Commit Graph

65 Commits

Author SHA1 Message Date
DerLinkman
ba8902f0b1
os: updated all Alpine containers to 3.20 2024-06-05 11:52:48 +02:00
Peter
6a807b7799
Remove one GmbH 2024-02-15 17:43:01 +01:00
DerLinkman
accedf0280
Updated mailcow Components to be ARM64 compatible 2024-01-17 10:14:36 +01:00
DerLinkman
907912046f Fix Clamd Version image in compose 2023-10-12 15:18:19 +02:00
Florian Hillebrand
3f2a9b6973 Update ClamAV to latest LTS version 1.0.3 2023-10-03 20:54:45 +02:00
Niklas Meyer
63e92e0897 [CLAMAV] Update to 1.0.1 2023-02-16 14:56:56 +01:00
moo
948d23f56d [Clamd] Update to 1.0 2022-12-23 16:28:52 +01:00
Niklas Meyer
44a6f09a09 [CLAMAV] Update to 0.105.1 2022-07-29 14:08:26 +02:00
Markus Ritzmann
537a7908f1 Clamd: Fix Docker Healthcheck 2022-06-16 09:50:33 +02:00
DerLinkman
ee844c81d2 Changed Base Docker Image to 0.105.0_base 2022-05-08 18:33:29 +02:00
Kristian Feldsam
4e6c398c8c
[Clamd] fix whitelist (#4541)
Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
2022-04-08 21:39:35 +02:00
Peter
fd7269d455
[ClamAV] Move to official ClamAV Docker container (#4525)
Since ClamAV starts to offer Docker containers this PR introduces said containers so we don't need to build the container on our own anymore. This was an easy task until v0.104, but then ClamAV changed its buildprocess to use cmake and with v0.105 it also needs the Rust toolchain -> https://docs.clamav.net/manual/Installing/Installing-from-source-Unix.html#ubuntu--debian

Here are the main changes for the new container

Creates clamd-db-vol-1 volume
Still uses the same config files
Downloads ClamAV databases in said volume
Smaller container footprint 13MB vs 150MB

---

* [ClamAV] Move to official ClamAV Docker container

* [ClamAV] Remove vim + nano

* [ClamAV] Use normal version in docker-compose
2022-03-28 11:07:47 +02:00
Niklas Meyer
c520f21d28
🐄 Moorch Update 2022 - ClamAV, Dovecot & Olefy Update (#4497)
* [API] Fix minor issue in api docs

* [GH-Actions][stale] Add neverstale label to exempt list

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag error handling

* [Web] add github version tag error handling

* Passwordless SOGo auth: support for calendar invitations and calendar/contacts subscriptions

Inviting someone to a calendar event triggers a request to /SOGo/so/otheruser@example.com/freebusy.ifb/ajaxRead. Subscribing to someone's calendar/contacts triggers a request to /SOGo/so/otheruser@example.com/foldersSearch. The email address in the URL is different from the logged-in user, which needs to be handled appropriately by sogo-auth.php.

* [Web] add github version tag - adjust css

* [Compose] Update SOGo Autoreply Schedule to 5m

Based on the advice of inverse (SOGo developer). Thanks to https://github.com/jmber

Closes: https://github.com/mailcow/mailcow-dockerized/issues/4436

* [Web] add github version tag - move twig globals

* [Web] add github version tag - missing </div>

* Passwordless SOGo auth: improvements for when accessing other users

* [WebAuthn] fido2 passwordless auth - fix (#4440)

* [WebAuthn] fido2 revert

* [WebAuthn] set UV flags to 'discouraged'

* [WebAuthn] revert - set UV flags to 'discouraged'

* Update clamav to 0.104.2

* Update clamav to 0.104.2

* Update dovecot to 2.3.18

Update gosu to 1.14
Use debian bullseye as base

* [Web] Updated lang.es.json [CI SKIP] (#4453)

Co-authored-by: Fijxu <fijxu@zzls.xyz>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

Co-authored-by: Fijxu <fijxu@zzls.xyz>

* Fix broken documentation links (#4458)

* Fix broken documentation links

* Fix a few more broken documentation links

* Fix broken documentation links in translation files

* Fall back to empty string if WATCHDOG_NOTIFY_EMAIL undefined (#4457)

By default, `.env` (`mailcow.conf`) does not define `WATCHDOG_NOTIFY_EMAIL`.

Using it in `docker-compose.yml` without having it defined leads to Compose v2 displaying this warning on startup:

> WARNING: The WATCHDOG_NOTIFY_EMAIL variable is not set. Defaulting to a blank string.

Related to https://github.com/mailcow/mailcow-dockerized/issues/4315

* [Web] Updated lang.sk.json [CI SKIP] (#4461)

Co-authored-by: Lukáš Matula <lukas@gbely.net>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

Co-authored-by: Lukáš Matula <lukas@gbely.net>

* oletools: disable template injection detection (#4464)

Seems to be causing a lot of false positives lately

* Fix minor typo in comment (#4466)

Correction of the comment, so that the explanation is correct and can be understood.

