Commit Graph

163 Commits

Author SHA1 Message Date
andryyy
8d05d4a51d
[Web] Cleanup Rspamd, other fixes 2020-11-25 16:10:33 +01:00
andryyy
4a355f242f
[Web] Some fido2 fixes, table view for fido2 keys, fix renaming keys with the same subject 2020-11-17 13:38:28 +01:00
andryyy
9dec340434 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2020-11-15 20:22:46 +01:00
Lukas Schreiner
d96bf91a0d
Support of different default pass schemes + support of BLF-CRYPT (#3832)
* Introduce MAILCOW_PASS_SCHEME in order to support blowfish (cf. mailcow/mailcow-dockerized#1019)

* Furthermore added dovecot to support new environment varible for MAILCOW_PASS_SCHEME defaulted to SSHA256

* Revert changes regarding gitignore.

* Added fallback to SSHA256 if environment is not proper prepared.

* No fallback within management frontend, as it must match to other components.

* Unified and corrected alignment; implemented support of SSHA512

* Currently, password_hash of PHP is using by default bcrypt (BLF). As this might change later, we must ensure, that BLF is still used after PHP changes its default.

* Switched to BLF-CRYPT by default (even on update)

* Switched to BLF-CRYPT by default (even on update)

* Adding information in config generation / update with link to supported hash algorithm

* Bump sogo version to 1.92

* Fallback to BLF-CRYPT in case password scheme is not proper defined for Mailcow administration.
2020-11-15 20:22:35 +01:00
andryyy
c150ac7b37
[Web] Feature (beta): Add WebAuthn support for administrators and domain administrators 2020-11-15 19:32:37 +01:00
andryyy
f3c72832f2
[Web] Add rspamd-stats route to API 2020-09-06 08:54:09 +02:00
Miro Rauhala
6bff958ab4
[Web] Clean PHP code by removing unused variables (#3646)
* [WEB] $lang is not used in this context

* [Web] $stmt variable is not used
2020-07-11 13:20:38 +02:00
andryyy
48b74d77a0
[Web] Fix PHPMailer, minor style change for quarantine rcpts 2020-06-07 10:45:40 +02:00
andryyy
a6af7cbc2e
[Web] Expand IPv6 addresses for better comparison 2020-05-26 20:04:22 +02:00
andryyy
ccc56c54a9
[Web] Merge same notification types 2020-05-20 20:37:52 +02:00
andryyy
e824239dee
[Web] Disallow web UI login, when domain is disabled 2020-05-17 09:41:38 +02:00
andryyy
aef15f004a
[Web] Allow CIDR as allowed API networks; other minor fixes 2020-05-04 07:51:50 +02:00
andryyy
a6247fc13f
[Web] Do not try to update sogo static view with skip_sogo y 2020-04-29 21:09:13 +02:00
andryyy
47a15c21aa
[Rspamd] Pushover, check sender by regex 2020-04-16 21:58:30 +02:00
andryyy
8f4540d5d9 [Web] r/o API keys, Pushover integration (can be limited by ACL), other minor changes 2020-04-10 21:00:23 +02:00
andryyy
3e2cbac778
[Rspamd] 2.5 RC3 2020-03-31 10:03:40 +02:00
andryyy
b1242259e7
[Web] Fix cow level, sorry :( 2020-03-04 12:54:38 +01:00
andryyy
0ac4281f0e
[Web] Allow to skip IP check for API 2020-02-16 20:08:36 +01:00
andryyy
653c058e33
[Web] Feature: Allow app passwords for imap/smtp, allow to set acl permission for app passwords (domain admin [when logged in as user] and user) 2019-12-02 11:02:19 +01:00
andryyy
affbba50ca
[Web] Fix active U2F key in UI 2019-10-25 19:13:24 +02:00
tinect
74244c7d0a cleanup cached js and css 2019-10-20 19:39:46 +02:00
andryyy
80a9c39956
[Web] Validate plain md5 hashes, closes #3017 2019-10-08 17:36:28 +02:00
André Peters
fe38275cb5
Revert "Make is_valid_domain_name more strict" 2019-09-21 14:16:50 +02:00
André Peters
0dbc03a416
Merge pull request #2941 from patschi/domain-name-fix
Make is_valid_domain_name more strict
2019-09-19 15:03:51 +02:00
andryyy
0487f5ea1d
[Web] Add JVM memory indiator and add minor fixes 2019-09-17 20:11:53 +02:00
Patrik Kernstock
6b2f5a30d2
Slightly modified is_valid_domain_name for #1118 2019-09-15 20:40:07 +01:00
andryyy
893ce5a789
[Web] Allow to add external sender addresses, can be disabled by domain admin ACL and is disabled by default 2019-09-02 11:11:41 +02:00
andryyy
294e0bc07f
[Web] Cache validation result in Redis 2019-08-11 22:19:26 +02:00
andryyy
9a500a7068
[Web] Verify OPTIONAL license plus minor fixes 2019-08-09 14:16:52 +02:00
andryyy
5087d5ce96
[Web] Allow aliases as send-as 2019-05-26 08:29:10 +02:00
Evangelos Foutras
e1a3313660 [Web] Fix showing domain with disabled sender check
If a mailbox is allowed to send as any address under its domain (+ alias
domains) and the domain itself has no aliases configured, no information
about this fact is shown to the user. That is to say, the "Do not check
sender access for the following domain(s) and its alias domains" field
under mailbox details is empty.

