98a778a059
[Rspamd] Increase task timeout to prevent expensive tasks to cause a timeout; Set max size for macro scans to 3 MiB
2021-08-16 10:01:41 +02:00
bc8e87fba6
[Rspamd] Olefy: reduce max scan size to 5 MiB
2021-08-16 06:49:18 +02:00
d383c0ab9b
[Dovecot] Revert autocrypt sieve before, fixes DeltaChat and closes #4230
2021-08-13 06:18:43 +02:00
eec75690e0
[Nginx] Deny inc/lib location
2021-08-08 16:06:26 +02:00
96a460c2fa
[Dovecot] Change sieve scripts for DeltaChat
2021-07-28 21:44:06 +02:00
3dd7d7226d
[Dovecot] Re-add sieve_vacation_dont_check_recipient = no (default) to check for vacation rcpts
2021-07-21 10:10:39 +02:00
376ef76022
[Rspamd] Add soft reject on task timeout ( #4189 )
...
As we have seen issues in DNS processing actually stops rspamd from
processing a message, which leads to missing tag insertion for example,
we turn on soft reject on task timeout. Behavior is the same as with
greylisting for example, so the mail will be delayed/soft rejected, but
as DNS issues usually are most likely temporarily, it should get delivered
on the second try.
2021-07-19 12:09:32 +02:00
b5bf97eec9
[Rspamd] Revert custom DNS timeouts
2021-07-11 17:31:40 +02:00
b3959e8071
[Rspamd] DeltaChat improvements
2021-07-09 09:19:06 +02:00
5a6d970794
[Rspamd] Better support for DeltaChat
2021-07-09 07:42:37 +02:00
8b08d09ca2
[Web] Remove XMPP options
...
[Web] Add Rspamd preset #4
[Web] Do not show failed SASL logins (and also remove them from db)
2021-06-30 10:13:29 +02:00
b2272b8e35
[Dovecot] Re-add listescape...
2021-06-23 14:17:39 +02:00
9544ffe174
[Dovecot] Remove listescape
2021-06-23 14:13:34 +02:00
3045bcf49d
[Nginx] Allow SOGo SSO
2021-06-23 14:12:14 +02:00
06beda7c7c
[Rspamd] Increase DNS timeout and retransmits
2021-06-21 22:03:26 +02:00
f7fd0d8c7c
[Dovecot] Move includes
2021-06-21 22:03:11 +02:00
7b0b59a082
[Rspamd] Use Postfix IP
2021-06-21 22:02:36 +02:00
5b68c186ca
[Rspamd] Bad header rule for hotmail/outlook.com spam that no one seems to care about at MS :/
2021-06-17 06:34:47 +02:00
3ec1b856c7
[Rspamd] Fix bad header rule
2021-06-16 12:23:11 +02:00
583663f6d1
[Rspamd] Fix FREEMAIL_POLICY_FAILURE with SPF_SOFTFAIL ( #4142 )
...
Add really low negative score to SOFTFAIL policy symbols to get FREEMAIL_POLICY_FAILURE triggered correctly
2021-06-11 16:10:28 +03:00
3ffd39dae5
[Dovecot] Move mailboxes to separate config file; remove postlogin script (replaced by config variables)
2021-06-08 13:14:47 +02:00
68f9ca8cb0
[Postfix] Remove broken SASL access map, moved to Dovecot LUA authentication
2021-06-08 13:13:49 +02:00
28ab9986a7
Remove left smtpd_last_auth statement ( #4127 )
2021-06-06 11:52:31 +00:00
d7ecf899c8
[Rspamd] Reduce 00 bad subjects score
2021-06-05 17:45:27 +02:00
05f6e28191
[Postfix] Remove smtpd_last_auth from master.cf ( #4124 )
2021-06-05 16:13:50 +02:00
7050d7c259
[Web] Fix BCC validation for aliases
2021-06-05 08:40:55 +02:00
51b32bc4c0
[Dovecot] Remove last_login, fixes #4121
2021-06-04 20:48:36 +02:00
51e3521aac
[Postfix] Remove smtpd_last_auth service; replaced by SASL logging in Dovecot LUA auth process
2021-06-04 14:29:28 +02:00
6d22ae8d02
[Dovecot] Feature: Move authentication to LUA and prepare for http based authentication, log last SASL logins to SQL
2021-06-04 14:27:33 +02:00
b6b64f9470
[Rspamd] rename symbol from bad_regex to bad_subject
2021-06-03 08:18:10 +02:00
c8955284a2
[Rspamd] Create BCC plugin
2021-06-03 08:02:03 +02:00
1bad74101f
[Postfix] Add listener for BCC sender used by meta_exporter in Rspamd
2021-05-30 16:08:19 +02:00
8a83587800
[Postfix] Finally here: MX based transport map routing; Sorry it took years, Patrik
...
