7x31/mailcow-dockerized
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: 7x31:2022-03a
Branches Tags
7x31:master 7x31:renovate/composer-composer-2.x 7x31:staging 7x31:feat/domain-wide-footer 7x31:nightly 7x31:renovate/phpredis-phpredis-6.x 7x31:update/postscreen_access.cidr 7x31:feat/improve-sh-bl-postfix 7x31:renovate/php-pecl-mail-mailparse-3.x 7x31:feat/arm64-cow 7x31:feat/backup_action 7x31:feat/f2b-banlist 7x31:feat/mailbox-sso 7x31:feat/customize-sogo-theme 7x31:feat/mariadb-10.11 7x31:feature/fts-xapian 7x31:feat/ui-improvements 7x31:hotfix
7x31:2023-08 7x31:2023-07a 7x31:2023-07 7x31:2023-05a 7x31:2023-05 7x31:2023-04b 7x31:2023-04a 7x31:2023-04 7x31:2023-03 7x31:2023-02a 7x31:2023-02 7x31:2023-01a 7x31:2023-01 7x31:2022-12b 7x31:2022-12a 7x31:2022-12 7x31:2022-11b 7x31:2022-11a 7x31:2022-11 7x31:2022-10a 7x31:2022-10 7x31:2022-09a 7x31:2022-09 7x31:2022-08b 7x31:2022-08a 7x31:2022-08 7x31:2022-07a 7x31:2022-07 7x31:2022-06b 7x31:2022-06a 7x31:2022-06 7x31:2022-05d 7x31:2022-05c 7x31:2022-05b 7x31:2022-05a 7x31:2022-05 7x31:2022-04 7x31:2022-03a 7x31:2022-03 7x31:2022-01a 7x31:2022-01
...
compare: 7x31:2022-06
Branches Tags
7x31:renovate/composer-composer-2.x 7x31:staging 7x31:feat/domain-wide-footer 7x31:nightly 7x31:renovate/phpredis-phpredis-6.x 7x31:update/postscreen_access.cidr 7x31:feat/improve-sh-bl-postfix 7x31:renovate/php-pecl-mail-mailparse-3.x 7x31:feat/arm64-cow 7x31:master 7x31:feat/backup_action 7x31:feat/f2b-banlist 7x31:feat/mailbox-sso 7x31:feat/customize-sogo-theme 7x31:feat/mariadb-10.11 7x31:feature/fts-xapian 7x31:feat/ui-improvements 7x31:hotfix
7x31:2023-08 7x31:2023-07a 7x31:2023-07 7x31:2023-05a 7x31:2023-05 7x31:2023-04b 7x31:2023-04a 7x31:2023-04 7x31:2023-03 7x31:2023-02a 7x31:2023-02 7x31:2023-01a 7x31:2023-01 7x31:2022-12b 7x31:2022-12a 7x31:2022-12 7x31:2022-11b 7x31:2022-11a 7x31:2022-11 7x31:2022-10a 7x31:2022-10 7x31:2022-09a 7x31:2022-09 7x31:2022-08b 7x31:2022-08a 7x31:2022-08 7x31:2022-07a 7x31:2022-07 7x31:2022-06b 7x31:2022-06a 7x31:2022-06 7x31:2022-05d 7x31:2022-05c 7x31:2022-05b 7x31:2022-05a 7x31:2022-05 7x31:2022-04 7x31:2022-03a 7x31:2022-03 7x31:2022-01a 7x31:2022-01

103 Commits
2022-03a ... 2022-06

Author SHA1 Message Date
Niklas Meyer
63f718178e 🌕🐄 Moone Update 2022 - The Docker Compose v2 Update (Part I) 
The next major mailcow release.
 2022-06-07 15:37:41 +02:00
DerLinkman
74baf20feb Optimized if-else arguments and outputs 2022-06-07 14:45:19 +02:00
FreddleSpl0it
958112af6b [Compose] Remove >&2 in if block 2022-06-07 14:07:35 +02:00
FreddleSpl0it
08d0f9448e [Compose] move then in if statement 2022-06-07 13:59:59 +02:00
Niklas Meyer
7bcc8bd3a2 [Compose] Removed volume Bind from rspamd-vol 2022-06-07 10:34:59 +02:00
Niklas Meyer
714511b0a8 [Compose] Update to Docker Compose v2 (#4605) 
* Change default HTTP_BIND, HTTPS_BIND

https://github.com/mailcow/mailcow-dockerized/issues/4315#issuecomment-1083034329

* [Compose] Removed Colon after fallback IP in docker-compose.yml

* [Compose] Remove bind options from volumes (#4577)

(cherry picked from commit 4d53216c05)

* Migration (partially) of update.sh + cold-standby.sh to composev2

* Migration of update.sh + cold-standby.sh to composev2

* Migration of update.sh + cold-standby.sh to composev2

* Migration of update.sh + cold-standby.sh to composev2

* [ClamAV] Fixed ClamAV start before unbound

* Migration of update.sh + cold-standby.sh to composev2

* Formulation and values adjusted (IPv4 bind in generate-config.sh)

Co-authored-by: Amin Vakil <info@aminvakil.com>
Co-authored-by: qupfer <github@qupfer.de>
Co-authored-by: FreddleSpl0it <patschul@posteo.de>
 2022-06-07 08:53:08 +02:00
Niklas Meyer
c9700773f4 Merge pull request #4613 from mailcow/phpfpm-alpine3.16 
PHP-FPM base image update
 2022-06-05 20:26:24 +02:00
Peter
2229f87d9b Update base image to alpine 3.16 and updated some dependencies 2022-06-05 19:36:09 +02:00
Niklas Meyer
d360503443 Merge pull request #4609 from mailcow/unbound-alpine3.16 
Unbound base image update
 2022-06-05 19:20:15 +02:00
Niklas Meyer
838182a8b4 Merge pull request #4608 from mailcow/watchdog-alpine3.16 
Watchdog base image update
 2022-06-05 19:18:36 +02:00
Niklas Meyer
967cfedbb3 Merge pull request #4610 from mailcow/olefy-alpine3.16 
Olefy base image update
 2022-06-05 19:15:06 +02:00
Niklas Meyer
a36645a282 Merge pull request #4611 from mailcow/dockerapi-alpine3.16 
Dockerapi base image update
 2022-06-05 19:14:33 +02:00
Niklas Meyer
3368a70f88 Merge pull request #4612 from mailcow/acme-alpine3.16 
acme base image update
 2022-06-05 19:14:07 +02:00
Peter
cd1715ba52 Update base image to alpine 3.16 2022-06-05 19:06:03 +02:00
Peter
0bc2a16093 Update base image to alpine 3.16 2022-06-05 19:04:51 +02:00
Peter
a21b3cd606 Update base image to alpine 3.16 2022-06-05 19:03:37 +02:00
Peter
1c479684fc Revert "Update base image to alpine 3.16" 
This reverts commit c9dbc7c7b7.
 2022-06-05 19:02:21 +02:00
Peter
c9dbc7c7b7 Update base image to alpine 3.16 2022-06-05 19:01:55 +02:00
Peter
c41dc9d8c0 Update base image to alpine 3.16 2022-06-05 19:01:06 +02:00
Peter
1db5841424 Update base image to alpine 3.16 2022-06-05 18:59:56 +02:00
Niklas Meyer
e53b068902 Merge pull request #4607 from mailcow/netfilter-alpine3.16 
Netfilter base image update
 2022-06-05 18:44:38 +02:00
Peter
2bd436dfd8 Update base image to alpine 3.16 2022-06-05 18:41:54 +02:00
Peter
d13be25f45 Update base image to alpine 3.16 2022-06-05 18:38:16 +02:00
Niklas Meyer
6efd9dc5f9 [Postfix] Update to 3.5.6 (Rebase to Debian 11) 
New Postfix Image is: mailcow/postfix:1.67
 2022-06-05 14:48:03 +02:00
Niklas Meyer
1edd4012e4 [Web] escapehtml in mailbox.js (#4604) 
Co-authored-by: FreddleSpl0it <patschul@posteo.de>
 2022-06-03 14:37:56 +02:00
milkmaker
4390c9855a [Web] Updated lang.de.json [CI SKIP] (#4600) 
[Web] Updated lang.de.json [CI SKIP]

Co-authored-by: Peter <magic@kthx.at>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

Co-authored-by: Peter <magic@kthx.at>
 2022-05-31 19:59:00 +02:00
qupfer
4d53216c05 [Compose] Remove bind options from volumes (#4577) 2022-05-31 09:34:06 +02:00
DerLinkman
040206859f [DB] Remove pipemes from custom_params 
(cherry picked from commit c27ad97287)
 2022-05-20 09:45:54 +02:00
DerLinkman
d06119a21d [IMAPSYNC] Hardened pipemess exploit prevention (pipemes) 
(cherry picked from commit b1658c0f83)
 2022-05-20 09:45:45 +02:00
DerLinkman
c27ad97287 [DB] Remove pipemes from custom_params 2022-05-20 09:44:11 +02:00
DerLinkman
b1658c0f83 [IMAPSYNC] Hardened pipemess exploit prevention (pipemes) 2022-05-20 09:30:42 +02:00
Niklas Meyer
05b8609073 [Postfix] Update to 3.5.6 (Rebase to Debian 11) 2022-05-19 18:49:01 +02:00
DerLinkman
552f09f48a [DB] Update DB Version to remove pipemess parameters 
(cherry picked from commit 97df5c3b9c)
 2022-05-19 15:42:53 +02:00
DerLinkman
97df5c3b9c [DB] Update DB Version to remove pipemess parameters 2022-05-19 15:42:13 +02:00
DerLinkman
8d9102aa08 [Imapsync] Case sensitive PIPEMESS removal 
(cherry picked from commit 33e5ad2b5c)
 2022-05-19 15:40:39 +02:00
DerLinkman
33e5ad2b5c [Imapsync] Case sensitive PIPEMESS removal 2022-05-19 14:41:21 +02:00
DerLinkman
998cb642a9 [UI] Moved Password Change warning to top for user site 2022-05-19 10:43:06 +02:00
milkmaker
07ac195fea Translations update from Weblate (#4591) 
* [Web] Updated lang.ru.json [CI SKIP]

Co-authored-by: DRago_Angel <alekseev.dmitriy.92@gmail.com>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

* [Web] Updated lang.uk.json [CI SKIP]

[Web] Updated lang.uk.json [CI SKIP]

[Web] Added lang.uk.json [CI SKIP]

Co-authored-by: OGudzik <olegrpg@gmail.com>
Co-authored-by: Oleksii Kruhlenko <a.kruglenko@gmail.com>
Co-authored-by: Peter <magic@kthx.at>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

* [Web] Updated lang.it.json [CI SKIP]

Co-authored-by: Stefano <stefano.vassena@gmail.com>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

