Commit Graph

984 Commits

Author SHA1 Message Date
Patrick Schult
372b1c7bbc
Merge pull request #5383 from Dexus-Forks/Dexus-patch-1
Update config for nginx >=1.25.1 (http2, server_names_hash_max_size, server_names_hash_bucket_size)
2023-08-29 12:05:44 +02:00
Josef Fröhle
095d59c01b Update listen_ssl.template deprecated http2 on listener 2023-08-12 16:59:15 +02:00
Josef Fröhle
1a2f145b28 Update site.conf: server_names_hash_bucket_size 128 2023-08-12 16:58:26 +02:00
FreddleSpl0it
025fd03310
[Rspamd] remove X-Moo-Tag header if unnecessary 2023-08-07 14:26:30 +02:00
FreddleSpl0it
c45684b986
[Postfix] rework dns_blocklists.cf generation 2023-08-02 16:36:59 +02:00
milkmaker
31cb0f7db1 update postscreen_access.cidr 2023-07-31 10:06:07 +00:00
DerLinkman
6d17b9f504 Added dns_blocklists.cf for customizations 2023-07-31 12:03:31 +02:00
DerLinkman
815572f200 Merge branch 'feat/spamhaus-dqs-asn' into staging 2023-07-28 10:33:34 +02:00
Niklas Meyer
2b009c71c1
Merge pull request #5316 from mailcow/feat/rspamd-securite-symbols
[Rspamd] Native mailcow Support for Securite ClamAV Signatures
2023-07-12 08:27:20 +02:00
Patrick Schult
a0723f60d2
Merge pull request #5221 from mailcow/fix/dot-stuffing-bcc
[Rspamd] add dot-stuffing to bcc forwarding
2023-07-10 10:07:31 +02:00
DerLinkman
6e9c024b3c Changed weight to score for CLAMD_SPAM 2023-06-27 10:28:52 +02:00
DerLinkman
8cd4ae1e34 Improved Scores 2023-06-23 16:19:37 +02:00
DerLinkman
689856b186 New Symbols defined for Security ClamAV DBs 2023-06-23 16:13:25 +02:00
DerLinkman
380cdab6fc Removed dnsbl from main.cf 2023-06-23 14:26:17 +02:00
Peter
7a582afbdc
Rspamd returns 401 on unsuccesful logins 2023-05-28 22:43:26 +02:00
Niklas Meyer
88b8d50cd5
Merge pull request #4028 from Daniel15/patch-2
Enable maildir_very_dirty_syncs by default
2023-05-24 11:00:38 +02:00
Peter
33c97fb318
change domain for docs 2023-05-10 20:32:38 +02:00
FreddleSpl0it
97a492b891
[Rspamd] add dot-stuffing to bcc forwarding 2023-05-03 15:04:09 +02:00
Peter
f3322c0577
Add IP Connect Inc 2023-04-21 19:43:20 +02:00
Niklas Meyer
deb2b80352
Merge pull request #5108 from mailcow:dragoangel-patch-1
[Rspamd] Fix cases of forwarding via freemail
2023-03-09 14:33:48 +01:00
Dmitriy Alekseev
81fcbdd104
[SOGo] Disable password change option
