Dmitriy Alekseev
54448bfd38
[Rspamd] Adjust CAB score detection
...
Adjust CAB score detection, as CAB content can't be extracted by Rspamd
2021-11-18 10:14:24 +02:00
andryyy
15c0b3f7b7
[MariaDB] Decrease connection timeout to SOGo worker lifetime + 10s
2021-10-28 21:58:17 +02:00
Dmitriy Alekseev
a26bbff63f
[Rspamd] Enhance SOGo contacts dynmap ( #4245 )
...
* [Rspamd] Fix SOGo Contacts Dynmap
1. Lowercase all emails to align with Rspamd
2. Remove dots from gmail.com and change googlemail.com to gmail.com to align with Rspamd per https://github.com/rspamd/rspamd/blob/master/lualib/lua_util.lua#L271-L274
* Update settings.php
Fix case when gmail.com or google.com is stored in contact book not in lowercase
* Update settings.php
Add removing of Tags in emails as Rspamd not count them as part of From
2021-10-23 15:58:06 +00:00
andryyy
408fee4411
[Rspamd] More bulk headers
2021-10-15 19:50:19 +02:00
Dmitriy Alekseev
2c5628c0e5
[Postfix] Tempfail if Rspamd not available
...
To protect from spam when rspamd hang or not yet ready to serve requests postfix should reject incoming mail with temp error
2021-09-16 22:31:46 +03:00
andryyy
5e5ab6cf40
[Rspamd] Add soft reject to dropped messages for Pushover
2021-09-07 19:39:03 +02:00
andryyy
80fc18c5b4
[Rspamd] Always include watchdog in no_stat and no_log flag symbol
2021-09-07 17:56:20 +02:00
andryyy
c4f70f39b5
[Rspamd] Wrong operator: AND should be OR
2021-09-02 14:14:39 +02:00
andryyy
43121b9287
[Rspamd] Properly cache Rspamd settings map, save a lot of resources
2021-09-02 14:09:50 +02:00
andryyy
bb2351ccf8
[Rspamd] Re-add bad subject maps (_not_ related to previous mem leaks)
2021-09-02 14:09:25 +02:00
andryyy
e616755072
[Web] Fix app password editing, fixes #4239
2021-09-01 18:11:00 +02:00
andryyy
2b89ab919b
[Rspamd] Remove IVM-SG script
2021-09-01 17:00:03 +02:00
andryyy
8ee997b1a3
[Rspamd] Base on bullseye; remove nullnull map to _perhaps_ prevent a memleak
2021-09-01 15:21:43 +02:00
Daniel Lo Nigro
1606658cb1
Add missing spaces
2021-08-28 20:02:39 -07:00
andryyy
649a5c0159
[Rspamd] More generous timeout but no retransmit allowed for oletools: prevent further timeouts
2021-08-16 10:17:52 +02:00
andryyy
98a778a059
[Rspamd] Increase task timeout to prevent expensive tasks to cause a timeout; Set max size for macro scans to 3 MiB
2021-08-16 10:01:41 +02:00
andryyy
bc8e87fba6
[Rspamd] Olefy: reduce max scan size to 5 MiB
2021-08-16 06:49:18 +02:00
andryyy
d383c0ab9b
[Dovecot] Revert autocrypt sieve before, fixes DeltaChat and closes #4230
2021-08-13 06:18:43 +02:00
andryyy
eec75690e0
[Nginx] Deny inc/lib location
2021-08-08 16:06:26 +02:00
andryyy
96a460c2fa
[Dovecot] Change sieve scripts for DeltaChat
2021-07-28 21:44:06 +02:00
andryyy
3dd7d7226d
[Dovecot] Re-add sieve_vacation_dont_check_recipient = no (default) to check for vacation rcpts
2021-07-21 10:10:39 +02:00
Sven Michels
376ef76022
[Rspamd] Add soft reject on task timeout ( #4189 )
...
As we have seen issues in DNS processing actually stops rspamd from
processing a message, which leads to missing tag insertion for example,
we turn on soft reject on task timeout. Behavior is the same as with
greylisting for example, so the mail will be delayed/soft rejected, but
as DNS issues usually are most likely temporarily, it should get delivered
on the second try.
2021-07-19 12:09:32 +02:00
andryyy
b5bf97eec9
[Rspamd] Revert custom DNS timeouts
2021-07-11 17:31:40 +02:00
andryyy
b3959e8071
[Rspamd] DeltaChat improvements
2021-07-09 09:19:06 +02:00
andryyy
5a6d970794
[Rspamd] Better support for DeltaChat
2021-07-09 07:42:37 +02:00
andryyy
8b08d09ca2
[Web] Remove XMPP options
...