[Web] Small fixes
2021-05-28 10:40:41 +02:00
fe483d882d
[Rspamd] Replace 00 bad domains by bad regex map (wip)
2021-05-27 13:17:35 +02:00
4ede07854d
[Rspamd] Replace 00 bad domains by bad regex map (wip)
2021-05-27 12:34:33 +02:00
4b28dbbabc
[Rspamd] Replace 00 bad domains by bad regex map (wip)
2021-05-27 12:33:47 +02:00
56a085b632
[Rspamd] Add 00 abuse domains (wip!)
2021-05-24 11:12:56 +02:00
2e87f6ac2d
[Rspamd] Fix bad header rule
2021-05-23 23:29:32 +02:00
f81483d312
[Rspamd] Create bad header map
2021-05-23 23:13:34 +02:00
cf9d3e00c8
[Rspamd] Create bad header map
2021-05-23 23:12:07 +02:00
1cd0a96ad0
[Nginx, SOGo] Set mime type text/plain instead of returning 403 when opening risky attachments
2021-05-17 21:21:35 +02:00
6a8aa699d9
[SOGo, Nginx] Deny access to some extensions from SOGo web ui to mitigate security concerns
2021-05-12 10:44:42 +02:00
bb1b76454d
[Rspamd] Remove score from SIEVE_HOST ( #4080 )
...
Commit e7a5c98704
2021-05-04 18:51:07 +02:00
54ba66733e
Enable maildir_very_dirty_syncs rather than just adding comment
2021-05-02 16:39:26 -07:00
5df8a24c84
server_tokens off in default settings ( #4073 )
...
Co-authored-by: Maximilian Leith <accounts.maximilan@leith.de>
2021-04-26 13:20:23 +02:00
bbb75b0d32
[Rspamd] Fix for Respect Redis REPLICA in reputation plugin ( #4046 )
2021-04-18 22:41:08 +03:00
ee6ca4eaaa
Revert "[Rspamd] Respect Redis REPLICA in reputation plugin ( #4046 )" ( #4065 )
...
This reverts commit 7fdc4c2cc3
2021-04-18 21:02:29 +02:00
1bb68c2f5f
[Rspamd] Fix little typo in regex ( #4050 )
...
There was a dot missing, right? Correct me if I'm wrong...
2021-04-09 23:37:33 +02:00
604f29e870
[Postfix] Set mynetworks_style = subnet to include all local subnets, will be overridden by mynetworks in extra.cf
2021-04-07 21:28:53 +02:00
694e3d652f
[Rspamd] Sign Disposition-Notification Headers ( #4020 )
...
* [Rspamd] Sign Disposition-Notification Headers
Add more Headers to DKIM signing
* Update dkim_signing.conf
2021-04-03 12:43:20 +02:00
7fdc4c2cc3
[Rspamd] Respect Redis REPLICA in reputation plugin ( #4046 )
2021-04-02 21:34:52 +02:00
f6847e6f8c
Add comment about maildir_very_dirty_syncs to dovecot.conf
2021-03-13 10:46:32 -08:00
749dc0e5c9
Merge branch 'master' of github.com:mailcow/mailcow-dockerized
2021-03-04 16:13:55 +01:00
b6d1f78428
[PHP-FPM] Increase PHP memory limit for "cli" to 512M ( #4010 )
2021-03-03 10:28:15 +01:00
4975e4cabd
[SOGo] Fix comments in custom theme
2021-03-03 10:23:51 +01:00
e956b32a12
[SOGo] Remove custom theme, disable debug mode, keep example custom-themes
2021-03-02 11:24:00 +01:00
6840a1665d
[Web] Danish lang. 🇩🇰 ( #3971 )
...