It doesn't work with ProxyAuth and in general not honor password policy set via mailcow UI. SOGo also do not provide own settings to provide any password policy. Due to this two issues I think that it's better have it disabled by default. People who need it can turn it back easily. We can update https://docs.mailcow.email/manual-guides/SOGo/u_e-sogo/#disable-password-changing to `enable-password-changin` and explanations of reasons why it is disabled.
2023-03-04 18:06:26 +02:00
Dmitriy Alekseev
1a9294b58f
[Rspamd] Fix cases of forwarding via freemail
Excluding FREEMAIL_ENVFROM from the FREEMAIL_POLICY_FAILURE expression will allow forwarding mail via freemail services when the initial sender did not have a DKIM signature.
2023-03-04 17:57:52 +02:00
Reto Kupferschmid
46cc022590
fix URLHAUS_ABUSE_CH check 2023-02-28 14:30:38 +01:00
FreddleSpl0it
afddcf7f3b replace nullnull.org with fuzzy.mailcow.email 2023-01-24 09:49:49 +01:00
Niklas Meyer
0dbd6be010
Merge pull request #4899 from mhupfauer/patch-1
Update bulk_header.map
2022-12-23 16:10:04 +01:00
Der-Jan
f1e1232849 Add Message-ID to pushover 2022-12-21 10:39:14 +01:00
mhupfauer
118984dfff
Update bulk_header.map
AWeber is a massive Mail as a Service provider which is used by many legitimate corporations and should not be handled negatively by default.
2022-12-13 22:38:45 +01:00
bluewalk
360bb6f306 Split name and address for TO-variables 2022-11-20 10:42:44 +01:00
bluewalk
d8e314db1a Fixed issue with subdomain senders + added TO variable and allow new lines in text using \n 2022-11-19 15:32:48 +01:00
bluewalk
fd14c51f85 Removed regex as we have the address from the header 2022-11-18 17:29:31 +01:00
bluewalk
65c74c75c7 Added SENDER_ADDRESS and SENDER_NAME as variables for messages 2022-11-17 21:01:18 +01:00
bluewalk
e82f3b3975 Added SENDER_ADDRESS and SENDER_NAME as variables for messages 2022-11-17 21:01:18 +01:00
FreddleSpl0it
72e204f8fd fix sogo bugs after 2022-08 update 2022-09-08 10:32:07 +02:00
DerLinkman
9806e568c0 Readded Sieve Location for Dovecot 2022-09-02 10:24:49 +02:00
andryyy
ad8b7f0894 [Dovecot] Fixes broken sieve compiler in some rare cases when using replication 2022-08-18 15:08:00 +02:00
André
fdf52dcb17
[Rspamd] Prevent LUA crash
Fixes LUA error when inserting unknown symbol from settings map
2022-07-07 09:20:59 +02:00
FreddleSpl0it
549ff7d100
Add Domain and Mailbox tagging (#4569)
* [Web] define tag tables