[Web] Add Rspamd preset #4
[Web] Do not show failed SASL logins (and also remove them from db)
2021-06-30 10:13:29 +02:00
andryyy
b2272b8e35
[Dovecot] Re-add listescape...
2021-06-23 14:17:39 +02:00
andryyy
9544ffe174
[Dovecot] Remove listescape
2021-06-23 14:13:34 +02:00
andryyy
3045bcf49d
[Nginx] Allow SOGo SSO
2021-06-23 14:12:14 +02:00
andryyy
06beda7c7c
[Rspamd] Increase DNS timeout and retransmits
2021-06-21 22:03:26 +02:00
andryyy
f7fd0d8c7c
[Dovecot] Move includes
2021-06-21 22:03:11 +02:00
andryyy
7b0b59a082
[Rspamd] Use Postfix IP
2021-06-21 22:02:36 +02:00
andryyy
5b68c186ca
[Rspamd] Bad header rule for hotmail/outlook.com spam that no one seems to care about at MS :/
2021-06-17 06:34:47 +02:00
andryyy
3ec1b856c7
[Rspamd] Fix bad header rule
2021-06-16 12:23:11 +02:00
Dmitriy Alekseev
583663f6d1
[Rspamd] Fix FREEMAIL_POLICY_FAILURE with SPF_SOFTFAIL ( #4142 )
...
Add really low negative score to SOFTFAIL policy symbols to get FREEMAIL_POLICY_FAILURE triggered correctly
2021-06-11 16:10:28 +03:00
andryyy
3ffd39dae5
[Dovecot] Move mailboxes to separate config file; remove postlogin script (replaced by config variables)
2021-06-08 13:14:47 +02:00
andryyy
68f9ca8cb0
[Postfix] Remove broken SASL access map, moved to Dovecot LUA authentication
2021-06-08 13:13:49 +02:00
waja
28ab9986a7
Remove left smtpd_last_auth statement ( #4127 )
2021-06-06 11:52:31 +00:00
andryyy
d7ecf899c8
[Rspamd] Reduce 00 bad subjects score
2021-06-05 17:45:27 +02:00
Dmitriy Alekseev
05f6e28191
[Postfix] Remove smtpd_last_auth from master.cf ( #4124 )
2021-06-05 16:13:50 +02:00
andryyy
7050d7c259
[Web] Fix BCC validation for aliases
2021-06-05 08:40:55 +02:00
andryyy
51b32bc4c0
[Dovecot] Remove last_login, fixes #4121
2021-06-04 20:48:36 +02:00
andryyy
51e3521aac
[Postfix] Remove smtpd_last_auth service; replaced by SASL logging in Dovecot LUA auth process
2021-06-04 14:29:28 +02:00
andryyy
6d22ae8d02
[Dovecot] Feature: Move authentication to LUA and prepare for http based authentication, log last SASL logins to SQL
2021-06-04 14:27:33 +02:00
andryyy
b6b64f9470
[Rspamd] rename symbol from bad_regex to bad_subject
2021-06-03 08:18:10 +02:00
andryyy
c8955284a2
[Rspamd] Create BCC plugin
2021-06-03 08:02:03 +02:00
andryyy
1bad74101f
[Postfix] Add listener for BCC sender used by meta_exporter in Rspamd
2021-05-30 16:08:19 +02:00
andryyy
8a83587800
[Postfix] Finally here: MX based transport map routing; Sorry it took years, Patrik
...
[Web] Small fixes
2021-05-28 10:40:41 +02:00
andryyy
fe483d882d
[Rspamd] Replace 00 bad domains by bad regex map (wip)
2021-05-27 13:17:35 +02:00
andryyy
4ede07854d
[Rspamd] Replace 00 bad domains by bad regex map (wip)
2021-05-27 12:34:33 +02:00
andryyy
4b28dbbabc
[Rspamd] Replace 00 bad domains by bad regex map (wip)
2021-05-27 12:33:47 +02:00
andryyy
56a085b632
[Rspamd] Add 00 abuse domains (wip!)