The above is happening because the second GROUP_CONCAT() returns NULL
making the enclosing CONCAT() return NULL as well. Fix this by using
CONCAT_WS() which correctly handles the case of zero domain aliases.

Furthermore, move the IFNULL() to the first GROUP_CONCAT() because
CONCAT_WS() returns an empty string when both GROUP_CONCAT()'s are
NULL. We can be certain that when the first GROUP_CONCAT() is NULL
the second one will be as well, so it's safe to use IFNULL() there.
2019-05-20 18:08:45 +03:00
andryyy
49492dff61
[Web, Dovecot] Allow empty/unlimited quota 2019-03-28 22:05:12 +01:00
andryyy
c7c115d63a
[Solr] Use fixed, recommended schema but add EdgeNGramFilterFactory 2019-03-10 09:40:04 +01:00
andryyy
d60c6a4e56
[Web] Fix shared alias displain in user view, fixes #2274 2019-02-07 22:37:11 +01:00
andryyy
4a1362fc4d
[Web] Minor alias overview fix 2019-02-06 09:23:44 +01:00
andryyy
1e764009bf
[Web] Use INTL_IDNA_VARIANT_UTS46 in idn_to_ascii (thanks to @Knight1 !)
[Web] Some PHP fixes (warnings, notices)
[Web] Add quota notification tools
2019-02-05 00:10:21 +01:00
andryyy
07392b7437
[Watchdog] Use stackoverflow.com for DNS check
[Git] Ignore mail_plugins*
[Dovecot] Read mail_plugins from dynamically generated file
[Dovecot] Encrypt FTS
[Dovecot] Add break_imap_seach option to Solr
[Web] Add ability to send quarantine notification mails
[Web] Minor style fixes
[Web] Add new MAILBOX_DEFAULT_ATTRIBUTES (doc updates, anyone? :-( )
[Web] Use rcpt_smtp if rcpt_mime is not set
[Web] Other minor fixes
2019-01-29 00:20:39 +01:00
andryyy
f924f9b5cd
[Web] Minor fix in return 2019-01-16 19:11:23 +01:00
André Peters
f3dfe346bf [Dovecot] Allow setting ACL_ANYONE in mailcow.conf 2019-01-16 19:08:19 +01:00
andryyy
ca9c610460
[Web] Apple mobileconfig enhancements by @feldsam 2019-01-02 21:28:22 +01:00
andryyy
5b5976ba23 [Web] Show ratelimited messages, allow to delete Redis hash to reset status of a bucket 2018-12-15 21:24:39 +01:00
andryyy
f9bfac4d27 [Web] Fix _sogo_static_view creation when parent tables changed order of cols 2018-11-12 10:01:33 +01:00
André
e30dfd6751 [Web] Queue manager for Postfix
[Web] Add sogo_access mail attribute
[Web] Allow to wipe SOGo profiles
2018-10-23 21:14:57 +02:00
André
5ce15eac4b [Web] Some language updates for sys mails 2018-10-12 10:57:47 +02:00
André
9f0be1d8a8 [Web] Fix require_once to always include document root
[Web] Add system mails (send mails to all mailboxes via LMTP)
[Web] Allow to add more administrators
[Web] Fix domain administrator editing
[Web] Remove some foreign keys
[Web] Remove username from API
[Web] Remove more .php extension from code
[Web] More minor fixes
2018-10-11 11:59:23 +02:00
André
4396be2938 [Rspamd] Place socket in _rspamd home and fix permissions
[Compose] Remove volume for Rspamd socket
[Web] Do not exit loop on fuzzy errors when learning a message as spam
2018-09-30 09:53:25 +02:00
André
0fb43f4916 [Docker API] Use TLS encryption for communication with "on-the-fly" created key paris (non-exposed)
[Docker API] Create pipe to pass Rspamd UI worker password
[Dovecot] Pull Spamassassin ruleset to be read by Rspamd (MANY THANKS to Peer Heinlein!)
[Dovecot] Garbage collector for deleted maildirs (set keep time via MAILDIR_GC_TIME which defaults to 1440 minutes)
[Web] Flush memcached after mailbox item changes, fixes #1808
[Web] Fix duplicate IDs, fixes #1792
[Compose] Use SQL sockets
[PHP-FPM] Update APCu and Redis libs
[Dovecot] Encrypt maildir with global key pair in crypt-vol-1 (BACKUP!), also fixes #1791
[Web] Fix deletion of spam aliases
[Helper] Add "crypt" to backup script
[Helper] Override file for external SQL socket (not supported!)
[Compose] New images for Rspamd, PHP-FPM, SOGo, Dovecot, Docker API, Watchdog, ACME, Postfix
2018-09-29 22:01:23 +02:00
André
5db40bf688 [Web] Implement MD5-CRYPT verification, fixes #1665 2018-09-20 10:25:36 +02:00
André
a5488d4ba6 [Web] Fix init db on fresh installations 2018-09-10 16:23:08 +02:00
André
c9554ca022 [Compose] Update watchdog image
[Watchdog] Fix IP detection with multiple networks
[Web] Show API field (no docs, no support, wip)
[Web] haveibeenpwned.com implementation
[Web] User and domain admin ACL (no docs, no support, wip)
[Web] Some minor fixes
2018-09-09 21:18:38 +02:00