Create Danish lang
2021-02-19 18:23:08 +01:00
c2c183df2c
[Ejabberd] Add missing ip in yml
2021-02-17 16:44:11 +01:00
9ee0bd8bdf
[Ejabberd] Do not store group chats in archive
2021-02-16 21:33:30 +01:00
b11764dff0
[Config] Add ADDITIONAL_SERVER_NAMES as optional config to define additional server_name parameters for mailcow UI
2021-02-16 16:38:28 +01:00
c4155d4ab6
[Ejabberd] Do not store messages by default; Delete uploads after 30 days; Use JID in upload file path; Use more secure file permissions; Set max offline messages to 1000;
2021-02-16 16:37:18 +01:00
b52fa1146a
Unset Postfix smtpd_tls_session_cache_database, reduce disk writes ( #3981 )
...
Postfix may update smtpd_tls_session_cache_database quite frequently even on not busy server, which leads to unnecessary (excessive) disk writes, which is an issue for SSD.
Postfix documentation suggests not to use this parameter anymore since there's another, better TLS session resumption method available.
>As of Postfix 2.11 the preferred mechanism for session resumption is RFC 5077 TLS session tickets, which don't require server-side storage. Consequently, for Postfix ≥ 2.11 this parameter should generally be left empty.
http://www.postfix.org/postconf.5.html#smtpd_tls_session_cache_database
2021-02-16 11:01:27 +01:00
666d344322
[Web] Remove XMPP site when disabling XMPP
2021-02-14 21:33:43 +01:00
9febe4e86b
[Ejabberd] Require s2s TLS, enforce protocols and ciphers, move admin UI (WIP)
2021-02-14 10:47:53 +01:00
38e5dc37d2
[Rspamd] Edit RBL
2021-02-14 10:47:05 +01:00
8c6b512f05
[mailcow] Move ejabberd site to last available site
2021-02-12 19:26:49 +01:00
38c5470d54
[Ejabberd] Various fixes, sorry (still WIP)
2021-02-11 21:09:46 +01:00
462aa0a764
[Ejabberd] Fix bootstrapping, ejabberd could not be enabled
2021-02-11 20:46:13 +01:00
f69f6b84f3
[Git] Sort gitignore
2021-02-11 15:24:34 +01:00
386d6109c8
Merge branch 'master' of github.com:mailcow/mailcow-dockerized
2021-02-11 09:36:18 +01:00
29bcd94b7c
[Rspamd] Increase spam symbol weight
2021-02-11 09:32:47 +01:00
31805f1656
[Web] Implement all supported dovecot password schemas ( #3974 )
...
When migrating from other Dovecot based installations it can be very
convenient to just copy over existing hashed passwords.
However, mailcow currently only supports a limited number of password
schemes.
This commit implements all password schemes that do not require
challenge/response or OTP mechanisms.
A convenient way to generate the regex with all supported schemas is
`docker-compose exec dovecot-mailcow doveadm pw -l | awk -F' ' '{printf
"/^{("; for(i=1;i<=NF-1;i++){printf "%s%s", sep, $i; sep="|"}; printf
")}/i\n"}'`
Note that this will also include unsupported challenge/response and OTP
schemas.
Furthermore this increases the vsz_limit for the dovecot auth service to
2G for the use of ARGON2I and ARGON2ID schemas.
Signed-off-by: Felix Kaechele <felix@kaechele.ca>
2021-02-11 09:31:53 +01:00
32b6495ea3
[Dovecot] Add Russian and Ukrainian folders ( #3967 )
...
Update dovecot.conf
2021-02-08 16:09:23 +02:00
a2783d44ad
[SOGo] Add custom favicon ( #3957 )
...