2021-05-24 11:12:56 +02:00
andryyy
2e87f6ac2d
[Rspamd] Fix bad header rule
2021-05-23 23:29:32 +02:00
andryyy
f81483d312
[Rspamd] Create bad header map
2021-05-23 23:13:34 +02:00
andryyy
cf9d3e00c8
[Rspamd] Create bad header map
2021-05-23 23:12:07 +02:00
andryyy
1cd0a96ad0
[Nginx, SOGo] Set mime type text/plain instead of returning 403 when opening risky attachments
2021-05-17 21:21:35 +02:00
andryyy
6a8aa699d9
[SOGo, Nginx] Deny access to some extensions from SOGo web ui to mitigate security concerns
2021-05-12 10:44:42 +02:00
Dmitriy Alekseev
bb1b76454d
[Rspamd] Remove score from SIEVE_HOST ( #4080 )
...
Commit e7a5c98704
remove upstream spam flag score
2021-05-04 18:51:07 +02:00
Daniel Lo Nigro
54ba66733e
Enable maildir_very_dirty_syncs rather than just adding comment
2021-05-02 16:39:26 -07:00
Maximilian
5df8a24c84
server_tokens off in default settings ( #4073 )
...
Co-authored-by: Maximilian Leith <accounts.maximilan@leith.de>
2021-04-26 13:20:23 +02:00
Dmitriy Alekseev
bbb75b0d32
[Rspamd] Fix for Respect Redis REPLICA in reputation plugin ( #4046 )
2021-04-18 22:41:08 +03:00
André Peters
ee6ca4eaaa
Revert "[Rspamd] Respect Redis REPLICA in reputation plugin ( #4046 )" ( #4065 )
...
This reverts commit 7fdc4c2cc3
.
2021-04-18 21:02:29 +02:00
Valentin Brandner
1bb68c2f5f
[Rspamd] Fix little typo in regex ( #4050 )
...
There was a dot missing, right? Correct me if I'm wrong...
2021-04-09 23:37:33 +02:00
andryyy
604f29e870
[Postfix] Set mynetworks_style = subnet to include all local subnets, will be overridden by mynetworks in extra.cf
2021-04-07 21:28:53 +02:00
Dmitriy Alekseev
694e3d652f
[Rspamd] Sign Disposition-Notification Headers ( #4020 )
...
* [Rspamd] Sign Disposition-Notification Headers
Add more Headers to DKIM signing
* Update dkim_signing.conf
2021-04-03 12:43:20 +02:00
Der-Jan
7fdc4c2cc3
[Rspamd] Respect Redis REPLICA in reputation plugin ( #4046 )
2021-04-02 21:34:52 +02:00
Daniel Lo Nigro
f6847e6f8c
Add comment about maildir_very_dirty_syncs to dovecot.conf
2021-03-13 10:46:32 -08:00
andryyy
749dc0e5c9
Merge branch 'master' of github.com:mailcow/mailcow-dockerized
2021-03-04 16:13:55 +01:00
Timo Eissler
b6d1f78428
[PHP-FPM] Increase PHP memory limit for "cli" to 512M ( #4010 )
2021-03-03 10:28:15 +01:00
andryyy
4975e4cabd
[SOGo] Fix comments in custom theme
2021-03-03 10:23:51 +01:00
andryyy
e956b32a12
[SOGo] Remove custom theme, disable debug mode, keep example custom-themes
2021-03-02 11:24:00 +01:00
Frederick Nicklas Ambo Eggert Eggertsen
6840a1665d
[Web] Danish lang. 🇩🇰 ( #3971 )
...
Create Danish lang
2021-02-19 18:23:08 +01:00
andryyy
c2c183df2c
[Ejabberd] Add missing ip in yml
2021-02-17 16:44:11 +01:00
andryyy
9ee0bd8bdf
[Ejabberd] Do not store group chats in archive
2021-02-16 21:33:30 +01:00
andryyy
b11764dff0
[Config] Add ADDITIONAL_SERVER_NAMES as optional config to define additional server_name parameters for mailcow UI
2021-02-16 16:38:28 +01:00
andryyy
c4155d4ab6
[Ejabberd] Do not store messages by default; Delete uploads after 30 days; Use JID in upload file path; Use more secure file permissions; Set max offline messages to 1000;
2021-02-16 16:37:18 +01:00
ValdikSS
b52fa1146a
Unset Postfix smtpd_tls_session_cache_database, reduce disk writes ( #3981 )
...
Postfix may update smtpd_tls_session_cache_database quite frequently even on not busy server, which leads to unnecessary (excessive) disk writes, which is an issue for SSD.
Postfix documentation suggests not to use this parameter anymore since there's another, better TLS session resumption method available.
