2021-04-18 22:41:08 +03:00
André Peters
ee6ca4eaaa
Revert "[Rspamd] Respect Redis REPLICA in reputation plugin (#4046)" (#4065)
This reverts commit 7fdc4c2cc3.
2021-04-18 21:02:29 +02:00
Valentin Brandner
1bb68c2f5f
[Rspamd] Fix little typo in regex (#4050)
There was a dot missing, right? Correct me if I'm wrong...
2021-04-09 23:37:33 +02:00
andryyy
604f29e870
[Postfix] Set mynetworks_style = subnet to include all local subnets, will be overridden by mynetworks in extra.cf 2021-04-07 21:28:53 +02:00
Dmitriy Alekseev
694e3d652f
[Rspamd] Sign Disposition-Notification Headers (#4020)
* [Rspamd] Sign Disposition-Notification Headers

Add more Headers to DKIM signing

* Update dkim_signing.conf
2021-04-03 12:43:20 +02:00
Der-Jan
7fdc4c2cc3
[Rspamd] Respect Redis REPLICA in reputation plugin (#4046) 2021-04-02 21:34:52 +02:00
andryyy
749dc0e5c9 Merge branch 'master' of github.com:mailcow/mailcow-dockerized 2021-03-04 16:13:55 +01:00
Timo Eissler
b6d1f78428
[PHP-FPM] Increase PHP memory limit for "cli" to 512M (#4010) 2021-03-03 10:28:15 +01:00
andryyy
4975e4cabd
[SOGo] Fix comments in custom theme 2021-03-03 10:23:51 +01:00
andryyy
e956b32a12
[SOGo] Remove custom theme, disable debug mode, keep example custom-themes 2021-03-02 11:24:00 +01:00
Frederick Nicklas Ambo Eggert Eggertsen
6840a1665d
[Web] Danish lang. 🇩🇰 (#3971)
Create Danish lang
2021-02-19 18:23:08 +01:00
andryyy
c2c183df2c
[Ejabberd] Add missing ip in yml 2021-02-17 16:44:11 +01:00
andryyy
9ee0bd8bdf
[Ejabberd] Do not store group chats in archive 2021-02-16 21:33:30 +01:00
andryyy
b11764dff0
[Config] Add ADDITIONAL_SERVER_NAMES as optional config to define additional server_name parameters for mailcow UI 2021-02-16 16:38:28 +01:00
andryyy
c4155d4ab6 [Ejabberd] Do not store messages by default; Delete uploads after 30 days; Use JID in upload file path; Use more secure file permissions; Set max offline messages to 1000; 2021-02-16 16:37:18 +01:00
ValdikSS
b52fa1146a
Unset Postfix smtpd_tls_session_cache_database, reduce disk writes (#3981)
Postfix may update smtpd_tls_session_cache_database quite frequently even on not busy server, which leads to unnecessary (excessive) disk writes, which is an issue for SSD.
Postfix documentation suggests not to use this parameter anymore since there's another, better TLS session resumption method available.

>As of Postfix 2.11 the preferred mechanism for session resumption is RFC 5077 TLS session tickets, which don't require server-side storage. Consequently, for Postfix ≥ 2.11 this parameter should generally be left empty.

http://www.postfix.org/postconf.5.html#smtpd_tls_session_cache_database
2021-02-16 11:01:27 +01:00
andryyy
666d344322
[Web] Remove XMPP site when disabling XMPP 2021-02-14 21:33:43 +01:00
andryyy
9febe4e86b [Ejabberd] Require s2s TLS, enforce protocols and ciphers, move admin UI (WIP) 2021-02-14 10:47:53 +01:00
andryyy
38e5dc37d2
[Rspamd] Edit RBL 2021-02-14 10:47:05 +01:00
andryyy
8c6b512f05
[mailcow] Move ejabberd site to last available site 2021-02-12 19:26:49 +01:00
andryyy
38c5470d54
[Ejabberd] Various fixes, sorry (still WIP) 2021-02-11 21:09:46 +01:00
andryyy
462aa0a764
[Ejabberd] Fix bootstrapping, ejabberd could not be enabled 2021-02-11 20:46:13 +01:00
andryyy
f69f6b84f3
[Git] Sort gitignore 2021-02-11 15:24:34 +01:00
andryyy
386d6109c8 Merge branch 'master' of github.com:mailcow/mailcow-dockerized 2021-02-11 09:36:18 +01:00
andryyy
29bcd94b7c
[Rspamd] Increase spam symbol weight 2021-02-11 09:32:47 +01:00
Felix Kaechele
31805f1656
[Web] Implement all supported dovecot password schemas (#3974)
When migrating from other Dovecot based installations it can be very
convenient to just copy over existing hashed passwords.
However, mailcow currently only supports a limited number of password
schemes.