* [SOGo] Add custom favicon
* Update docker-compose.yml
2021-01-31 09:58:08 +01:00
0a102444fc
[Rspamd] Add FUZZY_SPAM_MISMATCH ( #3958 )
...
Remove score from FUZZY_HAM_MISMATCH
2021-01-31 09:56:47 +01:00
0d1ea05ae2
[Git] Ignore custom SOGo logo
...
[SOGo] Slightly more contrast
2021-01-29 07:37:37 +01:00
01b2179d56
[SOGo] Lighter logo
2021-01-28 19:42:52 +01:00
410cb558ee
[Dovecot] Check if quarantine_notify.py holds a lock
...
[SOGo] Change default theme
2021-01-28 15:48:59 +01:00
049b5ceb31
[Rspamd] Add bulk header
2021-01-26 07:48:39 +01:00
e6898beb59
[Rspamd] Remove ham symbols if a fuzzy denied hash matched
2021-01-19 12:59:46 +01:00
5dcbce662b
[Rspamd] Sort & add infos for bad ASN map ( #3934 )
2021-01-18 07:06:06 +01:00
d9d129047c
[Rspamd] Score for freemail from to undisclosed recipients
2021-01-17 19:09:02 +02:00
3dece1a05c
[Dovecot] Add sieve rule to move DeltaChat ( https://delta.chat ) messages to folder DeltaChat
...
[Web] Add information about extended DNS config
2021-01-14 09:38:56 +01:00
00723631dd
[Postfix] Add parent_domain_matches_subdomains
2021-01-13 21:17:10 +01:00
a832becbd5
[Rspamd] Not trigger FREEMAIL_POLICY for mailig lists ( #3918 )
2021-01-02 09:49:55 +01:00
c28bea6a53
Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized
2020-12-29 15:20:55 +01:00
fec6876490
[Rspamd] Block spoofing for free mail domains ( #3907 )
2020-12-28 22:04:01 +01:00
9407b55661
[PHP-FPM] Fix fastcgi timeouts
2020-12-26 10:19:52 +01:00
2086927bb8
[Compose] Update Dovecot and Rspamd images
2020-12-11 10:04:37 +01:00
3535ed6efe
[Rspamd] Set bounce_to ratelimit to 7 / 1m to hopefully reduce backscatter spam
2020-12-07 11:09:06 +01:00
96324aa4b5
[Rspamd] Set bounce_to ratelimit to 10 / 1m to hopefully reduce backscatter spam
2020-12-07 11:08:49 +01:00
9670d0c4f1
[Rspamd] More explicit Sendgrid ID checking
2020-11-30 07:45:30 +01:00
0485e1feb2
[Dovecot] Add sieve_vacation_dont_check_recipient = yes
2020-11-27 09:17:29 +01:00
8e15c56330
[SOGo] Increase timeout for SOGo to prevent failure on uploads
2020-11-25 16:11:02 +01:00
0a593bfe7b
[Dovecot, Helper] Add HAProxy listener for 4190/tcp sieve
2020-11-19 16:02:05 +01:00
586992618c
[Rspamd] Revert previous commit; Do not punish DMARC alignment when p=none
2020-11-19 09:44:10 +01:00
399951509e
[Rspamd] Exclude DMARC_POLICY_SOFTFAIL from SPOOFED_UNAUTH
2020-11-19 09:37:02 +01:00
c1376b4f4c
[Rspamd] Increase bounce_to limit
2020-11-16 11:56:12 +01:00
5d9c40b8b4
[Rspamd, Web] Add rewrite subject to known soft quarantine actions
2020-11-13 21:26:42 +01:00
0201becf77
[Rspamd] Fix some composites
2020-11-11 14:34:24 +01:00
andryyy
Sven Michels
Dmitriy Alekseev
waja
Daniel Lo Nigro
Maximilian
Valentin Brandner
Der-Jan
Timo Eissler
Frederick Nicklas Ambo Eggert Eggertsen
ValdikSS
Felix Kaechele
Peter