* Add Ukrainian language code in vars.inc.php

Co-authored-by: DRago_Angel <alekseev.dmitriy.92@gmail.com>
Co-authored-by: OGudzik <olegrpg@gmail.com>
Co-authored-by: Oleksii Kruhlenko <a.kruglenko@gmail.com>
Co-authored-by: Peter <magic@kthx.at>
Co-authored-by: Stefano <stefano.vassena@gmail.com>
 2022-05-18 18:20:03 +02:00
Niklas Meyer
f79cac3292 Merge pull request #4590 from FreddleSpl0it/swagger-appPasswd 2022-05-17 08:53:57 +02:00
FreddleSpl0it
7a20a9941e Update swagger docs - add/app-passwd 2022-05-17 07:03:33 +02:00
Niklas Meyer
24cc960379 [Clamd] Update to ClamAV 0.105 
Merge pull request #4589 from mailcow/feature/clamd-0.105
 2022-05-16 19:51:18 +02:00
Niklas Meyer
353df6413f [UI] Increase Mailadmin loading performance 
Merge pull request #4562 from marcojarjour/unblock_mailadmin_upstream
 2022-05-16 19:30:50 +02:00
Andri Steiner
b68eae16e5 [Web] Swagger UI: explicitly define used OpenAPI specifications (#4587) 2022-05-13 10:40:22 +02:00
Niklas Meyer
9a812edee4 Mooay 2022 Update – The Tag Update | Revision B (2022-05b) 
This PR adds some API Fixes and one UI Fix (improvement)
 2022-05-12 11:52:06 +02:00
Peter
43d2a6e135 Update issue template 2022-05-10 21:16:08 +02:00
Peter
5839e22796 Update issue template 2022-05-10 21:14:51 +02:00
DerLinkman
ee844c81d2 Changed Base Docker Image to 0.105.0_base 2022-05-08 18:33:29 +02:00
Niklas Meyer
b6cb3b026c [ClamAV] Update to 0.105 2022-05-06 15:44:58 +02:00
Niklas Meyer
df33ebb2a0 Merge pull request #4575 from FreddleSpl0it/footable-override-css 
[Web] change opacity of footable collapse toggle
 2022-05-06 08:59:53 +02:00
Niklas Meyer
d2a6838958 Merge pull request #4574 from FreddleSpl0it/tag-fix 
[Web] domain/mailbox tagging check for empty tags
 2022-05-06 08:59:21 +02:00
FreddleSpl0it
96b8054e6b [Web] change opacity of footable collapse toggle 2022-05-06 08:52:44 +02:00
FreddleSpl0it
dfdd2dadb4 [Web] domain/mailbox tagging check for empty tags 2022-05-06 08:30:15 +02:00
Niklas Meyer
d0528b7883 Merge pull request #4573 from jkellerer/patch-1 
Fix for /api/v1/get/mailbox/{email}
 2022-05-06 08:24:41 +02:00
FreddleSpl0it
f40e682800 [Web] domain/mailbox tagging check for empty tags 2022-05-06 07:42:45 +02:00
jkellerer
f4dc01d1ec Ensure return type is consistent (list vs object) 2022-05-05 20:00:40 +02:00
jkellerer
187ddedf96 Fix for /api/v1/get/mailbox/{email} 2022-05-05 19:43:33 +02:00
Niklas Meyer
5613134fed Merge pull request #4572 from mailcow/staging 
Readded .gitkeep in data/web/templates/cache
 2022-05-05 17:30:21 +02:00
Niklas Meyer
e454ed4e39 Readded .gitkeep in data/web/templates/cache 2022-05-05 17:25:04 +02:00
Niklas Meyer
1e2125653e [Update.sh] Added skip-ping-check Variable 
This PR adds the skip-ping-check Variable which allows the update.sh Script to continue even without a ping check of the public DNS resolvers.
 2022-05-05 10:52:39 +02:00
Niklas Meyer
835a726d2a [SOGo] Update to 5.6.0 
This PR includes the Update from SOGo to 5.6.0.

The new Docker Tag is mailcow/sogo:1.108 and was already pushed to the Dockerhub.
 2022-05-05 09:47:58 +02:00
Niklas Meyer
0539cc6d8c [SOGo] Update to 5.6.0 2022-05-05 08:28:57 +02:00
FreddleSpl0it
549ff7d100 Add Domain and Mailbox tagging (#4569) 
* [Web] define tag tables

* [Web] add mailbox tag functions

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* Include new tags lang in language.en.json

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

Co-authored-by: Niklas Meyer <62480600+DerLinkman@users.noreply.github.com>
 2022-05-05 08:25:01 +02:00
Niklas Meyer
456b528785 [API] Add version endpoint 
Resolves: https://github.com/mailcow/mailcow-dockerized/issues/4553
 2022-05-04 14:33:39 +02:00
Marco Jarjour
003a6342a5 Match also mobile id's 2022-04-27 17:43:40 +02:00
Marco Jarjour
fb10764167 Execute API calls only when needed 2022-04-27 15:57:53 +02:00
Lars Lehmann
9e1554f5c7 Add missing break 2022-04-26 13:12:31 +02:00
Niklas Meyer
42c82be8f5 Added skip-ping-check Variable to skip DNS ICMP if deactivated. 2022-04-26 10:17:47 +02:00
Lars Lehmann
76ec0e888b Add version endpoint 2022-04-25 22:44:41 +02:00
Niklas Meyer
892c99fa23 Merge pull request #4556 from mailcow/accessibility 
[Web] Make TLS policy toggles accessible
 2022-04-25 09:48:15 +02:00
Michael Kuron
28da482ef2 [Web] Make TLS policy toggles accessible 
Fixes #4554
 2022-04-24 12:25:49 +02:00
Niklas Meyer
936f07336c [Netfilter] Exclude banning IPs when dovecot server not reacheble 
The new docker tag for mailcow/netfilter is 1.47

Thanks to @dragoangel
 2022-04-22 16:20:35 +02:00
DerLinkman
224a59ab4b [Compose] Update netfilter-mailcow to 1.47 2022-04-22 16:19:06 +02:00
Dmitriy Alekseev
6c5ab7800e [Netfilter] Exclude banning IPs when dovecot server not reacheble 2022-04-13 13:01:58 +03:00
andryyy
7e26a2ab98 [Rspamd] Remove neural config due to massive fp 2022-04-13 10:42:11 +02:00
Kristian Feldsam
4e6c398c8c [Clamd] fix whitelist (#4541) 
Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
 2022-04-08 21:39:35 +02:00
Kristian Feldsam
d4e829465b [Dovecot] Disable imapsync job, when auth details are wrong. Fixes #4276 (#4540) 
Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
 2022-04-08 21:36:21 +02:00
andryyy
1ade37312e Merge remote-tracking branch 'origin/staging' into staging 2022-04-08 09:39:50 +02:00
andryyy
372e381a85 [Web] Fix wrong lang string for filter deletion confirmation 2022-04-08 09:39:32 +02:00
DerLinkman
374cc64601 Merge branch 'staging' 2022-04-05 22:56:11 +02:00
Niklas Meyer
1cf25572a3 [NGINX] Added new Proxy Buffers to the /SOGo Section 2022-04-05 22:54:38 +02:00
DerLinkman
ba45f70a30 [NGINX] Added new Proxy Buffers to the /SOGo Section 2022-04-05 22:49:41 +02:00
andryyy
5e56566de6 [Nginx] Fix Nginx buffer sizes by moving parameters to correct location 2022-04-05 22:35:02 +02:00
andryyy
a2ccf7ef03 [Nginx] Fix Nginx buffer sizes by moving parameters to correct location 2022-04-05 22:34:26 +02:00
Niklas Meyer
654dbf8198 🐄🐰 Moopril 2022 - ClamAV, Rspamd, SOGo Update 
Additions:

Update SOGo to 5.5.1
Update Rspamd to 3.2.1
Update ClamAV Containers to use the official ones
Added a specific ClamAV Volume for Docker

Fixes:

Autodiscover is now compatible with App Passwords.
The Postmap Access List has been updated to a newer state.
New French translations.
 2022-04-05 11:38:01 +02:00
Niklas Meyer
53a5254897 [SOGo] Update SOGo to 5.5.1 
**Includes Database Changes!**

As a preparation for 5.5.2 the database as well as some NGINX Settings have been changed.
 2022-04-01 15:20:09 +02:00
milkmaker
c433daf024 [Web] Updated lang.fr.json [CI SKIP] (#4529) 
Co-authored-by: crep7424 <guillaume@crepieux.eu>

Co-authored-by: crep7424 <guillaume@crepieux.eu>
 2022-03-31 21:05:40 +02:00
Peter
fd7269d455 [ClamAV] Move to official ClamAV Docker container (#4525) 
Since ClamAV starts to offer Docker containers this PR introduces said containers so we don't need to build the container on our own anymore. This was an easy task until v0.104, but then ClamAV changed its buildprocess to use cmake and with v0.105 it also needs the Rust toolchain -> https://docs.clamav.net/manual/Installing/Installing-from-source-Unix.html#ubuntu--debian

Here are the main changes for the new container

Creates clamd-db-vol-1 volume
Still uses the same config files
Downloads ClamAV databases in said volume
Smaller container footprint 13MB vs 150MB

---

* [ClamAV] Move to official ClamAV Docker container

* [ClamAV] Remove vim + nano

* [ClamAV] Use normal version in docker-compose
 2022-03-28 11:07:47 +02:00
Niklas Meyer
b375e6a250 [Rspamd] Update Rspamd to 3.2.1 (#4526) 
This PR Updates Rspamd to 3.2.1

(See Changelog here: https://rspamd.com/announce/2022/03/26/rspamd-3.2.html)

The new Tag is mailcow/rspamd:1.90
 2022-03-28 11:05:44 +02:00
milkmaker
48589d20e2 [Web] Updated lang.fr.json [CI SKIP] (#4523) 
Co-authored-by: crep7424 <guillaume@crepieux.eu>

Co-authored-by: crep7424 <guillaume@crepieux.eu>
 2022-03-25 18:00:50 +01:00
Aiko Appeldorn
be9cbcf5ac [Postfix] update postscreen access list (#4515) 2022-03-23 11:49:46 +01:00
Niklas Meyer
b04faddac4 Modified Buffer Size in site-defaults.conf 2022-03-23 11:14:07 +01:00
DerLinkman
e925187dda Revert "[Web] add github version tag - adjust css" 
This reverts commit a0c09af67e.
 2022-03-22 19:53:21 +01:00
Niklas Meyer
06f380a17a [DB] Removed empty space behind c_value 2022-03-22 19:47:53 +01:00
Niklas Meyer
67882414e1 [DB] Update DB Version to 22032022_1330 
For SOGo 5.5.1 and newer
 2022-03-22 19:47:53 +01:00
Niklas Meyer
2b149fb8ea [DB] Update schema for longer passwords in sogo 2022-03-22 19:47:53 +01:00
Niklas Meyer
3166bd5df5 [Compose] Update SOGo to 5.5.1 2022-03-22 19:47:53 +01:00
Michael Kuron
e911452d0c Enable autodiscover to work with app passwords (#4516) 
Fixes #4513
 2022-03-22 19:41:34 +01:00
Vincent Simon
deac5ad2fe [Web] Fix resource.php and /cache/ warning message 
If http://mail.example.tld/cache/ or http://mail.example.tld/resource.php are called without the required parameters it returns one or two warnings
 2022-03-20 22:05:28 +01:00
Niklas Meyer
f097267bcd Merge branch 'mailcow:staging' into staging 2022-03-20 22:04:46 +01:00
FreddleSpl0it
161130c116 [Web] Fix missing rspamd description (#4512) 
* [Web] fix missing rspamd description

* [Web] fix missing rspamd description
 2022-03-19 23:21:00 +01:00
Perry Toone
a03b8f28ae Update lang.en.json (#4511) 
* Update lang.en.json

Minor grammar correction in whitelist area.

* Update lang.en.json

Co-authored-by: Peter <magic@kthx.at>
 2022-03-19 23:12:21 +01:00
Niklas Meyer
bb9ae02ccc Merge branch 'mailcow:staging' into staging 2022-03-17 22:56:23 +01:00
FreddleSpl0it
a0c09af67e [Web] add github version tag - adjust css 2022-03-12 22:39:56 +01:00
59 changed files with 2588 additions and 696 deletions
Expand all files Collapse all files

7
.github/ISSUE_TEMPLATE/Bug_report.yml vendored
View File

@@ -54,10 +54,11 @@ body:
| --- | --- |
| My operating system | I_DO_REPLY_HERE |
| Is Apparmor, SELinux or similar active? | I_DO_REPLY_HERE |
| Virtualization technlogy (KVM, VMware, Xen, etc - **LXC and OpenVZ are not supported** | I_DO_REPLY_HERE |
| Virtualization technology (KVM, VMware, Xen, etc - **LXC and OpenVZ are not supported** | I_DO_REPLY_HERE |
| Server/VM specifications (Memory, CPU Cores) | I_DO_REPLY_HERE |
| Docker Version (`docker version`) | I_DO_REPLY_HERE |
| Docker-Compose Version (`docker-compose version`) | I_DO_REPLY_HERE |
| Docker version (`docker version`) | I_DO_REPLY_HERE |
| docker-compose version (`docker-compose version`) | I_DO_REPLY_HERE |
| mailcow version (```git describe --tags `git rev-list --tags --max-count=1` ```) | I_DO_REPLY_HERE |
| Reverse proxy (custom solution) | I_DO_REPLY_HERE |
Output of `git diff origin/master`, any other changes to the code? If so, **please post them**:

2
data/Dockerfiles/acme/Dockerfile
View File

@@ -1,4 +1,4 @@
FROM alpine:3.15
FROM alpine:3.16
LABEL maintainer "Andre Peters <andre.peters@servercow.de>"