This commit implements all password schemes that do not require
challenge/response or OTP mechanisms.

A convenient way to generate the regex with all supported schemas is
`docker-compose exec dovecot-mailcow doveadm pw -l | awk -F' ' '{printf
"/^{("; for(i=1;i<=NF-1;i++){printf "%s%s", sep, $i; sep="|"}; printf
")}/i\n"}'`

Note that this will also include unsupported challenge/response and OTP
schemas.

Furthermore this increases the vsz_limit for the dovecot auth service to
2G for the use of ARGON2I and ARGON2ID schemas.

Signed-off-by: Felix Kaechele <felix@kaechele.ca>
2021-02-11 09:31:53 +01:00
Dmitriy Alekseev
32b6495ea3
[Dovecot] Add Russian and Ukrainian folders (#3967)
Update dovecot.conf
2021-02-08 16:09:23 +02:00
Dmitriy Alekseev
a2783d44ad
[SOGo] Add custom favicon (#3957)
* [SOGo] Add custom favicon

* Update docker-compose.yml
2021-01-31 09:58:08 +01:00
Dmitriy Alekseev
0a102444fc
[Rspamd] Add FUZZY_SPAM_MISMATCH (#3958)
Remove score from FUZZY_HAM_MISMATCH
2021-01-31 09:56:47 +01:00
andryyy
0d1ea05ae2
[Git] Ignore custom SOGo logo
[SOGo] Slightly more contrast
2021-01-29 07:37:37 +01:00
andryyy
01b2179d56
[SOGo] Lighter logo 2021-01-28 19:42:52 +01:00
andryyy
410cb558ee
[Dovecot] Check if quarantine_notify.py holds a lock
[SOGo] Change default theme
2021-01-28 15:48:59 +01:00
andryyy
049b5ceb31
[Rspamd] Add bulk header 2021-01-26 07:48:39 +01:00
andryyy
e6898beb59
[Rspamd] Remove ham symbols if a fuzzy denied hash matched 2021-01-19 12:59:46 +01:00
Peter
5dcbce662b
[Rspamd] Sort & add infos for bad ASN map (#3934) 2021-01-18 07:06:06 +01:00
Dmitriy Alekseev
d9d129047c
[Rspamd] Score for freemail from to undisclosed recipients 2021-01-17 19:09:02 +02:00
andryyy
3dece1a05c
[Dovecot] Add sieve rule to move DeltaChat (https://delta.chat) messages to folder DeltaChat
[Web] Add information about extended DNS config
2021-01-14 09:38:56 +01:00
andryyy
00723631dd
[Postfix] Add parent_domain_matches_subdomains 2021-01-13 21:17:10 +01:00
Dmitriy Alekseev
a832becbd5
[Rspamd] Not trigger FREEMAIL_POLICY for mailig lists (#3918) 2021-01-02 09:49:55 +01:00
andryyy
c28bea6a53 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2020-12-29 15:20:55 +01:00
Dmitriy Alekseev
fec6876490
[Rspamd] Block spoofing for free mail domains (#3907) 2020-12-28 22:04:01 +01:00
andryyy
9407b55661
[PHP-FPM] Fix fastcgi timeouts 2020-12-26 10:19:52 +01:00
andryyy
2086927bb8
[Compose] Update Dovecot and Rspamd images 2020-12-11 10:04:37 +01:00
andryyy
3535ed6efe
[Rspamd] Set bounce_to ratelimit to 7 / 1m to hopefully reduce backscatter spam 2020-12-07 11:09:06 +01:00
andryyy
96324aa4b5
