c2c183df2c
[Ejabberd] Add missing ip in yml
2021-02-17 16:44:11 +01:00
9ee0bd8bdf
[Ejabberd] Do not store group chats in archive
2021-02-16 21:33:30 +01:00
b11764dff0
[Config] Add ADDITIONAL_SERVER_NAMES as optional config to define additional server_name parameters for mailcow UI
2021-02-16 16:38:28 +01:00
c4155d4ab6
[Ejabberd] Do not store messages by default; Delete uploads after 30 days; Use JID in upload file path; Use more secure file permissions; Set max offline messages to 1000;
2021-02-16 16:37:18 +01:00
b52fa1146a
Unset Postfix smtpd_tls_session_cache_database, reduce disk writes ( #3981 )
...
Postfix may update smtpd_tls_session_cache_database quite frequently even on not busy server, which leads to unnecessary (excessive) disk writes, which is an issue for SSD.
Postfix documentation suggests not to use this parameter anymore since there's another, better TLS session resumption method available.
>As of Postfix 2.11 the preferred mechanism for session resumption is RFC 5077 TLS session tickets, which don't require server-side storage. Consequently, for Postfix ≥ 2.11 this parameter should generally be left empty.
http://www.postfix.org/postconf.5.html#smtpd_tls_session_cache_database
2021-02-16 11:01:27 +01:00
666d344322
[Web] Remove XMPP site when disabling XMPP
2021-02-14 21:33:43 +01:00
9febe4e86b
[Ejabberd] Require s2s TLS, enforce protocols and ciphers, move admin UI (WIP)
2021-02-14 10:47:53 +01:00
38e5dc37d2
[Rspamd] Edit RBL
2021-02-14 10:47:05 +01:00
8c6b512f05
[mailcow] Move ejabberd site to last available site
2021-02-12 19:26:49 +01:00
38c5470d54
[Ejabberd] Various fixes, sorry (still WIP)
2021-02-11 21:09:46 +01:00
462aa0a764
[Ejabberd] Fix bootstrapping, ejabberd could not be enabled
2021-02-11 20:46:13 +01:00
f69f6b84f3
[Git] Sort gitignore
2021-02-11 15:24:34 +01:00
386d6109c8
Merge branch 'master' of github.com:mailcow/mailcow-dockerized
2021-02-11 09:36:18 +01:00
29bcd94b7c
[Rspamd] Increase spam symbol weight
2021-02-11 09:32:47 +01:00
31805f1656
[Web] Implement all supported dovecot password schemas ( #3974 )
...
When migrating from other Dovecot based installations it can be very
convenient to just copy over existing hashed passwords.
However, mailcow currently only supports a limited number of password
schemes.
This commit implements all password schemes that do not require
challenge/response or OTP mechanisms.
A convenient way to generate the regex with all supported schemas is
`docker-compose exec dovecot-mailcow doveadm pw -l | awk -F' ' '{printf
"/^{("; for(i=1;i<=NF-1;i++){printf "%s%s", sep, $i; sep="|"}; printf
")}/i\n"}'`
Note that this will also include unsupported challenge/response and OTP
schemas.
Furthermore this increases the vsz_limit for the dovecot auth service to
2G for the use of ARGON2I and ARGON2ID schemas.
Signed-off-by: Felix Kaechele <felix@kaechele.ca>
2021-02-11 09:31:53 +01:00
32b6495ea3
[Dovecot] Add Russian and Ukrainian folders ( #3967 )
...
Update dovecot.conf
2021-02-08 16:09:23 +02:00
a2783d44ad
[SOGo] Add custom favicon ( #3957 )
...
* [SOGo] Add custom favicon
* Update docker-compose.yml
2021-01-31 09:58:08 +01:00
0a102444fc
[Rspamd] Add FUZZY_SPAM_MISMATCH ( #3958 )
...
Remove score from FUZZY_HAM_MISMATCH
2021-01-31 09:56:47 +01:00
0d1ea05ae2
[Git] Ignore custom SOGo logo
...
[SOGo] Slightly more contrast
2021-01-29 07:37:37 +01:00
01b2179d56
[SOGo] Lighter logo
2021-01-28 19:42:52 +01:00
410cb558ee
[Dovecot] Check if quarantine_notify.py holds a lock
...