73
data/Dockerfiles/clamd/Dockerfile
View File

@@ -1,76 +1,15 @@
FROM debian:bullseye-slim
FROM clamav/clamav:0.105.0_base
LABEL maintainer "André Peters <andre.peters@servercow.de>"
ARG CLAMAV=0.104.2
ARG TINI_VERSION=v0.19.0
RUN apt-get update && apt-get install -y --no-install-recommends \
ca-certificates \
build-essential \
pkg-config \
python3 \
python3-pip \
valgrind \
check \
libbz2-dev \
libcurl4-openssl-dev \
libjson-c-dev \
libmilter-dev \
libncurses5-dev \
libpcre2-dev \
libssl-dev \
libxml2-dev \
zlib1g-dev \
curl \
bash \
wget \
tzdata \
dnsutils \
RUN apk upgrade --no-cache \
&& apk add --update --no-cache \
rsync \
dos2unix \
netcat \
&& python3 -m pip install cmake \
&& rm -rf /var/lib/apt/lists/* \
&& wget -O - https://www.clamav.net/downloads/production/clamav-${CLAMAV}.tar.gz | tar xfvz - \
&& cd clamav-${CLAMAV} \
&& cmake . \
-D CMAKE_INSTALL_PREFIX=/usr \
-D CMAKE_INSTALL_LIBDIR=/usr/lib \
-D APP_CONFIG_DIRECTORY=/etc/clamav \
-D CMAKE_INSTALL_MANDIR=/usr/share/man \
-D CMAKE_INSTALL_INFODIR=/usr/share/info \
-D CLAMAV_USER=clamav \
-D CLAMAV_GROUP=clamav \
-D DATABASE_DIRECTORY=/var/lib/clamav \
-D ENABLE_APP=ON \
-D ENABLE_JSON_SHARED=OFF \
-D CMAKE_BUILD_TYPE=MinSizeRel \
&& cmake --build . -j4 \
&& cmake --build . --target install \
&& cd .. && rm -rf clamav-${CLAMAV} \
&& apt-get -y --auto-remove purge build-essential \
&& apt-get -y purge pkg-config \
python3 \
python3-pip \
valgrind \
check \
libbz2-dev \
libcurl4-openssl-dev \
libjson-c-dev \
libmilter-dev \
libncurses5-dev \
libpcre2-dev \
libssl-dev \
libxml2-dev \
zlib1g-dev \
&& addgroup --system --gid 700 clamav \
&& adduser --system --no-create-home --home /var/lib/clamav --uid 700 --gid 700 --disabled-login clamav \
&& rm -rf /tmp/* /var/tmp/*
bind-tools \
bash
COPY clamd.sh ./
ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini
RUN chmod +x /sbin/tini
ENTRYPOINT []
CMD ["/sbin/tini", "-g", "--", "/clamd.sh"]

2
data/Dockerfiles/dockerapi/Dockerfile
View File

@@ -1,4 +1,4 @@
FROM alpine:3.15
FROM alpine:3.16
LABEL maintainer "Andre Peters <andre.peters@servercow.de>"

10
data/Dockerfiles/dovecot/imapsync_runner.pl
View File

@@ -166,11 +166,17 @@ while ($row = $sth->fetchrow_arrayref()) {
$success = 1;
}
$update = $dbh->prepare("UPDATE imapsync SET returned_text = ?, success = ?, exit_status = ? WHERE id = ?");
$keep_job_active = 1;
if (defined $exit_status && $exit_status eq "EXIT_AUTHENTICATION_FAILURE_USER1") {
$keep_job_active = 0;
}
$update = $dbh->prepare("UPDATE imapsync SET returned_text = ?, success = ?, exit_status = ?, active = ? WHERE id = ?");
$update->bind_param( 1, ${stdout} );
$update->bind_param( 2, ${success} );
$update->bind_param( 3, ${exit_status} );
$update->bind_param( 4, ${id} );
$update->bind_param( 4, ${keep_job_active} );
$update->bind_param( 5, ${id} );
$update->execute();
} catch {
$update = $dbh->prepare("UPDATE imapsync SET returned_text = 'Could not start or finish imapsync', success = 0 WHERE id = ?");

2
data/Dockerfiles/netfilter/Dockerfile
View File

@@ -1,4 +1,4 @@
FROM alpine:3.15
FROM alpine:3.16
LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
ENV XTABLES_LIBDIR /usr/lib/xtables

2
data/Dockerfiles/netfilter/server.py
View File

@@ -94,7 +94,7 @@ def refreshF2bregex():
f2bregex = {}
f2bregex[1] = 'mailcow UI: Invalid password for .+ by ([0-9a-f\.:]+)'
f2bregex[2] = 'Rspamd UI: Invalid password by ([0-9a-f\.:]+)'
f2bregex[3] = 'warning: .*\[([0-9a-f\.:]+)\]: SASL .+ authentication failed'
f2bregex[3] = 'warning: .*\[([0-9a-f\.:]+)\]: SASL .+ authentication failed: (?!.*Connection lost to authentication server).+'
f2bregex[4] = 'warning: non-SMTP command from .*\[([0-9a-f\.:]+)]:.+'
f2bregex[5] = 'NOQUEUE: reject: RCPT from \[([0-9a-f\.:]+)].+Protocol error.+'
f2bregex[6] = '-login: Disconnected \(auth failed, .+\): user=.*, method=.+, rip=([0-9a-f\.:]+),'

2
data/Dockerfiles/olefy/Dockerfile
View File

@@ -1,4 +1,4 @@
FROM alpine:3.15
FROM alpine:3.16
LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
WORKDIR /app

10
data/Dockerfiles/phpfpm/Dockerfile
View File

@@ -1,12 +1,12 @@
FROM php:8.0-fpm-alpine3.14
FROM php:8.0-fpm-alpine3.16
LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
ENV APCU_PECL 5.1.20
ENV IMAGICK_PECL 3.5.1
ENV APCU_PECL 5.1.21
ENV IMAGICK_PECL 3.7.0
# Mailparse is pulled from master branch
#ENV MAILPARSE_PECL 3.0.2
ENV MEMCACHED_PECL 3.1.5
ENV REDIS_PECL 5.3.4
ENV MEMCACHED_PECL 3.2.0
ENV REDIS_PECL 5.3.7
RUN apk add -U --no-cache autoconf \
aspell-dev \

2
data/Dockerfiles/postfix/Dockerfile
View File

@@ -1,4 +1,4 @@
FROM debian:buster-slim
FROM debian:bullseye-slim
LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
ARG DEBIAN_FRONTEND=noninteractive

2
data/Dockerfiles/postfix/syslog-ng-redis_slave.conf
View File

@@ -1,4 +1,4 @@
@version: 3.19
@version: 3.28
@include "scl.conf"
options {
chain_hostnames(off);

2
data/Dockerfiles/postfix/syslog-ng.conf
View File

@@ -1,4 +1,4 @@
@version: 3.19
@version: 3.28
@include "scl.conf"
options {
chain_hostnames(off);

2
data/Dockerfiles/unbound/Dockerfile
View File

@@ -1,4 +1,4 @@
FROM alpine:3.15
FROM alpine:3.16
LABEL maintainer "Andre Peters <andre.peters@servercow.de>"

2
data/Dockerfiles/watchdog/Dockerfile
View File

@@ -1,4 +1,4 @@
FROM alpine:3.15
FROM alpine:3.16
LABEL maintainer "André Peters <andre.peters@servercow.de>"
# Installation

9
data/conf/nginx/includes/site-defaults.conf
View File

@@ -65,7 +65,7 @@
}
location ~ ^/api/v1/(.*)$ {
try_files $uri $uri/ /json_api.php?query=$1;
try_files $uri $uri/ /json_api.php?query=$1&$args;
}
location ^~ /.well-known/acme-challenge/ {
@@ -163,7 +163,9 @@
proxy_connect_timeout 75;
proxy_send_timeout 3600;
proxy_read_timeout 3600;
proxy_buffers 64 256k;
proxy_buffer_size 128k;
proxy_buffers 64 512k;
proxy_busy_buffers_size 512k;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
@@ -197,6 +199,9 @@
proxy_set_header x-webobjects-server-name $server_name;
proxy_set_header x-webobjects-server-url $client_req_scheme://$http_host;
proxy_set_header x-webobjects-server-port $server_port;
proxy_buffer_size 128k;
proxy_buffers 64 512k;
proxy_busy_buffers_size 512k;
proxy_send_timeout 3600;
proxy_read_timeout 3600;
client_body_buffer_size 128k;

