After new volumes were added to docker-compose.yml in the sogo-mailcow container, it is necessary to include the specified files in the path, in order for docker to correctly start after running `docker compose up` command, otherwise error will appear, as necessary files would be missing.
The files uploaded are original SOGo UI elements, obtained from the sogo-mailcow container. Whenever users will need to change the UI elements, they would just need to change these files. Hence simplifying the process.
* fts-flatcurve: inital implementation
* fts: removed solr from compose.yml
* flatcurve: added heap and proc logic to dovecot
* added logic for update.sh & generate for Flatcurve
* delete old iteration of fts-flatcurve.conf
* updated default fts.conf
* updated .gitignore to exclude fts.conf for further git updates
* Remove autogeneration of fts.conf (disable override)
* cleanup all left solr stuff
* renamed SKIP_FLATCURVE to SKIP_FTS
* cleanup leftovers solr in lang files
* moved lazy_expunge plugin only to mail_plugins
* added fts timeout value
* compose: remove dev image of dovecot
* updated japanese translation
In the last months and years, the default `mime_types.conf` of rspamd has changed and it might be also useful to make some adjustments to the weight of certain file extensions.
This PR is removing all file extensions from `mime_types.conf` which are already in rspamd's default configuration at [rspamd/src/plugins/lua/mime_types.lua](https://github.com/rspamd/rspamd/blob/master/src/plugins/lua/mime_types.lua). If file extension is not present or has a different score compared to rspamd default, it is still in the list.
There are also a few major differences to certain file extensions, which might be useful to discuss and carefully adjust. For example, `.exe` files are rated very 'badly' due to high chance of being malicious, so are other extensions like `bat`, `cmd`, etc.
Current suggestion:
```lua
# Extensions that are treated as 'bad'
# Number is score multiply factor
bad_extensions = {
apk = 4,
appx = 4,
appxbundle = 4,
bat = 8,
cab = 20,
cmd = 8,
com = 20,
diagcfg = 4,
diagpack = 4,
dmg = 8,
ex = 20,
ex_ = 20,
exe = 20,
img = 4,
jar = 8,
jnlp = 8,
js = 8,
jse = 8,
lnk = 20,
mjs = 8,
msi = 4,
msix = 4,
msixbundle = 4,
ps1 = 8,
scr = 20,
sct = 20,
vb = 20,
vbe = 20,
vbs = 20,
vhd = 4,
py = 4,
reg = 8,
scf = 8,
vhdx = 4,
};
# Extensions that are particularly penalized for archives
bad_archive_extensions = {
pptx = 0.5,
docx = 0.5,
xlsx = 0.5,
pdf = 1.0,
jar = 12,
jnlp = 12,
bat = 12,
cmd = 12,
};
# Used to detect another archive in archive
archive_extensions = {
tar = 1,
['tar.gz'] = 1,
};
```
**As a important reminder**: For all remaining and additional file extensions and score weights, please check above default rspamd configuration!
* Decode rspamd-subject for pushover notifications
Fixes#6028
* Apply iconv_mime_decode to the quarantine function as well
This might contain utf-8 encoded text as well
* Moved the iconv_mime_decode "fix" back to pipe.php
* postfix: removed TLS1.0/1.1 support (natively)
* postfix: upgrade to deb12 + pf to 3.7.9
* compose: increased postfix tag
* postfix: shortened TLS syntax with new format of 3.6+
* Update main.cf
In order to avoid unnecessary log lines, changed:
smtpd_discard_ehlo_keywords = chunking
to this one:
# The non-logging alternative:
smtpd_discard_ehlo_keywords = chunking, silent-discard
Update main.cf to remove unnecessary log lines in Postfix log
[Netfilter] add mailcow rule to docker-user chain
[Netfilter] add mailcow isolation rule to MAILCOW chain
[Netfilter] add mailcow isolation rule to MAILCOW chain
[Netfilter] set mailcow isolation rule before redis
[Netfilter] clear bans in redis after connecting
[Netfilter] simplify mailcow isolation rule for compatibility with iptables-nft
[Netfilter] stop container after mariadb, redis, dovecot, solr
[Netfilter] simplify mailcow isolation rule for compatibility with iptables-nft
[Netfilter] add exception for mailcow isolation rule for HA setups
[Netfilter] add exception for mailcow isolation rule for HA setups
[Netfilter] add DISABLE_NETFILTER_ISOLATION_RULE
[Netfilter] fix wrong var name
[Netfilter] add DISABLE_NETFILTER_ISOLATION_RULE to update and generate_config sh