[SOGo] Change default theme
2021-01-28 15:48:59 +01:00
049b5ceb31
[Rspamd] Add bulk header
2021-01-26 07:48:39 +01:00
e6898beb59
[Rspamd] Remove ham symbols if a fuzzy denied hash matched
2021-01-19 12:59:46 +01:00
5dcbce662b
[Rspamd] Sort & add infos for bad ASN map ( #3934 )
2021-01-18 07:06:06 +01:00
d9d129047c
[Rspamd] Score for freemail from to undisclosed recipients
2021-01-17 19:09:02 +02:00
3dece1a05c
[Dovecot] Add sieve rule to move DeltaChat ( https://delta.chat ) messages to folder DeltaChat
...
[Web] Add information about extended DNS config
2021-01-14 09:38:56 +01:00
00723631dd
[Postfix] Add parent_domain_matches_subdomains
2021-01-13 21:17:10 +01:00
a832becbd5
[Rspamd] Not trigger FREEMAIL_POLICY for mailig lists ( #3918 )
2021-01-02 09:49:55 +01:00
c28bea6a53
Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized
2020-12-29 15:20:55 +01:00
fec6876490
[Rspamd] Block spoofing for free mail domains ( #3907 )
2020-12-28 22:04:01 +01:00
9407b55661
[PHP-FPM] Fix fastcgi timeouts
2020-12-26 10:19:52 +01:00
2086927bb8
[Compose] Update Dovecot and Rspamd images
2020-12-11 10:04:37 +01:00
3535ed6efe
[Rspamd] Set bounce_to ratelimit to 7 / 1m to hopefully reduce backscatter spam
2020-12-07 11:09:06 +01:00
96324aa4b5
[Rspamd] Set bounce_to ratelimit to 10 / 1m to hopefully reduce backscatter spam
2020-12-07 11:08:49 +01:00
9670d0c4f1
[Rspamd] More explicit Sendgrid ID checking
2020-11-30 07:45:30 +01:00
0485e1feb2
[Dovecot] Add sieve_vacation_dont_check_recipient = yes
2020-11-27 09:17:29 +01:00
8e15c56330
[SOGo] Increase timeout for SOGo to prevent failure on uploads
2020-11-25 16:11:02 +01:00
0a593bfe7b
[Dovecot, Helper] Add HAProxy listener for 4190/tcp sieve
2020-11-19 16:02:05 +01:00
586992618c
[Rspamd] Revert previous commit; Do not punish DMARC alignment when p=none
2020-11-19 09:44:10 +01:00
399951509e
[Rspamd] Exclude DMARC_POLICY_SOFTFAIL from SPOOFED_UNAUTH
2020-11-19 09:37:02 +01:00
c1376b4f4c
[Rspamd] Increase bounce_to limit
2020-11-16 11:56:12 +01:00
5d9c40b8b4
[Rspamd, Web] Add rewrite subject to known soft quarantine actions
2020-11-13 21:26:42 +01:00
0201becf77
[Rspamd] Fix some composites
2020-11-11 14:34:24 +01:00
9eb65b03a1
[Rspamd] Remove rule that breaks DMARC valid mails from having their scored lowered
2020-11-09 14:04:56 +01:00
6d46ee795b
[Rspamd] Log mail that was put into junk folder and keep a copy in quarantine
2020-11-06 12:26:01 +01:00
347217c2d3
[Dovecot] Lower deduplicate interval to not discard duplicates of mail from quarantine that were previously saved in the junk folder
2020-11-06 12:25:09 +01:00
2732e0158c
[Rspamd] Add newsletterplus to unwanted bulk (no consent, corona spam)
2020-11-04 09:29:27 +01:00
7dc21e036d
[Rspamd] Fixes #3837 by setting correct data type for mails without fuzzy hashes, also implements actions
2020-11-03 10:27:46 +01:00
d94b5e43ea
[Rspamd] Add symbol HAM_TRAP or SPAM_TRAP for trap aliases
2020-10-29 20:29:14 +01:00
9034e0f3a8
[Rspamd] Fix tag handling for mailboxes
2020-10-28 11:06:33 +01:00
61bb3219df
[Rspamd] Fix tag handling for aliases
2020-10-27 07:20:54 +01:00
7bcb9414ab
[Rspamd] Handle Postmaster in and outbound as trusted
2020-10-25 10:34:13 +01:00
0165c9d26b
[Web] Show fuzzy hash of rejected mail, if any
2020-10-24 16:27:31 +02:00
85b8b74a4c
[Rspamd] Do not quarantine blacklisted entities
2020-10-23 20:23:26 +02:00
c7e17c7fd1
[Rspamd] Global blacklists are not prefilters anymore to not prevent them from being learned
2020-10-21 19:00:53 +02:00
4155d21392
[Rspamd] Remove positive fuzzy scores from bounces
2020-10-20 16:15:02 +02:00
fa153fad38
[Rspamd] Rebalance group policies ( #3817 )
...