418
data/conf/postfix/postscreen_access.cidr
View File

@@ -1,53 +1,63 @@
# Whitelist generated by Postwhite v3.4 on Sun Dec 15 21:16:19 CET 2019
# Whitelist generated by Postwhite v3.4 on Mon 21 Mar 2022 06:50:26 PM CET
# https://github.com/stevejenkins/postwhite/
# 1928 total rules
# 1898 total rules
2a00:1450:4000::/36 permit
2a01:111:f400::/48 permit
2a01:111:f403::/48 permit
2a01:4180:4050:0400::/64 permit
2a01:4180:4050:0800::/64 permit
2a01:4180:4051:0400::/64 permit
2a01:4180:4051:0800::/64 permit
2a02:a60:0:5::/64 permit
2c0f:fb50:4000::/36 permit
3.93.157.0/24 permit
8.20.114.31 permit
8.25.194.0/23 permit
8.25.196.0/23 permit
8.39.54.0/23 permit
8.40.222.0/23 permit
8.45.169.0/24 permit
12.130.86.238 permit
13.70.32.43 permit
13.72.50.45 permit
13.74.143.28 permit
13.77.161.179 permit
13.78.233.182 permit
13.92.31.129 permit
13.110.208.0/21 permit
13.110.216.0/22 permit
13.110.224.0/20 permit
13.111.0.0/16 permit
13.111.0.0/22 permit
13.111.52.0/22 permit
13.111.63.0/24 permit
13.111.68.0/24 permit
13.111.72.0/22 permit
13.111.92.0/24 permit
13.111.111.0/24 permit
17.36.0.0/16 permit
17.41.0.0/16 permit
17.57.155.0/24 permit
17.57.156.0/24 permit
17.58.0.0/16 permit
17.110.0.0/15 permit
17.111.110.0/23 permit
17.120.0.0/16 permit
17.133.0.0/16 permit
17.139.0.0/16 permit
17.142.0.0/15 permit
17.151.1.0/24 permit
17.158.0.0/15 permit
17.162.0.0/15 permit
17.164.0.0/16 permit
17.171.37.0/24 permit
17.172.0.0/16 permit
17.179.168.0/23 permit
18.194.95.56 permit
18.208.124.128/25 permit
18.198.96.88 permit
20.47.149.138 permit
20.48.0.0/12 permit
20.52.52.2 permit
20.52.128.133 permit
20.63.210.192/28 permit
20.64.0.0/10 permit
20.94.180.64/28 permit
20.185.213.160/27 permit
20.185.213.224/27 permit
20.185.214.0/27 permit
20.185.214.2 permit
20.185.214.32/27 permit
20.185.214.64/27 permit
23.23.237.213 permit
23.103.131.7 permit
20.192.0.0/10 permit
23.100.85.1 permit
23.103.224.0/19 permit
23.249.208.0/20 permit
23.251.224.0/19 permit
23.253.141.0/24 permit
23.253.182.0/23 permit
23.253.182.103 permit
23.253.183.145 permit
@@ -68,11 +78,11 @@
27.123.206.56/29 permit
27.123.206.76/30 permit
27.123.206.80/28 permit
27.126.146.0/24 permit
34.200.123.20 permit
34.194.25.167 permit
34.194.144.120 permit
34.212.163.75 permit
34.213.104.127 permit
34.225.212.172 permit
34.247.168.44 permit
35.176.132.251 permit
35.190.247.0/24 permit
35.191.0.0/16 permit
@@ -80,7 +90,10 @@
37.218.248.47 permit
37.218.249.47 permit
37.218.251.62 permit
39.156.163.64/29 permit
40.71.187.0/24 permit
40.76.4.15 permit
40.77.102.222 permit
40.92.0.0/15 permit
40.97.116.82 permit
40.97.128.194 permit
@@ -91,18 +104,20 @@
40.97.161.50 permit
40.97.164.146 permit
40.107.0.0/16 permit
40.112.65.63 permit
40.112.72.205 permit
40.113.200.201 permit
40.117.80.0/24 permit
40.121.71.46 permit
41.74.192.0/22 permit
41.74.196.0/22 permit
41.74.200.0/23 permit
41.74.201.0/24 permit
41.74.204.0/23 permit
41.74.205.0/24 permit
41.74.206.0/24 permit
42.159.163.81 permit
42.159.163.82 permit
42.159.163.83 permit
46.19.168.0/23 permit
43.228.184.0/22 permit
46.226.48.0/21 permit
46.228.36.37 permit
46.228.36.38/31 permit
@@ -160,26 +175,19 @@
50.18.125.97 permit
50.18.125.237 permit
50.18.126.162 permit
50.23.218.192/27 permit
50.31.32.0/19 permit
50.31.36.197 permit
50.31.36.199 permit
50.31.36.205 permit
50.31.36.208 permit
50.31.36.213 permit
50.31.44.111 permit
50.31.57.54/31 permit
50.31.57.60 permit
50.31.57.61 permit
50.31.57.62 permit
50.31.60.1 permit
50.31.156.96/27 permit
50.31.205.0/24 permit
50.207.218.237 permit
51.4.71.62 permit
51.4.72.0/24 permit
51.4.80.0/27 permit
51.5.72.0/24 permit
51.5.80.0/27 permit
51.137.58.21 permit
51.140.75.55 permit
51.144.100.179 permit
51.163.158.0/24 permit
51.163.159.0/24 permit
52.0.20.102 permit
51.163.159.21 permit
52.5.230.59 permit
52.27.5.72 permit
52.27.28.47 permit
@@ -190,10 +198,15 @@
52.41.64.145 permit
52.60.41.5 permit
52.60.115.116 permit
52.82.172.0/22 permit
52.94.124.0/28 permit
52.95.48.152/29 permit
52.95.49.88/29 permit
52.100.0.0/14 permit
52.128.40.0/21 permit
52.119.213.144/28 permit
52.160.39.140 permit
52.165.175.144 permit
52.185.106.240/28 permit
52.200.59.0/24 permit
52.205.61.79 permit
52.207.191.216 permit
@@ -201,26 +214,30 @@
52.222.73.83 permit
52.222.73.120 permit
52.222.75.85 permit
52.234.172.96/28 permit
52.236.28.240/28 permit
52.237.141.173 permit
52.244.206.214 permit
52.247.53.144 permit
52.250.107.196 permit
52.250.126.174 permit
52.251.55.143 permit
54.90.148.255 permit
54.156.255.69 permit
54.172.97.247 permit
54.173.229.38 permit
54.174.52.0/24 permit
54.174.53.128/30 permit
54.174.57.0/24 permit
54.174.59.0/24 permit
54.174.60.0/23 permit
54.174.63.0/24 permit
54.186.193.102 permit
54.191.223.5 permit
54.194.61.95 permit
54.195.113.45 permit
54.214.39.184 permit
54.216.77.168 permit
54.240.0.0/18 permit
54.240.40.0/25 permit
54.240.56.128/26 permit
54.240.63.0/25 permit
54.240.64.0/19 permit
54.240.96.0/19 permit
54.241.16.209 permit
54.243.205.80 permit
54.244.54.130 permit
54.244.242.0/24 permit
54.246.232.180 permit
62.13.128.0/24 permit
62.13.129.128/25 permit
62.13.136.0/22 permit
@@ -231,9 +248,9 @@
62.13.152.0/23 permit
62.17.146.128/26 permit
62.140.7.0/24 permit
62.140.10.0/24 permit
62.140.10.21 permit
63.32.13.159 permit
63.80.14.0/23 permit
63.111.28.137 permit
63.128.21.0/24 permit
63.143.57.128/25 permit
63.143.59.128/25 permit
@@ -241,9 +258,11 @@
64.20.241.45 permit
64.34.47.128/27 permit
64.34.57.192/26 permit
64.71.149.160/28 permit
64.79.155.0/24 permit
64.79.155.192 permit
64.89.45.192/30 permit
64.89.44.85 permit
64.89.45.80 permit
64.89.45.194 permit
64.89.45.196 permit
64.95.144.196 permit
64.127.115.252 permit
@@ -265,21 +284,21 @@
64.207.219.7 permit
64.207.219.8 permit
64.207.219.9 permit
64.207.219.10 permit
64.207.219.11 permit
64.207.219.12 permit
64.207.219.13 permit
64.207.219.14 permit
64.207.219.15 permit
64.207.219.71 permit
64.207.219.72 permit
64.207.219.73 permit
64.207.219.74 permit
64.207.219.75 permit
64.207.219.76 permit
64.207.219.77 permit
64.207.219.78 permit
64.207.219.79 permit
64.207.219.135 permit
64.207.219.136 permit
64.207.219.137 permit
64.207.219.138 permit
64.207.219.139 permit
64.207.219.140 permit
64.207.219.141 permit
64.207.219.142 permit
64.207.219.143 permit
64.233.160.0/19 permit
65.38.115.76 permit
65.38.115.84 permit
@@ -288,7 +307,6 @@
65.54.51.64/26 permit
65.54.61.64/26 permit
65.54.121.120/29 permit
65.54.121.124/31 permit
65.54.190.0/24 permit
65.54.241.0/24 permit
65.55.29.77 permit
@@ -298,7 +316,6 @@
65.55.52.224/27 permit
65.55.78.128/25 permit
65.55.81.48/28 permit
65.55.81.54/31 permit
65.55.90.0/24 permit
65.55.94.0/25 permit
65.55.111.0/24 permit
@@ -325,9 +342,6 @@
66.111.4.225 permit
66.111.4.229 permit
66.111.4.230 permit
66.135.202.0/27 permit
66.135.215.0/24 permit
66.135.222.1 permit
66.162.193.226/31 permit
66.163.184.0/21 permit
66.163.184.0/24 permit
@@ -358,7 +372,8 @@
66.196.81.232/31 permit
66.196.81.234 permit
66.211.168.230/31 permit
66.211.184.0/23 permit
66.211.170.86/31 permit
66.211.170.88/30 permit
66.218.74.64/30 permit
66.218.74.68/31 permit
66.218.75.112/30 permit
@@ -420,9 +435,7 @@
67.221.168.65 permit
67.228.2.24/30 permit
67.228.21.184/29 permit
67.228.34.32/27 permit
67.228.37.4/30 permit
67.228.50.54/31 permit
67.231.145.42 permit
67.231.153.30 permit
68.142.230.0/24 permit
@@ -432,17 +445,6 @@
68.142.230.72/30 permit
68.142.230.76/31 permit
68.142.230.78 permit
68.232.131.164 permit
68.232.131.172 permit
68.232.131.183 permit
68.232.131.185 permit
68.232.143.44 permit
68.232.145.216 permit
68.232.148.56 permit
68.232.148.128 permit
68.232.148.138 permit
68.232.157.60 permit
68.232.157.143 permit
68.232.192.0/20 permit
69.63.178.128/25 permit
69.63.181.0/24 permit
@@ -456,9 +458,9 @@
69.171.232.0/24 permit
69.171.244.0/23 permit
70.37.151.128/25 permit
70.42.149.0/24 permit
70.42.149.35 permit
72.3.185.0/24 permit
72.3.237.64/28 permit
72.14.192.0/18 permit
72.21.192.0/19 permit
72.21.217.142 permit
@@ -523,8 +525,10 @@
72.32.154.0/24 permit
72.32.217.0/24 permit
72.32.243.0/24 permit
72.34.168.75 permit
72.34.168.76 permit
72.34.168.80 permit
72.34.168.85 permit
72.34.168.86 permit
72.52.72.32/28 permit
72.52.72.36 permit
74.6.128.0/21 permit
@@ -536,9 +540,6 @@
74.6.133.0/24 permit
74.6.134.0/24 permit
74.6.135.0/24 permit
74.63.63.115 permit
74.63.63.121 permit
74.63.194.126 permit
74.63.212.0/24 permit
74.63.234.75 permit
74.63.236.0/24 permit
@@ -557,17 +558,9 @@
74.112.67.243 permit
74.125.0.0/16 permit
74.202.227.40 permit
74.208.4.192/26 permit
74.208.5.64/26 permit
74.208.122.0/26 permit
74.209.250.0/24 permit
74.209.250.12 permit
75.126.253.48 permit
76.223.176.0/24 permit
76.223.180.0/23 permit
76.223.188.0/24 permit
76.223.189.0/24 permit
76.223.190.0/24 permit
76.223.176.0/20 permit
77.238.176.0/22 permit
77.238.176.0/24 permit
77.238.177.0/24 permit
@@ -590,13 +583,11 @@
77.238.189.146/31 permit
77.238.189.148/30 permit
81.223.46.0/27 permit
82.165.159.0/24 permit
82.165.159.0/26 permit
82.165.229.130 permit
82.165.230.22 permit
84.16.77.1 permit
85.158.136.0/21 permit
86.61.88.25 permit
87.198.219.130 permit
87.198.219.153 permit
87.238.80.0/21 permit
87.248.103.12 permit
87.248.103.21 permit
@@ -633,11 +624,9 @@
87.248.117.201 permit
87.248.117.202 permit
87.248.117.205 permit
87.252.219.254 permit
87.253.232.0/21 permit
89.22.108.0/24 permit
91.194.248.0/23 permit
91.211.240.0/22 permit
91.211.243.0/24 permit
91.220.42.0/24 permit
94.236.119.0/26 permit
94.245.112.0/27 permit
@@ -649,7 +638,6 @@
96.43.148.64/28 permit
96.43.148.64/31 permit
96.43.151.64/28 permit
96.46.150.192/27 permit
98.136.44.181 permit
98.136.44.182/31 permit
98.136.44.184 permit
@@ -1152,20 +1140,25 @@
98.139.245.180/31 permit
98.139.245.208/30 permit
98.139.245.212/31 permit
99.78.197.208/28 permit
103.2.140.0/22 permit
103.9.8.121 permit
103.9.8.122 permit
103.9.8.123 permit
103.9.96.0/22 permit
103.13.69.0/24 permit
103.28.42.0/24 permit
103.96.20.0/24 permit
103.96.22.0/24 permit
103.47.204.0/22 permit
103.96.21.0/24 permit
103.96.23.0/24 permit
103.151.192.0/23 permit
103.237.104.0/22 permit
104.43.243.237 permit
104.47.0.0/17 permit
104.130.96.0/28 permit
104.130.122.0/23 permit
104.214.25.77 permit
104.215.148.63 permit
104.215.186.3 permit
104.245.209.192/26 permit
106.10.144.64/27 permit
106.10.144.100/31 permit
@@ -1291,6 +1284,7 @@
106.10.242.0/24 permit
106.10.243.0/24 permit
106.10.244.0/24 permit
106.39.212.64/29 permit
106.50.16.0/28 permit
108.174.0.0/24 permit
108.174.0.215 permit
@@ -1302,13 +1296,14 @@
108.175.30.45 permit
108.177.8.0/21 permit
108.177.96.0/19 permit
108.178.6.0/24 permit
109.237.142.0/24 permit
111.221.23.128/25 permit
111.221.26.0/27 permit
111.221.66.0/25 permit
111.221.69.128/25 permit
111.221.112.0/21 permit
112.19.199.64/29 permit
112.19.242.64/29 permit
116.214.12.0/24 permit
116.214.12.47 permit
116.214.12.48/31 permit
@@ -1325,6 +1320,7 @@
117.120.16.0/21 permit
119.42.242.52/31 permit