* Update issue templates to issue forms (#4465)

This PR updates the issue templates to GitHubs new issue forms

* [Web] Fix padding issue in UI admin panel (#4481)

* [Web] fix admin panel padding issue

* [Web] fix admin panel padding issue

* [Web] Updated lang.sk.json [CI SKIP] (#4489)

Co-authored-by: Lukáš Matula <lukas@gbely.net>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

Co-authored-by: Lukáš Matula <lukas@gbely.net>

* increase opcache.interned_strings_buffer to 16 (#4487)

since version 23.0.2 Nextcloud recommends having a value greater than 8 for `opcache.interned_strings_buffer`. As this memory will be only used when needed this should have no impact on installations that are not using nextcloud.

related discussion: https://help.nextcloud.com/t/nextcloud-23-02-opcache-interned-strings-buffer/134007/19
related nextcloud issue: https://github.com/nextcloud/server/issues/31223

* nextcloud - add missing redirections (#4366)

adds missing location directives to the nginx configuration of nextcloud 22, to prevent warnings in nextcloud admin center of missing redirections

* Update imapsync to 2.178 (#4491)

* Update and fix oletools (#4479)

As noticed by @MAGICCC (#4464 (comment)), our olefy image does not work anymore if you rebuild it. This is because @HeinleinSupport recently updated their repository with the changes from @decalage2's repository, which renamed olvba3 to olevba. Since @HeinleinSupport does not recommend using its own patched branch and is very slow in pulling in changes from upstream (@decalage2), let's switch to the latter. This also allowed me to revert #4464.

Finally, a minor patch to rspamd is necessary. While the documentation says

In the extended mode the oletools module will not trigger on specific categories, but will always set a threat string with all found flags when at least a macro was found.

This is not actually true -- it only sets it when suspicious or autoexec threats were detected. But it's a one-line patch to make rspamd behave as documented and we should submit that patch to @rspamd too. With this patch, I have confirmed that Mailcow will reject any incoming, non-whitelisted message containing attachments with macros.

* [Web] Fix excluded domain list in quaratine view

Previously excluded domains from quarantine were not shown.

* [Dovecot] Update syslogng Version to 3.28 (#4496)

Co-authored-by: Niklas Meyer <niklas.meyer@tinc.gmbh>

Co-authored-by: ntimo <git@nowitzki.me>
Co-authored-by: Peter <magic@kthx.at>
Co-authored-by: FreddleSpl0it <patschul@posteo.de>
Co-authored-by: FreddleSpl0it <75116288+FreddleSpl0it@users.noreply.github.com>
Co-authored-by: Michael Kuron <mkuron@users.noreply.github.com>
Co-authored-by: milkmaker <milkmaker@mailcow.de>
Co-authored-by: Fijxu <fijxu@zzls.xyz>
Co-authored-by: Slavi Pantaleev <slavi@devture.com>
Co-authored-by: Lukáš Matula <lukas@gbely.net>
Co-authored-by: Max <mail@heavygale.de>
Co-authored-by: Michael Cramer <michael@bigmichi1.de>
Co-authored-by: Robert Christian <soulsymphonies@users.noreply.github.com>
Co-authored-by: André <andre.peters@debinux.de>
Co-authored-by: Niklas Meyer <niklas.meyer@tinc.gmbh>
2022-03-02 16:32:17 +01:00
Niklas Meyer
f9e28b8d82
[Clamd] Rebuild on Bullseye Base 2022-01-18 15:14:45 +01:00
Niklas Meyer
e3417397af
[Clamd] Update to 0.103.5 2022-01-15 17:17:27 +01:00
andryyy
85454d3406
[ClamAV] Change mirror for Dockerfile 2021-11-14 20:12:21 +01:00
Sven Gottwald
7e35c3d0dd
[ClamAV] Update to 0.103.4 (#4314)
* [ClamAV] Update to 0.103.4

ClamAV 0.103.4 is a critical patch release, see https://blog.clamav.net/2021/11/clamav-01034-and-01041-patch-releases.html for more information.