* [Rspamd] Rebalance group policies
* [Rspamd] Rebalance group policies
2020-10-20 11:55:55 +02:00
ee9288581a
[Rspamd] Do not post whole body to alias expander...
2020-10-18 19:27:25 +02:00
be0ec8efc0
[Rspamd] Composite fixes and adjustments for better filtering
2020-10-18 10:11:27 +02:00
f95bd3e7b6
[Rspamd] Simplify forward host rule and add policy group to exceptions for fwd host
2020-10-18 09:12:02 +02:00
5cd6bed701
[Rspamd] Fix typo in alias resolvers
2020-10-17 20:09:32 +02:00
ddadc1ced2
[Rspamd] Remove unnecessary set_metric_action in tag script
2020-10-17 10:15:14 +02:00
9ba1d4626d
[Postfix] Anonymize sender IP for mail sent locally ( #3811 )
...
This commit resolve #3723
2020-10-17 09:06:38 +02:00
f8291d1967
[Rspamd] Adjust alias resolver prefilter prio
2020-10-16 18:39:22 +02:00
0c30d32fdb
[Rspamd] Resolve direct aliases (also fixes tagging options)
2020-10-16 18:27:19 +02:00
5a627dc34a
[Rspamd] Add invaluement sendgrid-id-dnsbl
2020-10-13 11:15:12 +02:00
7da3b91bd7
[Rspamd] Disable IPv6 for interserver ip bl, enable full host lookup for uribl
2020-10-12 09:23:41 +02:00
39a33c4b6d
[Dovecot] Conf: drop duplicates as received within 60 minutes
2020-10-11 10:35:29 +02:00
ce77d87c8d
[Dovecot] New global post-filter: drop duplicates as received within 60 minutes
2020-10-11 10:34:15 +02:00
efd69f1c1c
[Rspamd] Add Interserver rules, THANK YOU!
2020-10-11 10:30:46 +02:00
72542f1d50
[Rspamd] Delete deprecated reputation files
2020-10-09 08:57:51 +02:00
1b2731d6e6
[Rspamd] Add reputation plugin, remove deprecated plugins
2020-10-08 17:03:39 +02:00
d6688d918b
Revert "[Rspamd] Use reputation plugin instead of ip_ and url_reputation"
...
This reverts commit 73e87068d8
2020-10-08 16:52:20 +02:00
73e87068d8
[Rspamd] Use reputation plugin instead of ip_ and url_reputation
2020-10-08 16:51:46 +02:00
b5ee399fa2
Add simplified Chinese language translations ( #3784 )
2020-10-01 20:50:49 +02:00
93ac0d3864
Update site-defaults.conf ( #3780 )
2020-09-27 12:38:40 +02:00
ba0b6963c7
Revert "Update site-defaults.conf ( #3778 )" ( #3779 )
...
This reverts commit b8ec9ad536
2020-09-26 22:53:53 +02:00
1256059a4f
Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized
2020-09-26 22:17:51 +02:00
b8ec9ad536
Update site-defaults.conf ( #3778 )
2020-09-26 22:15:43 +02:00
520056a489
[Rspamd] Quarantine, Pushover: Respect active = 2 while processing
2020-09-26 21:58:49 +02:00
1e244e9c0c
[Rspamd] Quarantine, Pushover: Respect active = 2 while processing
2020-09-26 21:58:28 +02:00
642ef1a515
[Rspamd] Pushover, quarantine: also process
2020-09-26 21:55:04 +02:00
c3c98348e2
[SOGo] Re-enable TLS for internal IMAP connections, enable TLS for internal SMTP connections
...
[Web] Minor fix in quarantine view
2020-09-24 21:51:32 +02:00
e2d98323ef
Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized
2020-09-24 20:31:07 +02:00
e5f0e1da44
[Rspamd] Fix prio for includes in overrides
2020-09-24 20:30:58 +02:00
c31d0cee86
[Nginx] Refresh cipher suites ( #3669 )
...
Also turn ssl_prefer_server_ciphers off.