119.42.242.156 permit
123.126.78.64/29 permit
124.47.150.0/24 permit
124.47.189.0/24 permit
124.108.96.0/24 permit
@@ -1332,11 +1328,19 @@
124.108.96.28/31 permit
124.108.96.70/31 permit
124.108.96.72/31 permit
128.17.0.0/20 permit
128.17.64.0/20 permit
128.17.128.0/20 permit
128.17.192.0/20 permit
128.127.70.0/26 permit
128.245.0.0/20 permit
128.245.64.0/20 permit
129.41.77.70 permit
129.41.169.249 permit
129.146.236.58 permit
129.153.194.228 permit
129.159.87.137 permit
130.61.9.72 permit
130.61.68.235 permit
130.211.0.0/22 permit
130.248.172.0/24 permit
130.248.173.0/24 permit
@@ -1345,8 +1349,10 @@
131.253.121.0/26 permit
131.253.121.20 permit
131.253.121.52 permit
132.145.11.129 permit
132.145.13.209 permit
132.226.26.225 permit
132.226.49.32 permit
132.226.56.24 permit
134.170.27.8 permit
134.170.113.0/26 permit
134.170.141.64/26 permit
@@ -1356,21 +1362,27 @@
135.84.82.0/24 permit
135.84.216.0/22 permit
136.143.182.0/23 permit
136.143.188.0/23 permit
136.143.184.0/24 permit
136.143.188.0/24 permit
136.147.128.0/20 permit
136.147.135.0/24 permit
136.147.176.0/20 permit
136.147.176.0/24 permit
136.147.182.0/24 permit
138.91.172.26 permit
139.60.152.0/22 permit
139.178.64.159 permit
139.178.64.195 permit
139.180.17.0/24 permit
141.193.32.0/23 permit
143.55.224.0/21 permit
143.55.232.0/22 permit
143.55.236.0/22 permit
144.178.36.0/24 permit
144.178.38.0/24 permit
146.20.112.0/26 permit
146.20.113.0/24 permit
146.20.191.0/24 permit
146.88.28.0/24 permit
146.20.215.0/24 permit
146.101.78.0/24 permit
147.75.65.173 permit
147.75.65.174 permit
@@ -1384,10 +1396,7 @@
148.105.0.14 permit
148.105.8.0/21 permit
149.72.0.0/16 permit
151.101.1.140 permit
151.101.65.140 permit
151.101.129.140 permit
151.101.193.140 permit
152.67.105.195 permit
157.55.0.192/26 permit
157.55.1.128/26 permit
157.55.2.0/25 permit
@@ -1397,6 +1406,7 @@
157.55.61.0/24 permit
157.55.157.128/25 permit
157.55.225.0/25 permit
157.55.254.216 permit
157.56.24.0/25 permit
157.56.120.128/26 permit
157.56.232.0/21 permit
@@ -1405,21 +1415,26 @@
157.58.196.96/29 permit
157.58.249.3 permit
157.151.208.65 permit
158.247.16.0/20 permit
157.255.1.64/29 permit
159.92.157.0/24 permit
159.92.158.0/24 permit
159.92.159.0/24 permit
159.92.160.0/24 permit
159.92.161.0/24 permit
159.92.162.0/24 permit
159.135.132.128/25 permit
159.135.140.80/29 permit
159.135.224.0/20 permit
161.38.192.0/22 permit
161.38.196.0/22 permit
161.71.32.0/21 permit
159.183.0.0/16 permit
161.38.192.0/20 permit
161.38.204.0/22 permit
161.71.32.0/19 permit
161.71.64.0/20 permit
162.208.119.181 permit
162.247.216.0/22 permit
162.248.184.121 permit
162.248.184.122 permit
162.248.185.121 permit
162.248.185.122 permit
162.248.186.121 permit
162.248.186.122 permit
163.47.180.0/22 permit
163.47.180.0/23 permit
163.114.130.16 permit
163.114.132.120 permit
166.78.68.0/22 permit
166.78.68.221 permit
166.78.69.146 permit
@@ -1427,16 +1442,7 @@
166.78.69.170 permit
166.78.71.131 permit
167.89.0.0/17 permit
167.89.2.4 permit
167.89.22.44 permit
167.89.25.84 permit
167.89.31.192/29 permit
167.89.32.5 permit
167.89.32.50 permit
167.89.46.159 permit
167.89.46.185 permit
167.89.60.95 permit
167.89.62.118 permit
167.89.64.9 permit
167.89.65.0 permit
167.89.65.53 permit
@@ -1448,22 +1454,15 @@
167.89.75.164 permit
167.89.101.2 permit
167.89.101.192/28 permit
167.89.107.125 permit
167.89.107.127 permit
167.89.107.129 permit
167.89.107.136 permit
167.216.129.170 permit
167.216.129.182/31 permit
167.216.129.184/29 permit
167.216.129.192/29 permit
167.216.129.200 permit
167.216.129.205 permit
167.216.129.206/31 permit
167.216.129.208/31 permit
167.216.129.210 permit
167.216.131.180 permit
167.220.67.232/29 permit
167.220.67.238 permit
168.138.5.36 permit
168.245.0.0/17 permit
170.10.68.0/22 permit
170.10.129.0/24 permit
170.10.133.0/24 permit
172.217.0.0/19 permit
172.217.32.0/20 permit
172.217.128.0/19 permit
@@ -1473,8 +1472,6 @@
172.253.112.0/20 permit
173.0.84.224/27 permit
173.0.94.244/30 permit
173.193.132.134/31 permit
173.193.210.32/27 permit
173.194.0.0/16 permit
173.203.79.182 permit
173.203.81.39 permit
@@ -1482,7 +1479,6 @@
173.224.160.188 permit
173.224.161.128/25 permit
173.228.155.0/24 permit
173.236.20.0/24 permit
174.36.84.8/29 permit
174.36.84.16/29 permit
174.36.84.32/29 permit
@@ -1494,30 +1490,25 @@
174.36.114.148/30 permit
174.36.114.152/29 permit
174.37.67.28/30 permit
174.37.226.64/27 permit
174.129.194.241 permit
174.129.203.189 permit
174.137.46.0/24 permit
176.32.105.0/24 permit
176.32.127.0/24 permit
178.236.10.128/26 permit
180.189.28.0/24 permit
182.50.76.0/22 permit
182.50.78.64/28 permit
184.173.105.0/24 permit
184.173.153.0/24 permit
185.4.120.0/24 permit
185.4.122.0/24 permit
183.240.219.64/29 permit
185.12.80.0/22 permit
185.28.196.0/22 permit
185.58.84.0/24 permit
185.58.87.0/24 permit
185.58.84.93 permit
185.58.85.0/24 permit
185.58.86.0/24 permit
185.72.128.75 permit
185.72.128.76 permit
185.72.128.80 permit
185.80.93.204 permit
185.80.93.227 permit
185.80.95.31 permit
185.90.20.0/22 permit
185.189.236.0/22 permit
185.211.120.0/22 permit
185.250.236.0/22 permit
@@ -1577,7 +1568,6 @@
192.64.236.0/24 permit
192.64.237.0/24 permit
192.64.238.0/24 permit
192.92.97.0/24 permit
192.161.144.0/20 permit
192.162.87.0/24 permit
192.237.158.0/23 permit
@@ -1589,37 +1579,34 @@
192.254.113.10 permit
192.254.113.101 permit
192.254.114.176 permit
192.254.115.72 permit
192.254.118.63 permit
192.254.127.96/27 permit
193.7.206.0/25 permit
193.7.207.0/25 permit
193.109.254.0/23 permit
194.64.234.128/27 permit
193.122.128.100 permit
194.64.234.129 permit
194.104.109.0/24 permit
194.104.111.0/24 permit
194.106.220.0/23 permit
194.113.24.0/22 permit
194.154.193.192/27 permit
195.54.172.0/23 permit
195.130.217.0/24 permit
195.234.109.226 permit
195.245.230.0/23 permit
198.2.128.0/18 permit
198.2.128.0/24 permit
198.2.132.0/22 permit
198.2.136.0/23 permit
198.2.145.0/24 permit
198.2.177.0/24 permit
198.2.178.0/24 permit
198.2.179.0/24 permit
198.2.178.0/23 permit
198.2.180.0/24 permit
198.2.186.0/23 permit
198.21.0.0/21 permit
198.21.3.166 permit
198.21.4.224 permit
198.37.144.0/20 permit
198.37.145.250 permit
198.37.146.118/31 permit
198.37.149.128 permit
198.37.151.26 permit
198.37.152.186 permit
198.61.254.0/23 permit
198.61.254.231 permit
198.74.56.28 permit
198.178.234.57 permit
198.245.80.0/20 permit
198.245.81.0/24 permit
@@ -1636,18 +1623,15 @@
199.122.120.0/21 permit
199.122.123.0/24 permit
199.127.232.0/22 permit
199.201.64.23 permit
199.201.65.23 permit
199.255.192.0/22 permit
202.129.242.0/23 permit
202.165.102.47 permit
202.177.148.100 permit
202.177.148.110 permit
203.31.36.0/22 permit
203.32.4.25 permit
203.55.21.0/24 permit
203.81.17.0/24 permit
203.122.32.250 permit
203.145.57.160/27 permit
203.188.194.32 permit
203.188.194.151 permit
203.188.194.203 permit
@@ -1680,32 +1664,30 @@
203.188.201.12/30 permit
203.209.230.75 permit
203.209.230.76/31 permit
204.2.193.0/29 permit
204.11.168.0/21 permit
204.13.11.48/29 permit
204.13.11.48/30 permit
204.14.232.0/21 permit
204.14.232.64/28 permit
204.14.234.64/28 permit
204.29.186.0/23 permit
204.75.142.0/24 permit
204.79.197.212 permit
204.92.114.187 permit
204.92.114.203 permit
204.92.114.204/31 permit
204.141.32.0/23 permit
204.141.42.0/23 permit
204.153.120.0/23 permit
204.153.121.0/24 permit
204.232.168.0/24 permit
205.139.110.0/24 permit
205.139.111.0/24 permit
205.201.128.0/20 permit
205.201.131.128/25 permit
205.201.134.128/25 permit
205.201.136.0/23 permit
205.201.137.229 permit
205.201.139.0/24 permit
205.207.104.0/22 permit
205.207.104.108 permit
205.220.167.17 permit
205.220.179.17 permit
205.251.233.32 permit
205.251.233.36 permit
206.25.247.143 permit
@@ -1727,6 +1709,8 @@
207.46.132.128/27 permit
207.46.198.0/25 permit
207.46.200.0/27 permit
207.46.225.107 permit
207.58.147.64/28 permit
207.67.38.0/24 permit
207.67.98.192/27 permit
207.68.176.0/26 permit
@@ -1734,7 +1718,8 @@
207.82.80.0/24 permit
207.126.144.0/20 permit
207.171.160.0/19 permit
207.211.30.0/24 permit
207.211.30.64/26 permit
207.211.30.128/25 permit
207.211.31.0/25 permit
207.211.41.113 permit
207.218.90.0/24 permit
@@ -1743,7 +1728,7 @@
208.43.21.28/30 permit
208.43.21.64/29 permit
208.43.21.72/30 permit
208.43.239.136/30 permit
208.46.212.80 permit
208.46.212.208/31 permit
208.46.212.210 permit
208.64.132.0/22 permit
@@ -1773,13 +1758,13 @@
208.71.42.212/31 permit
208.71.42.214 permit
208.72.249.240/29 permit
208.74.204.0/22 permit
208.74.204.9 permit
208.75.120.0/22 permit
208.75.122.246 permit
208.82.236.96/28 permit
208.82.237.96/28 permit
208.82.238.96/28 permit
208.82.237.96/29 permit
208.82.237.104/31 permit
208.82.238.96/29 permit
208.82.238.104/31 permit
208.85.50.137 permit
208.117.48.0/20 permit
208.185.229.45 permit
@@ -1792,10 +1777,10 @@
209.67.98.59 permit
209.85.128.0/17 permit
212.4.136.0/26 permit
212.25.240.75 permit
212.25.240.76 permit
212.25.240.80 permit
212.25.240.83 permit
212.25.240.84 permit
212.25.240.84/31 permit
212.25.240.88 permit
212.82.96.0/24 permit
212.82.96.32/27 permit
212.82.96.64/29 permit
@@ -1836,13 +1821,8 @@
212.82.111.228/31 permit
212.82.111.230 permit
212.123.28.40 permit
212.227.15.0/24 permit
212.227.15.0/25 permit
212.227.17.0/27 permit
212.227.126.128/25 permit
213.165.64.0/23 permit
213.167.75.0/24 permit
213.167.81.0/24 permit
213.167.75.0/25 permit
213.167.81.0/25 permit
213.199.128.139 permit
213.199.128.145 permit
213.199.138.181 permit
@@ -1851,6 +1831,7 @@
213.199.177.0/26 permit
216.17.150.242 permit
216.17.150.251 permit
216.22.15.224/27 permit
216.24.224.0/20 permit
216.39.60.0/23 permit
216.39.60.154/31 permit
@@ -1877,17 +1858,9 @@
216.39.62.60/31 permit
216.39.62.136/29 permit
216.39.62.144/31 permit
216.46.168.197 permit
216.46.168.222 permit
216.52.185.88/29 permit
216.46.168.0/24 permit
216.58.192.0/19 permit
216.66.217.240/29 permit
216.71.96.0/22 permit
216.71.152.175 permit
216.71.152.207 permit
216.71.154.29 permit
216.71.155.88 permit
216.71.155.89 permit
216.74.162.13 permit
216.74.162.14 permit
216.82.240.0/20 permit
@@ -1897,9 +1870,6 @@
216.109.114.0/24 permit
216.109.114.32/27 permit
216.109.114.64/29 permit
216.113.160.0/24 permit
216.113.172.0/25 permit
216.113.175.0/24 permit
216.128.126.97 permit
216.136.162.65 permit
216.136.162.120/29 permit
@@ -1909,14 +1879,13 @@
216.203.33.178/31 permit
216.205.24.0/24 permit
216.239.32.0/19 permit
217.72.192.64/26 permit
217.72.192.248/29 permit
217.72.207.0/27 permit
217.77.141.52 permit
217.77.141.59 permit
217.175.193.0/24 permit
217.175.194.0/23 permit
217.175.196.0/24 permit
222.73.195.64/29 permit
223.165.113.0/24 permit
223.165.115.0/24 permit
223.165.118.0/23 permit
223.165.120.0/23 permit
2001:4860:4000::/36 permit
2404:6800:4000::/36 permit
2607:f8b0:4000::/36 permit
@@ -1925,6 +1894,7 @@
2620:109:c006:104::215 permit
2620:109:c006:104::/64 permit
2620:109:c00d:104::/64 permit
2620:10d:c090:450::120 permit
2620:10d:c091:450::16 permit
2620:119:50c0:207::215 permit
2620:119:50c0:207::/64 permit