[Rspamd] Set bounce_to ratelimit to 10 / 1m to hopefully reduce backscatter spam 2020-12-07 11:08:49 +01:00
andryyy
9670d0c4f1
[Rspamd] More explicit Sendgrid ID checking 2020-11-30 07:45:30 +01:00
andryyy
0485e1feb2
[Dovecot] Add sieve_vacation_dont_check_recipient = yes 2020-11-27 09:17:29 +01:00
andryyy
8e15c56330
[SOGo] Increase timeout for SOGo to prevent failure on uploads 2020-11-25 16:11:02 +01:00
andryyy
0a593bfe7b
[Dovecot, Helper] Add HAProxy listener for 4190/tcp sieve 2020-11-19 16:02:05 +01:00
andryyy
586992618c [Rspamd] Revert previous commit; Do not punish DMARC alignment when p=none 2020-11-19 09:44:10 +01:00
andryyy
399951509e
[Rspamd] Exclude DMARC_POLICY_SOFTFAIL from SPOOFED_UNAUTH 2020-11-19 09:37:02 +01:00
andryyy
c1376b4f4c
[Rspamd] Increase bounce_to limit 2020-11-16 11:56:12 +01:00
andryyy
5d9c40b8b4
[Rspamd, Web] Add rewrite subject to known soft quarantine actions 2020-11-13 21:26:42 +01:00
andryyy
0201becf77
[Rspamd] Fix some composites 2020-11-11 14:34:24 +01:00
andryyy
9eb65b03a1
[Rspamd] Remove rule that breaks DMARC valid mails from having their scored lowered 2020-11-09 14:04:56 +01:00
andryyy
6d46ee795b
[Rspamd] Log mail that was put into junk folder and keep a copy in quarantine 2020-11-06 12:26:01 +01:00
andryyy
347217c2d3
[Dovecot] Lower deduplicate interval to not discard duplicates of mail from quarantine that were previously saved in the junk folder 2020-11-06 12:25:09 +01:00
andryyy
2732e0158c
[Rspamd] Add newsletterplus to unwanted bulk (no consent, corona spam) 2020-11-04 09:29:27 +01:00
andryyy
7dc21e036d
[Rspamd] Fixes #3837 by setting correct data type for mails without fuzzy hashes, also implements actions 2020-11-03 10:27:46 +01:00
andryyy
d94b5e43ea
[Rspamd] Add symbol HAM_TRAP or SPAM_TRAP for trap aliases 2020-10-29 20:29:14 +01:00
andryyy
9034e0f3a8
[Rspamd] Fix tag handling for mailboxes 2020-10-28 11:06:33 +01:00
andryyy
61bb3219df
[Rspamd] Fix tag handling for aliases 2020-10-27 07:20:54 +01:00
andryyy
7bcb9414ab
[Rspamd] Handle Postmaster in and outbound as trusted 2020-10-25 10:34:13 +01:00
andryyy
0165c9d26b
[Web] Show fuzzy hash of rejected mail, if any 2020-10-24 16:27:31 +02:00
andryyy
85b8b74a4c
[Rspamd] Do not quarantine blacklisted entities 2020-10-23 20:23:26 +02:00
andryyy
c7e17c7fd1
[Rspamd] Global blacklists are not prefilters anymore to not prevent them from being learned 2020-10-21 19:00:53 +02:00
andryyy
4155d21392
[Rspamd] Remove positive fuzzy scores from bounces 2020-10-20 16:15:02 +02:00
Dmitriy Alekseev
fa153fad38
[Rspamd] Rebalance group policies (#3817)
* [Rspamd] Rebalance group policies