* Update docker-compose.yml

Update mailcow/clamd:1.42
2021-11-11 13:43:41 +01:00
Sven Gottwald
bc7714b8f3
[ClamAV] Update to latest LTS release (#4262)
- ClamAV 0.103 is the first Long Term Support (LTS) feature release.
- LTS feature releases will be supported for at least three years from the initial publication date of that LTS feature version. In other words, support for the LTS release "X.Y" starts when version "X.Y.0" is published and ends three years after.
- Each LTS feature release will be supported with critical patch versions and access to download signatures for the duration of the three-year support period.
- A new LTS feature release will be identified approximately every two years.
- Users must stay up-to-date with the latest patch versions for continued support. As of Aug. 28, that means version 0.103.3.
- Source: https://blog.clamav.net/2021/09/changes-to-clamav-end-of-life-policy.html
2021-09-04 12:24:39 +02:00
Sven Gottwald
2617f639b2
[ClamAV] Update to 0.103.2 (#4068)
Security patch, see https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html
2021-04-20 10:39:26 +02:00
andryyy
cda16ac53f
[ClamAV] Update to 0.103.1 2021-03-17 14:19:21 +01:00
andryyy
bfd451fe30
[ClamAV] Add default wl PUA.Pdf.Trojan.OpenActionObjectwithJavascript-1 2020-11-19 15:28:52 +01:00
andryyy
567064ed50
[ClamAV] Update to 0.103.0 2020-09-15 11:07:35 +02:00
andryyy
4ba7194eb1
[Clamd] Pass version as ARG 2020-06-07 22:50:20 +02:00
andryyy
718706dd27
[ClamAV] Update to 0.102.3 2020-05-21 21:24:48 +02:00
andryyy
dfd40500b4
[ClamAV] Add fp signature 2019-12-17 15:52:20 +01:00
andryyy
8c3ab0371a
[ClamAV] Copy productive whitelist.ign to exposed configuration folder, remove direct mount of whitelist file 2019-12-14 15:12:37 +01:00
andryyy
cc99fe3820
[ClamAV] Whitelist js in pdf - too many fp 2019-12-14 14:59:31 +01:00
andryyy
d6af0ae7d6
[ClamAV] Update ClamAV 2019-11-21 17:52:45 +01:00
andryyy
cd6594df01
[Clamd] Run freshclam before starting ClamAV 2019-10-22 21:30:45 +02:00
andryyy
1e4aa212ea
[ClamAV] Try to prevent update collisions 2019-10-22 13:50:03 +02:00
andryyy
b0711db489
[Dockerfiles] Rename some files and create hook points 2019-10-18 12:01:47 +02:00
andryyy
3c133ad02a
[ClamAV] Cleanup garbage when starting container (tmp files may fill up disk, when container runs oom) 2019-09-24 16:39:39 +02:00
andryyy
1d1d6c97cc
[ClamAV] Push to v0.101.4 2019-08-21 21:06:14 +02:00
keigel2001
f9a3e500b5 [ClamAV] Update to 0.101.3 2019-08-06 17:00:11 +02:00
andryyy
184eb7a739
[ClamAV] Fix chmod command, thanks to @fbcd4f50ea5350f051450323b5abfd0b 2019-07-03 10:46:30 +02:00
andryyy
27d1bd8aeb [ClamAV] Fix missing exit code var, fixes #2746 2019-06-29 23:27:22 +02:00
andryyy
39f95b8284
[Compose] Add olefy container, new Postfix iamge and new ClamAV image 2019-06-16 17:37:25 +02:00
Timo N
15b2ca6eaa
[ClamAV] Updated to version 0.101.2 2019-05-30 06:41:21 +02:00
andryyy
db17a304b0
[ClamAV] Create directory before handling whitelist 2019-02-23 10:34:16 +01:00
andryyy
354ecd727c
[ClamAV] More checks and permission fixes 2019-02-23 10:27:13 +01:00
andryyy
fe9b9f5dfa
[ClamAV] Set permission recursively
[Compose] Updaet ClamAV image
2019-02-23 10:21:13 +01:00
andryyy
5081d6d9f1
[ClamAV] Add more signatures 2019-01-16 23:41:42 +01:00
André Peters
f3dfe346bf [Dovecot] Allow setting ACL_ANYONE in mailcow.conf 2019-01-16 19:08:19 +01:00
andryyy
889b260b7d
[ClamAV] Set prio of clamd parent to 10, fixes #2174 2019-01-13 23:03:07 +01:00
andryyy
5619221ed0
[ClamAV] Fix whitelist permission error
[Compose] New image for ClamAV
[Git] Add ignore data/web/nextcloud*
2019-01-13 11:21:44 +01:00
andryyy
ab35e1d688 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2019-01-10 22:14:52 +01:00
andryyy
b0130c153c
[Clamd] Improve logging
[Compose] Remove tty from clamd-mailcow
2019-01-10 22:13:59 +01:00
amorfo77
9a90647709
[Clamav] Remove duplicate chown 2019-01-10 13:31:34 +01:00
andryyy
e42afa39a8
[ClamAV] Update to 0.101.1 (based on Debian to fix some errors)
[ClamAV] Some config values are deprecated and were replaced
2019-01-08 12:54:33 +01:00
andryyy
e04a3aed6a [ClamAV] Do not try to modify cross-mounted file, copy whitelist from conf to lib directory 2018-10-27 13:25:05 +02:00