24
data/conf/rspamd/local.d/neural.conf
View File

@@ -1,24 +0,0 @@
rules {
"LONG" {
train {
max_trains = 200;
max_usages = 20;
max_iterations = 25;
learning_rate = 0.01,
}
symbol_spam = "NEURAL_SPAM_LONG";
symbol_ham = "NEURAL_HAM_LONG";
ann_expire = 45d;
}
"SHORT" {
train {
max_trains = 100;
max_usages = 10;
max_iterations = 15;
learning_rate = 0.01,
}
symbol_spam = "NEURAL_SPAM_SHORT";
symbol_ham = "NEURAL_HAM_SHORT";
ann_expire = 7d;
}
}

18
data/conf/rspamd/local.d/neural_group.conf
View File

@@ -1,18 +0,0 @@
symbols = {
"NEURAL_SPAM_LONG" {
weight = 3.7; # sample weight
description = "Neural network spam (long)";
}
"NEURAL_HAM_LONG" {
weight = -4.0; # sample weight
description = "Neural network ham (long)";
}
"NEURAL_SPAM_SHORT" {
weight = 2.5; # sample weight
description = "Neural network spam (short)";
}
"NEURAL_HAM_SHORT" {
weight = -2.0; # sample weight
description = "Neural network ham (short)";
}
}

2
data/web/api/index.html
View File

@@ -39,7 +39,7 @@
window.onload = function() {
// Begin Swagger UI call region
const ui = SwaggerUIBundle({
url: "/api/openapi.yaml",
urls: [{url: "/api/openapi.yaml", name: "mailcow API"}],
dom_id: '#swagger-ui',
deepLinking: true,
presets: [

193
data/web/api/openapi.yaml
View File

@@ -209,10 +209,17 @@ paths:
- app_passwd
- add
- active: "1"
app_name: emclient
username: info@domain.tld
app_name: wordpress
app_passwd: keyleudecticidechothistishownsan31
app_passwd2: keyleudecticidechothistishownsan31
username: hello@mailcow.email
protocols:
- imap_access
- dav_access
- smtp_access
- eas_access
- pop3_access
- sieve_access
msg: app_passwd_added
type: success
schema:
@@ -249,6 +256,13 @@ paths:
app_name: wordpress
app_passwd: keyleudecticidechothistishownsan31
app_passwd2: keyleudecticidechothistishownsan31
protocols:
- imap_access
- dav_access
- smtp_access
- eas_access
- pop3_access
- sieve_access
properties:
active:
description: is alias active or not
@@ -497,6 +511,7 @@ paths:
relay_all_recipients: "0"
rl_frame: s
rl_value: "10"
tags: ["tag1", "tag2"]
- null
msg:
- domain_added
@@ -544,6 +559,7 @@ paths:
rl_frame: s
rl_value: "10"
restart_sogo: "10"
tags: ["tag1", "tag2"]
properties:
active:
description: is domain active or not
@@ -1010,6 +1026,7 @@ paths:
force_pw_update: "1"
tls_enforce_in: "1"
tls_enforce_out: "1"
tags: ["tag1", "tag2"]
- null
msg:
- mailbox_added
@@ -1054,6 +1071,7 @@ paths:
force_pw_update: "1"
tls_enforce_in: "1"
tls_enforce_out: "1"
tags: ["tag1", "tag2"]
properties:
active:
description: is mailbox active or not
@@ -2716,6 +2734,140 @@ paths:
type: object
type: object
summary: Delete Transport Maps
"/api/v1/delete/mailbox/tag/{mailbox}":
post:
parameters:
- description: name of mailbox
in: path
name: mailbox
example: info@domain.tld
required: true
schema:
type: string
responses:
"401":
$ref: "#/components/responses/Unauthorized"
"200":
content:
application/json:
examples:
response:
value:
- log:
- mailbox
- delete
- tags_mailbox
- tags:
- tag1
- tag2
mailbox: info@domain.tld
- null
msg:
- mailbox_modified
- info@domain.tld
type: success
schema:
properties:
log:
description: contains request object
items: {}
type: array
msg:
items: {}
type: array
type:
enum:
- success
- danger
- error
type: string
type: object
description: OK
headers: {}
tags:
- Mailboxes
description: You can delete one or more mailbox tags.
operationId: Delete mailbox tags
requestBody:
content:
application/json:
schema:
example:
- tag1
- tag2
properties:
items:
description: contains list of mailboxes you want to delete
type: object
type: object
summary: Delete mailbox tags
"/api/v1/delete/domain/tag/{domain}":
post:
parameters:
- description: name of domain
in: path
name: domain
example: domain.tld
required: true
schema:
type: string
responses:
"401":
$ref: "#/components/responses/Unauthorized"
"200":
content:
application/json:
examples:
response:
value:
- log:
- mailbox
- delete
- tags_domain
- tags:
- tag1
- tag2
domain: domain.tld
- null
msg:
- domain_modified
- domain.tld
type: success
schema:
properties:
log:
description: contains request object
items: {}
type: array
msg:
items: {}
type: array
type:
enum:
- success
- danger
- error
type: string
type: object
description: OK
headers: {}
tags:
- Domains
description: You can delete one or more domain tags.
operationId: Delete domain tags
requestBody:
content:
application/json:
schema:
example:
- tag1
- tag2
properties:
items:
description: contains list of domains you want to delete
type: object
type: object
summary: Delete domain tags
/api/v1/edit/alias:
post:
responses:
@@ -2865,6 +3017,7 @@ paths:
quota: "10240"
relay_all_recipients: "0"
relayhost: "2"
tags: ["tag3", "tag4"]
items: domain.tld
properties:
attr:
@@ -3019,6 +3172,7 @@ paths:
sogo_access: "1"
username:
- info@domain.tld
tags: ["tag3", "tag4"]
- null
msg:
- mailbox_modified
@@ -3066,6 +3220,7 @@ paths:
- domain3.tld
- "*"
sogo_access: "1"
tags: ["tag3", "tag4"]
items:
- info@domain.tld
properties:
@@ -3793,6 +3948,11 @@ paths:
- all
- mailcow.tld
type: string
- description: comma seperated list of tags to filter by
example: "tag1,tag2"
in: query
name: tags
required: false
- description: e.g. api-key-string
example: api-key-string
in: header
@@ -3831,6 +3991,7 @@ paths:
relay_all_recipients: "0"
relayhost: "0"
rl: false
tags: ["tag1", "tag2"]
- active: "1"
aliases_in_domain: 0
aliases_left: 400
@@ -3853,6 +4014,7 @@ paths:
relay_all_recipients: "0"
relayhost: "0"
rl: false
tags: ["tag3", "tag4"]
description: OK
headers: {}
tags:
@@ -4345,6 +4507,11 @@ paths:
- all
- user@domain.tld
type: string
- description: comma seperated list of tags to filter by
example: "tag1,tag2"
in: query
name: tags
required: false
- description: e.g. api-key-string
example: api-key-string
in: header
@@ -4382,6 +4549,7 @@ paths:
rl: false
spam_aliases: 0
username: info@doman3.tld
tags: ["tag1", "tag2"]
description: OK
headers: {}
tags:
@@ -5072,6 +5240,27 @@ paths:
of used storage.
operationId: Get vmail status
summary: Get vmail status
/api/v1/get/status/version:
get:
responses:
"401":
$ref: "#/components/responses/Unauthorized"
"200":
content:
application/json:
examples:
response:
value:
version: "2022-04"
description: OK
headers: {}
tags:
- Status
description: >-
Using this endpoint you can get the current running release of this
instance.
operationId: Get version status
summary: Get version status
/api/v1/get/syncjobs/all/no_log:
get:
responses:

2
data/web/autodiscover.php
View File

@@ -68,7 +68,7 @@ if (empty($_SERVER['PHP_AUTH_USER']) || empty($_SERVER['PHP_AUTH_PW'])) {
exit(0);
}
$login_role = check_login($login_user, $login_pass, true);
$login_role = check_login($login_user, $login_pass, array('eas' => TRUE));
if ($login_role === "user") {
header("Content-Type: application/xml");

41
data/web/css/build/008-mailcow.css
View File

@@ -232,6 +232,9 @@ table.footable>tbody>tr.footable-empty>td {
font-style:italic;
font-size: 1rem;
}
table>tbody>tr>td>span.footable-toggle {
opacity: 0.75;
}
.navbar-nav > li {
font-size: 1rem !important;
}
@@ -256,3 +259,41 @@ code {
.flag-icon {
margin-right: 5px;
}
.tag-box {
display: flex;
flex-wrap: wrap;
height: auto;
}
.tag-badge {
transition: 200ms linear;
margin-top: 5px;
margin-bottom: 5px;
margin-left: 2px;
margin-right: 2px;
}
.tag-badge.btn-badge {
cursor: pointer;
}
.tag-badge .bi {
font-size: 12px;
}
.tag-badge.btn-badge:hover {
filter: brightness(0.9);
}
.tag-input {
margin-left: 10px;
border: 0;
flex: 1;
height: 24px;
min-width: 150px;
}
.tag-input:focus {
outline: none;
}
.tag-add {
padding: 0 5px 0 5px;
align-items: center;
display: inline-flex;
}

2
data/web/edit.php
View File

@@ -54,6 +54,7 @@ if (isset($_SESSION['mailcow_cc_role'])) {
'rl' => $rl,
'rlyhosts' => $rlyhosts,
'dkim' => dkim('details', $domain),
'domain_details' => $result,
];
}
elseif (isset($_GET['oauth2client']) &&
@@ -99,6 +100,7 @@ if (isset($_SESSION['mailcow_cc_role'])) {
'rlyhosts' => $rlyhosts,
'sender_acl_handles' => mailbox('get', 'sender_acl_handles', $mailbox),
'user_acls' => acl('get', 'user', $mailbox),
'mailbox_details' => $result
];
}
elseif (isset($_GET['relayhost']) && is_numeric($_GET["relayhost"]) && !empty($_GET["relayhost"])) {