* [Rspamd] Rebalance group policies
2020-10-20 11:55:55 +02:00
andryyy
ee9288581a
[Rspamd] Do not post whole body to alias expander... 2020-10-18 19:27:25 +02:00
andryyy
be0ec8efc0
[Rspamd] Composite fixes and adjustments for better filtering 2020-10-18 10:11:27 +02:00
andryyy
f95bd3e7b6
[Rspamd] Simplify forward host rule and add policy group to exceptions for fwd host 2020-10-18 09:12:02 +02:00
andryyy
5cd6bed701
[Rspamd] Fix typo in alias resolvers 2020-10-17 20:09:32 +02:00
andryyy
ddadc1ced2
[Rspamd] Remove unnecessary set_metric_action in tag script 2020-10-17 10:15:14 +02:00
Dmitriy Alekseev
9ba1d4626d
[Postfix] Anonymize sender IP for mail sent locally (#3811)
This commit resolve #3723
2020-10-17 09:06:38 +02:00
andryyy
f8291d1967
[Rspamd] Adjust alias resolver prefilter prio 2020-10-16 18:39:22 +02:00
andryyy
0c30d32fdb
[Rspamd] Resolve direct aliases (also fixes tagging options) 2020-10-16 18:27:19 +02:00
andryyy
5a627dc34a
[Rspamd] Add invaluement sendgrid-id-dnsbl 2020-10-13 11:15:12 +02:00
andryyy
7da3b91bd7
[Rspamd] Disable IPv6 for interserver ip bl, enable full host lookup for uribl 2020-10-12 09:23:41 +02:00
andryyy
39a33c4b6d
[Dovecot] Conf: drop duplicates as received within 60 minutes 2020-10-11 10:35:29 +02:00
andryyy
ce77d87c8d
[Dovecot] New global post-filter: drop duplicates as received within 60 minutes 2020-10-11 10:34:15 +02:00
andryyy
efd69f1c1c
[Rspamd] Add Interserver rules, THANK YOU! 2020-10-11 10:30:46 +02:00
andryyy
72542f1d50
[Rspamd] Delete deprecated reputation files 2020-10-09 08:57:51 +02:00
andryyy
1b2731d6e6
[Rspamd] Add reputation plugin, remove deprecated plugins 2020-10-08 17:03:39 +02:00
andryyy
d6688d918b Revert "[Rspamd] Use reputation plugin instead of ip_ and url_reputation"
This reverts commit 73e87068d8.
2020-10-08 16:52:20 +02:00
andryyy
73e87068d8
[Rspamd] Use reputation plugin instead of ip_ and url_reputation 2020-10-08 16:51:46 +02:00
Bao H.H
b5ee399fa2
Add simplified Chinese language translations (#3784) 2020-10-01 20:50:49 +02:00
mcmufffin
93ac0d3864
Update site-defaults.conf (#3780) 2020-09-27 12:38:40 +02:00
André Peters
ba0b6963c7
Revert "Update site-defaults.conf (#3778)" (#3779)
This reverts commit b8ec9ad536.
2020-09-26 22:53:53 +02:00
andryyy
1256059a4f Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2020-09-26 22:17:51 +02:00
mcmufffin
b8ec9ad536
Update site-defaults.conf (#3778) 2020-09-26 22:15:43 +02:00
andryyy
520056a489
[Rspamd] Quarantine, Pushover: Respect active = 2 while processing 2020-09-26 21:58:49 +02:00
andryyy
1e244e9c0c
[Rspamd] Quarantine, Pushover: Respect active = 2 while processing 2020-09-26 21:58:28 +02:00
andryyy
642ef1a515
[Rspamd] Pushover, quarantine: also process 2020-09-26 21:55:04 +02:00
andryyy
c3c98348e2
[SOGo] Re-enable TLS for internal IMAP connections, enable TLS for internal SMTP connections
[Web] Minor fix in quarantine view
2020-09-24 21:51:32 +02:00
andryyy
e2d98323ef Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2020-09-24 20:31:07 +02:00
andryyy
e5f0e1da44
[Rspamd] Fix prio for includes in overrides 2020-09-24 20:30:58 +02:00