"The cipher suites are all strong and so we allow the client to choose, as they will know best if they have support for hardware-accelerated AES" - https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29
2020-09-24 07:30:09 +02:00
c355bc2b69
[Rspamd] Prepare SMTP ip restriction, WIP
2020-09-23 11:21:28 +02:00
f2c1530143
[ClamAV] Set to ConcurrentDatabaseReload and (todo:) add note to docs
2020-09-17 21:48:00 +02:00
881f558e48
[Postfix] Add sasl check to deny specific users from using smtp relay
2020-09-17 19:44:52 +02:00
22d4c04416
[Dovecot] Postlogin socket owned by vmail
2020-09-17 19:43:57 +02:00
2c9140f9f0
Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized
2020-09-15 12:01:15 +02:00
1f36ae28d4
[Postfix, Web] Feature: Show last SMTP login
2020-09-15 11:02:53 +02:00
28041b1d97
[Rspamd] Encrypt fuzzy communication, switch to Rspamd 2.6
2020-09-15 11:01:20 +02:00
c1034b890d
[Rspamd] Add open-relay-check@mailcow.email to monitoring_nolog.map ( #3757 )
2020-09-13 13:07:21 +02:00
943730de47
[Rspamd] Add filter to global mime black- and whitelists to only match addr
2020-09-12 20:11:18 +02:00
7feb589b90
[Rspamd] Add iso/img to bad extensions ( #3753 )
2020-09-12 12:21:12 +02:00
eb12c2f8cd
[Rspamd] Disable extension cloaking ( #3754 )
2020-09-12 12:20:55 +02:00
c201a712cb
[Rspamd] Macro check was fixed, remove doc and xls ban for now...
2020-09-09 16:02:14 +02:00
013b3f88da
[Rspamd] Meta exporter and settings map: read vars.local.inc.php
2020-09-06 08:54:36 +02:00
92074b0edb
[Rspamd] doc and xls are blocked
2020-09-03 15:33:39 +02:00
070cdb7787
Update arc.conf ( #3686 )
2020-07-31 19:47:03 +02:00
5b52e15fec
Update dkim_signing.conf ( #3685 )
2020-07-31 19:46:39 +02:00
3dc2b1a721
[Rspamd] Add urlhaus map to rspamd ( #3683 )
...
add the list with online malware urls from URLhaus into rspamd to check against
2020-07-30 15:24:29 +02:00
7d7f85c998
Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized
2020-07-29 13:57:38 +02:00
a349629a5a
[Rspamd] Remove spoofed unauth symbol from mails from whitelisted fwd hosts
2020-07-29 13:57:33 +02:00
72387a4a48
Disable SMTPUTF8 in Postfix due Dovecot-LMTP isn't support it ( #3680 )
...
SMTPUTF8 to work correctly must be done end-to-end. Leaving it enabled now when LMTP cant receive such email gives more issues then profit.
2020-07-29 13:42:39 +02:00
41152193c0
[Dovecot] Increase sieve actions and redirects to 100/101
2020-07-15 15:28:14 +02:00
06c8f140b5
[Nginx] Mark script not executable
2020-07-14 13:24:37 +02:00
4cd51017a7
[Nginx] Mark script executable
2020-07-14 13:20:50 +02:00
d931083e0e
[SOGo] Disable EAS when SKIP_SOGO=y
2020-07-14 13:16:26 +02:00
ad8acefb96
[SOGo] Disable EAS when SKIP_SOGO=y
2020-07-14 13:13:32 +02:00
e6cc1bf27c
[Dovecot] Include SOGos IP as trusted
2020-07-11 13:33:05 +02:00
2344310f47
[SOGo] SOGo does no trust self signed or invalid certificates anymore, add temp workaround
2020-07-11 13:32:49 +02:00
0cfdd763f8
[Feature] Add HAProxy listeners and an example override file
2020-07-04 19:30:40 +02:00
8ce639aa25
[MySQL] Slightly more resources
2020-07-02 07:53:52 +02:00
c673c2a6cc
[Rspamd] Add hint to composite, minor
2020-07-02 07:53:22 +02:00
7304add084
[Watchdog] Update compose file, update image
...
[Rspamd] Temporarily disable over-signing, as Cyren does mark those mails as DKIM invalid (blame them, not us)
2020-06-23 21:22:22 +02:00
414cbbef6b
[Rspamd] Change whitelisted senders map from prefilter to score -2050
2020-06-19 22:07:10 +02:00
5fe9de0500
[API] Removed api_blueprint docs and use swagger ( #3595 )
...