309
data/web/inc/functions.mailbox.inc.php
View File

@@ -337,7 +337,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$enc1 = $_data['enc1'];
$custom_params = (empty(trim($_data['custom_params']))) ? '' : trim($_data['custom_params']);
// Workaround, fixme
if (strpos($custom_params, 'pipemess')) {
if (stripos($custom_params, 'pipemess') || stripos($custom_params, 'pipemes')) {
$custom_params = '';
}
if (empty($subfolder2)) {
@@ -443,16 +443,15 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
if ($_SESSION['mailcow_cc_role'] != "admin") {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_extra),
'msg' => 'access_denied'
);
return false;
}
$domain = idn_to_ascii(strtolower(trim($_data['domain'])), 0, INTL_IDNA_VARIANT_UTS46);
$description = $_data['description'];
if (empty($description)) {
$description = $domain;
}
if (empty($description)) $description = $domain;
$tags = (array)$_data['tags'];
$aliases = (int)$_data['aliases'];
$mailboxes = (int)$_data['mailboxes'];
$defquota = (int)$_data['defquota'];
@@ -545,10 +544,12 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
);
return false;
}
$stmt = $pdo->prepare("DELETE FROM `sender_acl` WHERE `external` = 1 AND `send_as` LIKE :domain");
$stmt->execute(array(
':domain' => '%@' . $domain
));
// save domain
$stmt = $pdo->prepare("INSERT INTO `domain` (`domain`, `description`, `aliases`, `mailboxes`, `defquota`, `maxquota`, `quota`, `backupmx`, `gal`, `active`, `relay_unknown_only`, `relay_all_recipients`)
VALUES (:domain, :description, :aliases, :mailboxes, :defquota, :maxquota, :quota, :backupmx, :gal, :active, :relay_unknown_only, :relay_all_recipients)");
$stmt->execute(array(
@@ -565,6 +566,24 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
':relay_unknown_only' => $relay_unknown_only,
':relay_all_recipients' => $relay_all_recipients
));
// save tags
foreach($tags as $index => $tag){
if (empty($tag)) continue;
if ($index > $GLOBALS['TAGGING_LIMIT']) {
$_SESSION['return'][] = array(
'type' => 'warning',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('tag_limit_exceeded', 'limit '.$GLOBALS['TAGGING_LIMIT'])
);
break;
}
$stmt = $pdo->prepare("INSERT INTO `tags_domain` (`domain`, `tag_name`) VALUES (:domain, :tag_name)");
$stmt->execute(array(
':domain' => $domain,
':tag_name' => $tag,
));
}
try {
$redis->hSet('DOMAIN_MAP', $domain, 1);
}
@@ -942,6 +961,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$password = $_data['password'];
$password2 = $_data['password2'];
$name = ltrim(rtrim($_data['name'], '>'), '<');
$tags = $_data['tags'];
$quota_m = intval($_data['quota']);
if ((!isset($_SESSION['acl']['unlimited_quota']) || $_SESSION['acl']['unlimited_quota'] != "1") && $quota_m === 0) {
$_SESSION['return'][] = array(
@@ -1103,6 +1123,23 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$stmt->execute(array(
':username' => $username
));
// save tags
foreach($tags as $index => $tag){
if (empty($tag)) continue;
if ($index > $GLOBALS['TAGGING_LIMIT']) {
$_SESSION['return'][] = array(
'type' => 'warning',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('tag_limit_exceeded', 'limit '.$GLOBALS['TAGGING_LIMIT'])
);
break;
}
$stmt = $pdo->prepare("INSERT INTO `tags_mailbox` (`username`, `tag_name`) VALUES (:username, :tag_name)");
$stmt->execute(array(
':username' => $username,
':tag_name' => $tag,
));
}
$stmt = $pdo->prepare("INSERT INTO `quota2` (`username`, `bytes`, `messages`)
VALUES (:username, '0', '0') ON DUPLICATE KEY UPDATE `bytes` = '0', `messages` = '0';");
$stmt->execute(array(':username' => $username));
@@ -1709,7 +1746,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
);
continue;
}
if (strpos($custom_params, 'pipemess')) {
if (stripos($custom_params, 'pipemess') || stripos($custom_params, 'pipemes')) {
$custom_params = '';
}
if (empty($subfolder2)) {
@@ -2146,6 +2183,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$gal = (isset($_data['gal'])) ? intval($_data['gal']) : $is_now['gal'];
$description = (!empty($_data['description']) && isset($_SESSION['acl']['domain_desc']) && $_SESSION['acl']['domain_desc'] == "1") ? $_data['description'] : $is_now['description'];
(int)$relayhost = (isset($_data['relayhost']) && isset($_SESSION['acl']['domain_relayhost']) && $_SESSION['acl']['domain_relayhost'] == "1") ? intval($_data['relayhost']) : intval($is_now['relayhost']);
$tags = (is_array($_data['tags']) ? $_data['tags'] : array());
}
else {
$_SESSION['return'][] = array(
@@ -2155,6 +2193,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
);
continue;
}
$stmt = $pdo->prepare("UPDATE `domain` SET
`description` = :description,
`gal` = :gal
@@ -2164,6 +2203,24 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
':gal' => $gal,
':domain' => $domain
));
// save tags
foreach($tags as $index => $tag){
if (empty($tag)) continue;
if ($index > $GLOBALS['TAGGING_LIMIT']) {
$_SESSION['return'][] = array(
'type' => 'warning',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('tag_limit_exceeded', 'limit '.$GLOBALS['TAGGING_LIMIT'])
);
break;
}
$stmt = $pdo->prepare("INSERT INTO `tags_domain` (`domain`, `tag_name`) VALUES (:domain, :tag_name)");
$stmt->execute(array(
':domain' => $domain,
':tag_name' => $tag,
));
}
$_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
@@ -2185,6 +2242,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$maxquota = (!empty($_data['maxquota'])) ? $_data['maxquota'] : ($is_now['max_quota_for_mbox'] / 1048576);
$quota = (!empty($_data['quota'])) ? $_data['quota'] : ($is_now['max_quota_for_domain'] / 1048576);
$description = (!empty($_data['description'])) ? $_data['description'] : $is_now['description'];
$tags = (is_array($_data['tags']) ? $_data['tags'] : array());
if ($relay_all_recipients == '1') {
$backupmx = '1';
}
@@ -2283,6 +2341,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
);
continue;
}
$stmt = $pdo->prepare("UPDATE `domain` SET
`relay_all_recipients` = :relay_all_recipients,
`relay_unknown_only` = :relay_unknown_only,
@@ -2312,6 +2371,24 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
':description' => $description,
':domain' => $domain
));
// save tags
foreach($tags as $index => $tag){
if (empty($tag)) continue;
if ($index > $GLOBALS['TAGGING_LIMIT']) {
$_SESSION['return'][] = array(
'type' => 'warning',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('tag_limit_exceeded', 'limit '.$GLOBALS['TAGGING_LIMIT'])
);
break;
}
$stmt = $pdo->prepare("INSERT INTO `tags_domain` (`domain`, `tag_name`) VALUES (:domain, :tag_name)");
$stmt->execute(array(
':domain' => $domain,
':tag_name' => $tag,
));
}
$_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
@@ -2360,6 +2437,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$quota_b = $quota_m * 1048576;
$password = (!empty($_data['password'])) ? $_data['password'] : null;
$password2 = (!empty($_data['password2'])) ? $_data['password2'] : null;
$tags = (is_array($_data['tags']) ? $_data['tags'] : array());
}
else {
$_SESSION['return'][] = array(
@@ -2636,6 +2714,24 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
':relayhost' => $relayhost,
':username' => $username
));
// save tags
foreach($tags as $index => $tag){
if (empty($tag)) continue;
if ($index > $GLOBALS['TAGGING_LIMIT']) {
$_SESSION['return'][] = array(
'type' => 'warning',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('tag_limit_exceeded', 'limit '.$GLOBALS['TAGGING_LIMIT'])
);
break;
}
$stmt = $pdo->prepare("INSERT INTO `tags_mailbox` (`username`, `tag_name`) VALUES (:username, :tag_name)");
$stmt->execute(array(
':username' => $username,
':tag_name' => $tag,
));
}
$_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
@@ -2851,10 +2947,34 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
break;
case 'mailboxes':
$mailboxes = array();
if (isset($_data) && !hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data)) {
return false;
if (isset($_extra) && is_array($_extra) && isset($_data)) {
// get by domain and tags
$tags = is_array($_extra) ? $_extra : array();
$sql = "";
foreach ($tags as $key => $tag) {
$sql = $sql."SELECT DISTINCT `username` FROM `tags_mailbox` WHERE `username` LIKE ? AND `tag_name` LIKE ?"; // distinct, avoid duplicates
if ($key === array_key_last($tags)) break;
$sql = $sql.' UNION DISTINCT '; // combine querys with union - distinct, avoid duplicates
}
// prepend domain to array
$params = array();
foreach ($tags as $key => $val){
array_push($params, '%'.$_data.'%');
array_push($params, '%'.$val.'%');
}
$stmt = $pdo->prepare($sql);
$stmt->execute($params);
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
while($row = array_shift($rows)) {
if (hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], explode('@', $row['username'])[1]))
$mailboxes[] = $row['username'];
}
}
elseif (isset($_data) && hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data)) {
// get by domain
$stmt = $pdo->prepare("SELECT `username` FROM `mailbox` WHERE (`kind` = '' OR `kind` = NULL) AND `domain` = :domain");
$stmt->execute(array(
':domain' => $_data,
@@ -3348,20 +3468,46 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
if ($_SESSION['mailcow_cc_role'] != "admin" && $_SESSION['mailcow_cc_role'] != "domainadmin") {
return false;
}
$stmt = $pdo->prepare("SELECT `domain` FROM `domain`
WHERE (`domain` IN (
SELECT `domain` from `domain_admins`
WHERE (`active`='1' AND `username` = :username))
)
OR 'admin'= :role");
$stmt->execute(array(
':username' => $_SESSION['mailcow_cc_username'],
':role' => $_SESSION['mailcow_cc_role'],
));
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
while($row = array_shift($rows)) {
$domains[] = $row['domain'];
if (isset($_extra) && is_array($_extra)){
// get by tags
$tags = is_array($_extra) ? $_extra : array();
// add % as prefix and suffix to every element for relative searching
$tags = array_map(function($x){ return '%'.$x.'%'; }, $tags);
$sql = "";
foreach ($tags as $key => $tag) {
$sql = $sql."SELECT DISTINCT `domain` FROM `tags_domain` WHERE `tag_name` LIKE ?"; // distinct, avoid duplicates
if ($key === array_key_last($tags)) break;
$sql = $sql.' UNION DISTINCT '; // combine querys with union - distinct, avoid duplicates
}
$stmt = $pdo->prepare($sql);
$stmt->execute($tags);
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
while($row = array_shift($rows)) {
if ($_SESSION['mailcow_cc_role'] == "admin")
$domains[] = $row['domain'];
elseif (hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $row['domain']))
$domains[] = $row['domain'];
}
} else {
// get all
$stmt = $pdo->prepare("SELECT `domain` FROM `domain`
WHERE (`domain` IN (
SELECT `domain` from `domain_admins`
WHERE (`active`='1' AND `username` = :username))
)
OR 'admin'= :role");
$stmt->execute(array(
':username' => $_SESSION['mailcow_cc_username'],
':role' => $_SESSION['mailcow_cc_role'],
));
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
while($row = array_shift($rows)) {
$domains[] = $row['domain'];
}
}
return $domains;
break;
case 'domain_details':
@@ -3478,6 +3624,16 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$domain_admins = $stmt->fetch(PDO::FETCH_ASSOC);
(isset($domain_admins['domain_admins'])) ? $domaindata['domain_admins'] = $domain_admins['domain_admins'] : $domaindata['domain_admins'] = "-";
}
$stmt = $pdo->prepare("SELECT `tag_name`
FROM `tags_domain` WHERE `domain`= :domain");
$stmt->execute(array(
':domain' => $_data
));
$tags = $stmt->fetchAll(PDO::FETCH_ASSOC);
while ($tag = array_shift($tags)) {
$domaindata['tags'][] = $tag['tag_name'];
}
return $domaindata;
break;
case 'mailbox_details':
@@ -3613,6 +3769,15 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
}
$mailboxdata['is_relayed'] = $row['backupmx'];
}
$stmt = $pdo->prepare("SELECT `tag_name`
FROM `tags_mailbox` WHERE `username`= :username");
$stmt->execute(array(
':username' => $_data
));
$tags = $stmt->fetchAll(PDO::FETCH_ASSOC);
while ($tag = array_shift($tags)) {
$mailboxdata['tags'][] = $tag['tag_name'];
}
return $mailboxdata;
break;
@@ -4342,6 +4507,108 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
);
}
break;
case 'tags_domain':
if (!is_array($_data['domain'])) {
$domains = array();
$domains[] = $_data['domain'];
}
else {
$domains = $_data['domain'];
}
$tags = $_data['tags'];
if (!is_array($tags)) $tags = array();
if ($_SESSION['mailcow_cc_role'] != "admin") {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
return false;
}
$wasModified = false;
foreach ($domains as $domain) {
if (!is_valid_domain_name($domain)) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'domain_invalid'
);
continue;
}
foreach($tags as $tag){
// delete tag
$wasModified = true;
$stmt = $pdo->prepare("DELETE FROM `tags_domain` WHERE `domain` = :domain AND `tag_name` = :tag_name");
$stmt->execute(array(
':domain' => $domain,
':tag_name' => $tag,
));
}
}
if (!$wasModified) return false;
$_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('domain_modified', $domain)
);
break;
case 'tags_mailbox':
if (!is_array($_data['username'])) {
$usernames = array();
$usernames[] = $_data['username'];
}
else {
$usernames = $_data['username'];
}
$tags = $_data['tags'];
if (!is_array($tags)) $tags = array();
$wasModified = false;
foreach ($usernames as $username) {
if (!filter_var($username, FILTER_VALIDATE_EMAIL)) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'email invalid'
);
continue;
}
$is_now = mailbox('get', 'mailbox_details', $username);
$domain = $is_now['domain'];
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
continue;
}
// delete tags
foreach($tags as $tag){
$wasModified = true;
$stmt = $pdo->prepare("DELETE FROM `tags_mailbox` WHERE `username` = :username AND `tag_name` = :tag_name");
$stmt->execute(array(
':username' => $username,
':tag_name' => $tag,
));
}
}
if (!$wasModified) return false;
$_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('mailbox_modified', $username)
);
break;
}
break;
}