* [Web] add mailbox tag functions

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* Include new tags lang in language.en.json

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

Co-authored-by: Niklas Meyer <62480600+DerLinkman@users.noreply.github.com>
2022-05-05 08:25:01 +02:00
andryyy
7e26a2ab98
[Rspamd] Remove neural config due to massive fp 2022-04-13 10:42:11 +02:00
andryyy
372e381a85
[Web] Fix wrong lang string for filter deletion confirmation 2022-04-08 09:39:32 +02:00
andryyy
a2ccf7ef03
[Nginx] Fix Nginx buffer sizes by moving parameters to correct location 2022-04-05 22:34:26 +02:00
Niklas Meyer
53a5254897
[SOGo] Update SOGo to 5.5.1
**Includes Database Changes!**

As a preparation for 5.5.2 the database as well as some NGINX Settings have been changed.
2022-04-01 15:20:09 +02:00
Aiko Appeldorn
be9cbcf5ac
[Postfix] update postscreen access list (#4515) 2022-03-23 11:49:46 +01:00
Niklas Meyer
b04faddac4 Modified Buffer Size in site-defaults.conf 2022-03-23 11:14:07 +01:00
Peter
eddaf7a975
Revert "Before update on 2022-03-02_17_04_05"
This reverts commit 24275ffdbf.
2022-03-05 23:31:41 +01:00
andryyy
98bc947d00 [Web] Update composer libs
- Removing symfony/deprecation-contracts (v2.4.0)
  - Upgrading ddeboer/imap (1.12.1 => 1.13.1)
  - Upgrading directorytree/ldaprecord (v2.6.3 => v2.10.1)
  - Upgrading illuminate/contracts (v8.53.1 => v9.3.0)
  - Upgrading nesbot/carbon (2.51.1 => 2.57.0)
  - Upgrading phpmailer/phpmailer (v6.5.0 => v6.6.0)
  - Upgrading psr/container (1.1.1 => 2.0.2)
  - Upgrading psr/log (1.1.4 => 3.0.0)
  - Upgrading psr/simple-cache (1.0.1 => 2.0.0)
  - Upgrading robthree/twofactorauth (1.8.0 => 1.8.1)
  - Upgrading symfony/polyfill-ctype (v1.23.0 => v1.24.0)
  - Upgrading symfony/polyfill-mbstring (v1.23.1 => v1.24.0)
  - Upgrading symfony/polyfill-php80 (v1.23.1 => v1.24.0)
  - Upgrading symfony/translation (v5.3.4 => v6.0.5)
  - Upgrading symfony/translation-contracts (v2.4.0 => v3.0.0)
  - Upgrading symfony/var-dumper (v5.3.6 => v6.0.5)
  - Upgrading tightenco/collect (v8.34.0 => v8.83.2)
  - Upgrading twig/twig (v3.3.2 => v3.3.8)
2022-03-02 20:08:44 +01:00
andryyy
24275ffdbf Before update on 2022-03-02_17_04_05 2022-03-02 20:03:09 +01:00
Niklas Meyer
c520f21d28
🐄 Moorch Update 2022 - ClamAV, Dovecot & Olefy Update (#4497)
* [API] Fix minor issue in api docs

* [GH-Actions][stale] Add neverstale label to exempt list

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag error handling

* [Web] add github version tag error handling

* Passwordless SOGo auth: support for calendar invitations and calendar/contacts subscriptions

Inviting someone to a calendar event triggers a request to /SOGo/so/otheruser@example.com/freebusy.ifb/ajaxRead. Subscribing to someone's calendar/contacts triggers a request to /SOGo/so/otheruser@example.com/foldersSearch. The email address in the URL is different from the logged-in user, which needs to be handled appropriately by sogo-auth.php.

* [Web] add github version tag - adjust css

* [Compose] Update SOGo Autoreply Schedule to 5m

Based on the advice of inverse (SOGo developer). Thanks to https://github.com/jmber

Closes: https://github.com/mailcow/mailcow-dockerized/issues/4436

* [Web] add github version tag - move twig globals

* [Web] add github version tag - missing </div>

* Passwordless SOGo auth: improvements for when accessing other users

* [WebAuthn] fido2 passwordless auth - fix (#4440)

* [WebAuthn] fido2 revert

* [WebAuthn] set UV flags to 'discouraged'

* [WebAuthn] revert - set UV flags to 'discouraged'

* Update clamav to 0.104.2

* Update clamav to 0.104.2

* Update dovecot to 2.3.18

Update gosu to 1.14
Use debian bullseye as base

* [Web] Updated lang.es.json [CI SKIP] (#4453)

Co-authored-by: Fijxu <fijxu@zzls.xyz>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

Co-authored-by: Fijxu <fijxu@zzls.xyz>

* Fix broken documentation links (#4458)

* Fix broken documentation links

* Fix a few more broken documentation links

* Fix broken documentation links in translation files

* Fall back to empty string if WATCHDOG_NOTIFY_EMAIL undefined (#4457)

By default, `.env` (`mailcow.conf`) does not define `WATCHDOG_NOTIFY_EMAIL`.

Using it in `docker-compose.yml` without having it defined leads to Compose v2 displaying this warning on startup:

> WARNING: The WATCHDOG_NOTIFY_EMAIL variable is not set. Defaulting to a blank string.

Related to https://github.com/mailcow/mailcow-dockerized/issues/4315

* [Web] Updated lang.sk.json [CI SKIP] (#4461)

Co-authored-by: Lukáš Matula <lukas@gbely.net>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

Co-authored-by: Lukáš Matula <lukas@gbely.net>

* oletools: disable template injection detection (#4464)

Seems to be causing a lot of false positives lately

* Fix minor typo in comment (#4466)

Correction of the comment, so that the explanation is correct and can be understood.

