Commit Graph

178 Commits

Author SHA1 Message Date
andryyy
08d666985f
[Web] Improve last logins, switch to country name (workaround, fix in progress) 2021-06-06 21:00:48 +02:00
andryyy
a89fe53e4a
[Web] Show country of sasl ips 2021-06-06 11:57:15 +02:00
andryyy
7050d7c259
[Web] Fix BCC validation for aliases 2021-06-05 08:40:55 +02:00
andryyy
2d55b54904
[Web] Show users the last known connections for SASL authentication
[Web] Feature: Log SASL authentication
2021-06-04 14:29:39 +02:00
andryyy
735bcb2f55
[Web] Allow to select aliases for BCC 2021-06-03 08:00:59 +02:00
andryyy
5065667ae4
[Postfix] Allow to set and override a relayhost per mailbox
[Web] Replace recycle icon with trash (this one made me a bit sad)
[Web] Various small fixes
[Web] Allow or disallow a domain admin to change relayhost settings (default is off, as previous default)
2021-05-26 14:02:27 +02:00
andryyy
e21e0b9dbf
[Web] Time limited aliases: show create date; create aliases with 1yr retention by default; create temp alias in alias domain; better random names; accept any validity time
[Web] Replace spam score slider by nouislider and rework table a bit
2021-05-21 12:48:24 +02:00
andryyy
eb1d5dd134
[Web] Remove debugging points 2021-04-18 12:53:59 +02:00
andryyy
5ea649b292
[Web] Feature: Add password policy 2021-04-09 13:46:17 +02:00
Shea Ramage
4feceb08da
Refactor support for pre-hashed passwords (#4024) 2021-03-10 21:06:32 +01:00
andryyy
04bd21663c
[Web] Minor fixes 2021-02-11 14:41:00 +01:00
Felix Kaechele
31805f1656
[Web] Implement all supported dovecot password schemas (#3974)
When migrating from other Dovecot based installations it can be very
convenient to just copy over existing hashed passwords.
However, mailcow currently only supports a limited number of password
schemes.

This commit implements all password schemes that do not require
challenge/response or OTP mechanisms.

A convenient way to generate the regex with all supported schemas is
`docker-compose exec dovecot-mailcow doveadm pw -l | awk -F' ' '{printf
"/^{("; for(i=1;i<=NF-1;i++){printf "%s%s", sep, $i; sep="|"}; printf
")}/i\n"}'`

Note that this will also include unsupported challenge/response and OTP
schemas.

Furthermore this increases the vsz_limit for the dovecot auth service to
2G for the use of ARGON2I and ARGON2ID schemas.

Signed-off-by: Felix Kaechele <felix@kaechele.ca>
2021-02-11 09:31:53 +01:00
andryyy
02b10b0ed4
[Web] Add SSHA 2020-12-07 07:58:50 +01:00
Balázs Dura-Kovács
dd1b25fa61
[Web] Optional HTML in system mails (#3879)
* HTML in system mails

* Update functions.inc.php

* Update functions.inc.php

Co-authored-by: André Peters <andre.peters@debinux.de>
2020-11-30 07:43:48 +01:00
andryyy
ba20db2e08
[Web] Allow a user to choose notification categories (junk folder, rejected mail, both/all) + user ACL 2020-11-28 17:41:48 +01:00
andryyy
8d05d4a51d
[Web] Cleanup Rspamd, other fixes 2020-11-25 16:10:33 +01:00
andryyy
4a355f242f
[Web] Some fido2 fixes, table view for fido2 keys, fix renaming keys with the same subject 2020-11-17 13:38:28 +01:00
andryyy
9dec340434 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2020-11-15 20:22:46 +01:00
Lukas Schreiner
d96bf91a0d
Support of different default pass schemes + support of BLF-CRYPT (#3832)
* Introduce MAILCOW_PASS_SCHEME in order to support blowfish (cf. mailcow/mailcow-dockerized#1019)

* Furthermore added dovecot to support new environment varible for MAILCOW_PASS_SCHEME defaulted to SSHA256

* Revert changes regarding gitignore.

* Added fallback to SSHA256 if environment is not proper prepared.

* No fallback within management frontend, as it must match to other components.

* Unified and corrected alignment; implemented support of SSHA512

* Currently, password_hash of PHP is using by default bcrypt (BLF). As this might change later, we must ensure, that BLF is still used after PHP changes its default.