>As of Postfix 2.11 the preferred mechanism for session resumption is RFC 5077 TLS session tickets, which don't require server-side storage. Consequently, for Postfix ≥ 2.11 this parameter should generally be left empty.
http://www.postfix.org/postconf.5.html#smtpd_tls_session_cache_database
2021-02-16 11:01:27 +01:00
andryyy
666d344322
[Web] Remove XMPP site when disabling XMPP
2021-02-14 21:33:43 +01:00
andryyy
9febe4e86b
[Ejabberd] Require s2s TLS, enforce protocols and ciphers, move admin UI (WIP)
2021-02-14 10:47:53 +01:00
andryyy
38e5dc37d2
[Rspamd] Edit RBL
2021-02-14 10:47:05 +01:00
andryyy
8c6b512f05
[mailcow] Move ejabberd site to last available site
2021-02-12 19:26:49 +01:00
andryyy
38c5470d54
[Ejabberd] Various fixes, sorry (still WIP)
2021-02-11 21:09:46 +01:00
andryyy
462aa0a764
[Ejabberd] Fix bootstrapping, ejabberd could not be enabled
2021-02-11 20:46:13 +01:00
andryyy
f69f6b84f3
[Git] Sort gitignore
2021-02-11 15:24:34 +01:00
andryyy
386d6109c8
Merge branch 'master' of github.com:mailcow/mailcow-dockerized
2021-02-11 09:36:18 +01:00
andryyy
29bcd94b7c
[Rspamd] Increase spam symbol weight
2021-02-11 09:32:47 +01:00
Felix Kaechele
31805f1656
[Web] Implement all supported dovecot password schemas ( #3974 )
...
When migrating from other Dovecot based installations it can be very
convenient to just copy over existing hashed passwords.
However, mailcow currently only supports a limited number of password
schemes.
This commit implements all password schemes that do not require
challenge/response or OTP mechanisms.
A convenient way to generate the regex with all supported schemas is
`docker-compose exec dovecot-mailcow doveadm pw -l | awk -F' ' '{printf
"/^{("; for(i=1;i<=NF-1;i++){printf "%s%s", sep, $i; sep="|"}; printf
")}/i\n"}'`
Note that this will also include unsupported challenge/response and OTP
schemas.
Furthermore this increases the vsz_limit for the dovecot auth service to
2G for the use of ARGON2I and ARGON2ID schemas.
Signed-off-by: Felix Kaechele <felix@kaechele.ca>
2021-02-11 09:31:53 +01:00
Dmitriy Alekseev
32b6495ea3
[Dovecot] Add Russian and Ukrainian folders ( #3967 )
...
Update dovecot.conf
2021-02-08 16:09:23 +02:00
Dmitriy Alekseev
a2783d44ad
[SOGo] Add custom favicon ( #3957 )
...
* [SOGo] Add custom favicon
* Update docker-compose.yml
2021-01-31 09:58:08 +01:00
Dmitriy Alekseev
0a102444fc
[Rspamd] Add FUZZY_SPAM_MISMATCH ( #3958 )
...
Remove score from FUZZY_HAM_MISMATCH
2021-01-31 09:56:47 +01:00
andryyy
0d1ea05ae2
[Git] Ignore custom SOGo logo
...
[SOGo] Slightly more contrast
2021-01-29 07:37:37 +01:00
andryyy
01b2179d56
[SOGo] Lighter logo
2021-01-28 19:42:52 +01:00
andryyy
410cb558ee
[Dovecot] Check if quarantine_notify.py holds a lock
...
[SOGo] Change default theme
2021-01-28 15:48:59 +01:00
andryyy
049b5ceb31
[Rspamd] Add bulk header
2021-01-26 07:48:39 +01:00
andryyy
e6898beb59
[Rspamd] Remove ham symbols if a fuzzy denied hash matched
2021-01-19 12:59:46 +01:00
Peter
5dcbce662b
[Rspamd] Sort & add infos for bad ASN map ( #3934 )
2021-01-18 07:06:06 +01:00
Dmitriy Alekseev
d9d129047c
[Rspamd] Score for freemail from to undisclosed recipients
2021-01-17 19:09:02 +02:00
andryyy
3dece1a05c
[Dovecot] Add sieve rule to move DeltaChat ( https://delta.chat ) messages to folder DeltaChat
...
[Web] Add information about extended DNS config
2021-01-14 09:38:56 +01:00
andryyy
00723631dd
[Postfix] Add parent_domain_matches_subdomains
2021-01-13 21:17:10 +01:00
Dmitriy Alekseev
a832becbd5
[Rspamd] Not trigger FREEMAIL_POLICY for mailig lists ( #3918 )
2021-01-02 09:49:55 +01:00