* Update issue templates to issue forms (#4465)

This PR updates the issue templates to GitHubs new issue forms

* [Web] Fix padding issue in UI admin panel (#4481)

* [Web] fix admin panel padding issue

* [Web] fix admin panel padding issue

* [Web] Updated lang.sk.json [CI SKIP] (#4489)

Co-authored-by: Lukáš Matula <lukas@gbely.net>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

Co-authored-by: Lukáš Matula <lukas@gbely.net>

* increase opcache.interned_strings_buffer to 16 (#4487)

since version 23.0.2 Nextcloud recommends having a value greater than 8 for `opcache.interned_strings_buffer`. As this memory will be only used when needed this should have no impact on installations that are not using nextcloud.

related discussion: https://help.nextcloud.com/t/nextcloud-23-02-opcache-interned-strings-buffer/134007/19
related nextcloud issue: https://github.com/nextcloud/server/issues/31223

* nextcloud - add missing redirections (#4366)

adds missing location directives to the nginx configuration of nextcloud 22, to prevent warnings in nextcloud admin center of missing redirections

* Update imapsync to 2.178 (#4491)

* Update and fix oletools (#4479)

As noticed by @MAGICCC (#4464 (comment)), our olefy image does not work anymore if you rebuild it. This is because @HeinleinSupport recently updated their repository with the changes from @decalage2's repository, which renamed olvba3 to olevba. Since @HeinleinSupport does not recommend using its own patched branch and is very slow in pulling in changes from upstream (@decalage2), let's switch to the latter. This also allowed me to revert #4464.

Finally, a minor patch to rspamd is necessary. While the documentation says

In the extended mode the oletools module will not trigger on specific categories, but will always set a threat string with all found flags when at least a macro was found.

This is not actually true -- it only sets it when suspicious or autoexec threats were detected. But it's a one-line patch to make rspamd behave as documented and we should submit that patch to @rspamd too. With this patch, I have confirmed that Mailcow will reject any incoming, non-whitelisted message containing attachments with macros.

* [Web] Fix excluded domain list in quaratine view

Previously excluded domains from quarantine were not shown.

* [Dovecot] Update syslogng Version to 3.28 (#4496)

Co-authored-by: Niklas Meyer <niklas.meyer@tinc.gmbh>

Co-authored-by: ntimo <git@nowitzki.me>
Co-authored-by: Peter <magic@kthx.at>
Co-authored-by: FreddleSpl0it <patschul@posteo.de>
Co-authored-by: FreddleSpl0it <75116288+FreddleSpl0it@users.noreply.github.com>
Co-authored-by: Michael Kuron <mkuron@users.noreply.github.com>
Co-authored-by: milkmaker <milkmaker@mailcow.de>
Co-authored-by: Fijxu <fijxu@zzls.xyz>
Co-authored-by: Slavi Pantaleev <slavi@devture.com>
Co-authored-by: Lukáš Matula <lukas@gbely.net>
Co-authored-by: Max <mail@heavygale.de>
Co-authored-by: Michael Cramer <michael@bigmichi1.de>
Co-authored-by: Robert Christian <soulsymphonies@users.noreply.github.com>
Co-authored-by: André <andre.peters@debinux.de>
Co-authored-by: Niklas Meyer <niklas.meyer@tinc.gmbh>
2022-03-02 16:32:17 +01:00
andryyy
a5660cdf31 [SOGo] Faster GC: fix for too many SQL connections 2021-12-12 10:42:53 +01:00
andryyy
25cecf5f9d [MariaDB] Further increase connections 2021-11-18 10:55:54 +01:00
Dmitriy Alekseev
95e57e3968
[Rspamd] Return CAB to archive_extensions 2021-11-18 11:47:56 +02:00