* Switched to BLF-CRYPT by default (even on update)

* Switched to BLF-CRYPT by default (even on update)

* Adding information in config generation / update with link to supported hash algorithm

* Bump sogo version to 1.92

* Fallback to BLF-CRYPT in case password scheme is not proper defined for Mailcow administration.
2020-11-15 20:22:35 +01:00
andryyy
c150ac7b37
[Web] Feature (beta): Add WebAuthn support for administrators and domain administrators 2020-11-15 19:32:37 +01:00
andryyy
f3c72832f2
[Web] Add rspamd-stats route to API 2020-09-06 08:54:09 +02:00
Miro Rauhala
6bff958ab4
[Web] Clean PHP code by removing unused variables (#3646)
* [WEB] $lang is not used in this context

* [Web] $stmt variable is not used
2020-07-11 13:20:38 +02:00
andryyy
48b74d77a0
[Web] Fix PHPMailer, minor style change for quarantine rcpts 2020-06-07 10:45:40 +02:00
andryyy
a6af7cbc2e
[Web] Expand IPv6 addresses for better comparison 2020-05-26 20:04:22 +02:00
andryyy
ccc56c54a9
[Web] Merge same notification types 2020-05-20 20:37:52 +02:00
andryyy
e824239dee
[Web] Disallow web UI login, when domain is disabled 2020-05-17 09:41:38 +02:00
andryyy
aef15f004a
[Web] Allow CIDR as allowed API networks; other minor fixes 2020-05-04 07:51:50 +02:00
andryyy
a6247fc13f
[Web] Do not try to update sogo static view with skip_sogo y 2020-04-29 21:09:13 +02:00
andryyy
47a15c21aa
[Rspamd] Pushover, check sender by regex 2020-04-16 21:58:30 +02:00
andryyy
8f4540d5d9 [Web] r/o API keys, Pushover integration (can be limited by ACL), other minor changes 2020-04-10 21:00:23 +02:00
andryyy
3e2cbac778
[Rspamd] 2.5 RC3 2020-03-31 10:03:40 +02:00
andryyy
b1242259e7
[Web] Fix cow level, sorry :( 2020-03-04 12:54:38 +01:00
andryyy
0ac4281f0e
[Web] Allow to skip IP check for API 2020-02-16 20:08:36 +01:00
andryyy
653c058e33
[Web] Feature: Allow app passwords for imap/smtp, allow to set acl permission for app passwords (domain admin [when logged in as user] and user) 2019-12-02 11:02:19 +01:00
andryyy
affbba50ca
[Web] Fix active U2F key in UI 2019-10-25 19:13:24 +02:00
tinect
74244c7d0a cleanup cached js and css 2019-10-20 19:39:46 +02:00
andryyy
80a9c39956
[Web] Validate plain md5 hashes, closes #3017 2019-10-08 17:36:28 +02:00
André Peters
fe38275cb5
Revert "Make is_valid_domain_name more strict" 2019-09-21 14:16:50 +02:00
André Peters
0dbc03a416
Merge pull request #2941 from patschi/domain-name-fix
Make is_valid_domain_name more strict
2019-09-19 15:03:51 +02:00
andryyy
0487f5ea1d
[Web] Add JVM memory indiator and add minor fixes 2019-09-17 20:11:53 +02:00
Patrik Kernstock
6b2f5a30d2
Slightly modified is_valid_domain_name for #1118 2019-09-15 20:40:07 +01:00
andryyy
893ce5a789
[Web] Allow to add external sender addresses, can be disabled by domain admin ACL and is disabled by default 2019-09-02 11:11:41 +02:00
andryyy
294e0bc07f
[Web] Cache validation result in Redis 2019-08-11 22:19:26 +02:00
andryyy
9a500a7068
[Web] Verify OPTIONAL license plus minor fixes 2019-08-09 14:16:52 +02:00
andryyy
5087d5ce96
[Web] Allow aliases as send-as 2019-05-26 08:29:10 +02:00
Evangelos Foutras
e1a3313660 [Web] Fix showing domain with disabled sender check
If a mailbox is allowed to send as any address under its domain (+ alias
domains) and the domain itself has no aliases configured, no information
about this fact is shown to the user. That is to say, the "Do not check
sender access for the following domain(s) and its alias domains" field
under mailbox details is empty.

The above is happening because the second GROUP_CONCAT() returns NULL
making the enclosing CONCAT() return NULL as well. Fix this by using
CONCAT_WS() which correctly handles the case of zero domain aliases.

Furthermore, move the IFNULL() to the first GROUP_CONCAT() because
CONCAT_WS() returns an empty string when both GROUP_CONCAT()'s are
NULL. We can be certain that when the first GROUP_CONCAT() is NULL
the second one will be as well, so it's safe to use IFNULL() there.
2019-05-20 18:08:45 +03:00
andryyy
49492dff61
[Web, Dovecot] Allow empty/unlimited quota 2019-03-28 22:05:12 +01:00
andryyy
c7c115d63a
[Solr] Use fixed, recommended schema but add EdgeNGramFilterFactory 2019-03-10 09:40:04 +01:00
andryyy
d60c6a4e56
[Web] Fix shared alias displain in user view, fixes #2274 2019-02-07 22:37:11 +01:00
andryyy
4a1362fc4d
[Web] Minor alias overview fix 2019-02-06 09:23:44 +01:00