* [NGINX] Removed api docs location
* [WEB] Removed api_blueprint api docs
* [WEB] Added openapi/swagger api viewer
* [WEB] Added openapi.yaml with api docs
* [WEB] Added request body for create app password endpoint
* [Web] Updated types in openapi.yaml
* [Web] Only define API docs auth header once
* [Web] Added 401 api response to docs
2020-06-07 20:46:17 +02:00
75f4b77bc2
[Postfix] Remove smtpd_tls_CAfile, fixes #3589
2020-06-04 16:23:41 +02:00
115c6540e2
[Rspamd] Consistent LOCAL_CONFDIR
2020-06-03 08:34:24 +02:00
702f221a2d
[Rspamd] More bulk headers
2020-06-01 09:55:45 +02:00
b208037b49
[Rspamd] Do not exclude fwd hosts from dmarc checks
2020-05-23 20:32:56 +02:00
4881f617a5
[Rspamd] Changes to WHITELISTED_FWD_HOST composite handling
2020-05-23 12:20:57 +02:00
615ef47f27
[Rspamd] More excludes for fwd hosts, minor fix to FORGED_W_BAD_POLICY
2020-05-23 11:16:33 +02:00
6a95d217b4
[Postfix] Remove obsolete comment
2020-05-21 21:55:43 +02:00
d5ed0c0368
Update anonymize_headers.pcre ( #3563 )
...
Added anonymization for Sieve and changed regex for Rspamd to look same as new Sieve regex
2020-05-21 20:04:03 +02:00
16b2a2c055
[Postfix] Set smtp_address_preference to any ( #3561 )
...
Closes https://github.com/mailcow/mailcow-dockerized/issues/3560
2020-05-21 19:28:35 +02:00
8260fb5baf
Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized
2020-05-20 12:20:42 +02:00
347e65736e
[Rspamd] IP WL is no more a prefilter to prevent unsigned mail
2020-05-20 12:15:33 +02:00
4b22bd1dea
Update anonymize_headers.pcre ( #3553 )
...
* Update anonymize_headers.pcre
Change Received by for Rspamd with Dmarc Reporting module enabled.
* Update anonymize_headers.pcre
Co-authored-by: André Peters <andre.peters@debinux.de>
2020-05-20 11:51:00 +02:00
4519f460b4
Remove obsolete setting smtpd_use_tls. ( #3548 )
...
See http://www.postfix.org/postconf.5.html#smtpd_use_tls . It is
controlled by smtpd_tls_security_level, which is set to may.
Co-authored-by: Florian Lindner <florian.lindner@ipvs.uni-stuttgart.de>
2020-05-18 14:22:21 +02:00
ed49ea7b41
[PHP-FPM] Increase timeouts
2020-05-12 18:29:54 +02:00
857fa0314b
[Rspamd] Further increase bounce rl
2020-05-08 14:01:16 +02:00
b5c59046ed
[Rspamd] Score spoofed senders higher
2020-05-06 20:15:18 +02:00
84d205d728
[Nginx] Drop X-Powered-By via fastcgi_hide_header
2020-05-06 20:14:34 +02:00
1f00887f91
Fix inconsistent spacing in dovecot/dovecot.conf and postfix/main.cf ( #3511 )
...
* Fix inconsistent spacing in dovecot.conf
* Fix inconsistent spacing in main.cf
2020-04-30 18:22:21 +02:00
bba9adaa6e
[Rspamd] Set bounce RL to 20 / 1h ; Fix BAZAR (test)
2020-04-29 21:08:33 +02:00
e7a5c98704
[Rspamd] Disable upstream checks for SIEVE_HOST
2020-04-27 20:48:12 +02:00
d392257289
[Web] Some changes
...
[SOGo] Allow to not spawn SOGo but an idling shell
[Rspamd] Remove X-CSA-Complaints from bulk headers...
2020-04-27 20:47:28 +02:00
ca48bc9c34
[Web] Update slovak translation ( #3491 )
...
Update lang.sk.json + sorting in dovecot
2020-04-18 22:26:09 +02:00
35d3586950
[Rspamd] Pushover: Fixes
2020-04-16 22:29:01 +02:00
47a15c21aa
[Rspamd] Pushover, check sender by regex
2020-04-16 21:58:30 +02:00
6efe0d5aab
[Rspamd] Moore Pushover fixes
2020-04-16 15:42:10 +02:00
fec0f688b1
[Rspamd] More Pushover fixes
2020-04-16 13:38:19 +02:00
1be3ca3fb9
[Rspamd] Pushover fixes
2020-04-16 12:23:27 +02:00
c67bb75071
[Rspamd] More pushover options
2020-04-16 11:32:53 +02:00
5d37f2af4f
[Rspamd] Fix maps #2
2020-04-14 21:14:21 +02:00
960fe1fdba
[Rspamd] Fix maps
2020-04-14 21:13:53 +02:00
d883bb246b
[Rspamd] Increase bulk header score
2020-04-14 10:34:09 +02:00
andryyy
ValdikSS
Felix Kaechele
Dmitriy Alekseev
Peter
Bao H.H
mcmufffin
Jellyfrog
Noa J
Dmitriy Alekseev
Marcel Caspar
Timo N
Igor Scheller
Florian Lindner
Aaron
Lukáš Matula