104
data/web/inc/init_db.inc.php
View File

@@ -3,7 +3,7 @@ function init_db_schema() {
try {
global $pdo;
$db_version = "18012022_1020";
$db_version = "20052022_0938";
$stmt = $pdo->query("SHOW TABLES LIKE 'versions'");
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
@@ -23,35 +23,35 @@ function init_db_schema() {
}
$views = array(
"grouped_mail_aliases" => "CREATE VIEW grouped_mail_aliases (username, aliases) AS
SELECT goto, IFNULL(GROUP_CONCAT(address ORDER BY address SEPARATOR ' '), '') AS address FROM alias
WHERE address!=goto
AND active = '1'
AND sogo_visible = '1'
AND address NOT LIKE '@%'
GROUP BY goto;",
// START
// Unused at the moment - we cannot allow to show a foreign mailbox as sender address in SOGo, as SOGo does not like this
// We need to create delegation in SOGo AND set a sender_acl in mailcow to allow to send as user X
"grouped_sender_acl" => "CREATE VIEW grouped_sender_acl (username, send_as_acl) AS
SELECT logged_in_as, IFNULL(GROUP_CONCAT(send_as SEPARATOR ' '), '') AS send_as_acl FROM sender_acl
WHERE send_as NOT LIKE '@%'
GROUP BY logged_in_as;",
// END
"grouped_sender_acl_external" => "CREATE VIEW grouped_sender_acl_external (username, send_as_acl) AS
SELECT logged_in_as, IFNULL(GROUP_CONCAT(send_as SEPARATOR ' '), '') AS send_as_acl FROM sender_acl
WHERE send_as NOT LIKE '@%' AND external = '1'
GROUP BY logged_in_as;",
"grouped_domain_alias_address" => "CREATE VIEW grouped_domain_alias_address (username, ad_alias) AS
SELECT username, IFNULL(GROUP_CONCAT(local_part, '@', alias_domain SEPARATOR ' '), '') AS ad_alias FROM mailbox
LEFT OUTER JOIN alias_domain ON target_domain=domain
GROUP BY username;",
"sieve_before" => "CREATE VIEW sieve_before (id, username, script_name, script_data) AS
SELECT md5(script_data), username, script_name, script_data FROM sieve_filters
WHERE filter_type = 'prefilter';",
"sieve_after" => "CREATE VIEW sieve_after (id, username, script_name, script_data) AS
SELECT md5(script_data), username, script_name, script_data FROM sieve_filters
WHERE filter_type = 'postfilter';"
"grouped_mail_aliases" => "CREATE VIEW grouped_mail_aliases (username, aliases) AS
SELECT goto, IFNULL(GROUP_CONCAT(address ORDER BY address SEPARATOR ' '), '') AS address FROM alias
WHERE address!=goto
AND active = '1'
AND sogo_visible = '1'
AND address NOT LIKE '@%'
GROUP BY goto;",
// START
// Unused at the moment - we cannot allow to show a foreign mailbox as sender address in SOGo, as SOGo does not like this
// We need to create delegation in SOGo AND set a sender_acl in mailcow to allow to send as user X
"grouped_sender_acl" => "CREATE VIEW grouped_sender_acl (username, send_as_acl) AS
SELECT logged_in_as, IFNULL(GROUP_CONCAT(send_as SEPARATOR ' '), '') AS send_as_acl FROM sender_acl
WHERE send_as NOT LIKE '@%'
GROUP BY logged_in_as;",
// END
"grouped_sender_acl_external" => "CREATE VIEW grouped_sender_acl_external (username, send_as_acl) AS
SELECT logged_in_as, IFNULL(GROUP_CONCAT(send_as SEPARATOR ' '), '') AS send_as_acl FROM sender_acl
WHERE send_as NOT LIKE '@%' AND external = '1'
GROUP BY logged_in_as;",
"grouped_domain_alias_address" => "CREATE VIEW grouped_domain_alias_address (username, ad_alias) AS
SELECT username, IFNULL(GROUP_CONCAT(local_part, '@', alias_domain SEPARATOR ' '), '') AS ad_alias FROM mailbox
LEFT OUTER JOIN alias_domain ON target_domain=domain
GROUP BY username;",
"sieve_before" => "CREATE VIEW sieve_before (id, username, script_name, script_data) AS
SELECT md5(script_data), username, script_name, script_data FROM sieve_filters
WHERE filter_type = 'prefilter';",
"sieve_after" => "CREATE VIEW sieve_after (id, username, script_name, script_data) AS
SELECT md5(script_data), username, script_name, script_data FROM sieve_filters
WHERE filter_type = 'postfilter';"
);
$tables = array(
@@ -251,6 +251,26 @@ function init_db_schema() {
),
"attr" => "ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC"
),
"tags_domain" => array(
"cols" => array(
"tag_name" => "VARCHAR(255) NOT NULL",
"domain" => "VARCHAR(255) NOT NULL"
),
"keys" => array(
"fkey" => array(
"fk_tags_domain" => array(
"col" => "domain",
"ref" => "domain.domain",
"delete" => "CASCADE",
"update" => "NO ACTION"
)
),
"unique" => array(
"tag_name" => array("tag_name", "domain")
)
),
"attr" => "ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC"
),
"tls_policy_override" => array(
"cols" => array(
"id" => "INT NOT NULL AUTO_INCREMENT",
@@ -325,6 +345,26 @@ function init_db_schema() {
),
"attr" => "ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC"
),
"tags_mailbox" => array(
"cols" => array(
"tag_name" => "VARCHAR(255) NOT NULL",
"username" => "VARCHAR(255) NOT NULL"
),
"keys" => array(
"fkey" => array(
"fk_tags_mailbox" => array(
"col" => "username",
"ref" => "mailbox.username",
"delete" => "CASCADE",
"update" => "NO ACTION"
)
),
"unique" => array(
"tag_name" => array("tag_name", "username")
)
),
"attr" => "ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC"
),
"sieve_filters" => array(
"cols" => array(
"id" => "INT NOT NULL AUTO_INCREMENT",
@@ -864,7 +904,7 @@ function init_db_schema() {
"sogo_sessions_folder" => array(
"cols" => array(
"c_id" => "VARCHAR(255) NOT NULL",
"c_value" => "VARCHAR(255) NOT NULL",
"c_value" => "VARCHAR(4096) NOT NULL",
"c_creationdate" => "INT(11) NOT NULL",
"c_lastseen" => "INT(11) NOT NULL"
),
@@ -1188,7 +1228,7 @@ function init_db_schema() {
}
// Mitigate imapsync pipemess issue
$pdo->query("UPDATE `imapsync` SET `custom_params` = '' WHERE `custom_params` LIKE '%pipemess%';");
$pdo->query("UPDATE `imapsync` SET `custom_params` = '' WHERE `custom_params` LIKE '%pipemess%' OR `custom_params` LIKE '%pipemes%';");
// Migrate webauthn tfa
$stmt = $pdo->query("ALTER TABLE `tfa` MODIFY COLUMN `authmech` ENUM('yubi_otp', 'u2f', 'hotp', 'totp', 'webauthn')");

4
data/web/inc/vars.inc.php
View File

@@ -100,6 +100,7 @@ $AVAILABLE_LANGUAGES = array(
'ru' => 'Pусский (Russian)',
'sk' => 'Slovenčina (Slovak)',
'sv' => 'Svenska (Swedish)',
'uk' => 'Українська (Ukrainian)',
'zh' => '中文 (Chinese)'
);
@@ -148,6 +149,9 @@ $ACCESS_TOKEN_LIFETIME = 86400;
// Logout from mailcow after first OAuth2 session profile request
$OAUTH2_FORGET_SESSION_AFTER_LOGIN = false;
// Set a limit for mailbox and domain tagging
$TAGGING_LIMIT = 25;
// MAILBOX_DEFAULT_ATTRIBUTES define default attributes for new mailboxes
// These settings will not change existing mailboxes

17
data/web/js/build/012-api.js
View File

@@ -156,6 +156,12 @@ $(document).ready(function() {
});
if (!invalid) {
var attr_to_merge = $(this).closest("form").serializeObject();
// parse possible JSON Strings
for (var [key, value] of Object.entries(attr_to_merge)) {
try {
attr_to_merge[key] = JSON.parse(attr_to_merge[key]);
} catch {}
}
var api_attr = $.extend(api_attr, attr_to_merge)
} else {
return false;
@@ -263,6 +269,12 @@ $(document).ready(function() {
});
if (!invalid) {
var attr_to_merge = $(this).closest("form").serializeObject();
// parse possible JSON Strings
for (var [key, value] of Object.entries(attr_to_merge)) {
try {
attr_to_merge[key] = JSON.parse(attr_to_merge[key]);
} catch {}
}
var api_attr = $.extend(api_attr, attr_to_merge)
} else {
return false;
@@ -329,6 +341,7 @@ $(document).ready(function() {
multi_data[id].splice($.inArray($(this).data('item'), multi_data[id]), 1);
multi_data[id].push($(this).data('item'));
}
if (typeof $(this).data('text') !== 'undefined') {
$("#DeleteText").empty();
$("#DeleteText").text($(this).data('text'));
@@ -340,9 +353,9 @@ $(document).ready(function() {
$("#ItemsToDelete").empty();
for (var i in data_array) {
data_array[i] = decodeURIComponent(data_array[i]);
$("#ItemsToDelete").append("<li>" + data_array[i] + "</li>");
$("#ItemsToDelete").append("<li>" + escapeHtml(data_array[i]) + "</li>");
}
})
});
$('#ConfirmDeleteModal').modal({
backdrop: 'static',
keyboard: false

47
data/web/js/build/014-mailcow.js
View File

@@ -273,4 +273,51 @@ $(document).ready(function() {
}
}
});
// tag boxes
$('.tag-box .tag-add').click(function(){
addTag(this);
});
$(".tag-box .tag-input").keydown(function (e) {
if (e.which == 13){
e.preventDefault();
addTag(this);
}
});
function addTag(tagAddElem){
var tagboxElem = $(tagAddElem).parent();
var tagInputElem = $(tagboxElem).find(".tag-input")[0];
var tagValuesElem = $(tagboxElem).find(".tag-values")[0];
var tag = escapeHtml($(tagInputElem).val());
if (!tag) return;
var value_tags = [];
try {
value_tags = JSON.parse($(tagValuesElem).val());
} catch {}
if (!Array.isArray(value_tags)) value_tags = [];
if (value_tags.includes(tag)) return;
$('<span class="badge badge-primary tag-badge btn-badge"><i class="bi bi-tag-fill"></i> ' + tag + '</span>').insertBefore('.tag-input').click(function(){
var del_tag = unescapeHtml($(this).text());
var del_tags = [];
try {
del_tags = JSON.parse($(tagValuesElem).val());
} catch {}
if (Array.isArray(del_tags)){
del_tags.splice(del_tags.indexOf(del_tag), 1);
$(tagValuesElem).val(JSON.stringify(del_tags));
}
$(this).remove();
});
value_tags.push($(tagInputElem).val());
$(tagValuesElem).val(JSON.stringify(value_tags));
$(tagInputElem).val('');
}
});
// http://stackoverflow.com/questions/24816/escaping-html-strings-with-jquery
function escapeHtml(n){var entityMap={"&":"&amp;","<":"&lt;",">":"&gt;",'"':"&quot;","'":"&#39;","/":"&#x2F;","`":"&#x60;","=":"&#x3D;"}; return String(n).replace(/[&<>"'`=\/]/g,function(n){return entityMap[n]})}
function unescapeHtml(t){var n={"&amp;":"&","&lt;":"<","&gt;":">","&quot;":'"',"&#39;":"'","&#x2F;":"/","&#x60;":"`","&#x3D;":"="};return String(t).replace(/&amp;|&lt;|&gt;|&quot;|&#39;|&#x2F|&#x60|&#x3D;/g,function(t){return n[t]})}

122
data/web/js/site/mailbox.js
View File

@@ -99,37 +99,6 @@ $(document).ready(function() {
});
auto_fill_quota($('#addSelectDomain').val());
// Read bcc local dests
// Using ajax to not be a blocking moo
$.get("/api/v1/get/bcc-destination-options", function(data){
// Domains
var optgroup = "<optgroup label='" + lang.domains + "'>";
$.each(data.domains, function(index, domain){
optgroup += "<option value='" + domain + "'>" + domain + "</option>"
});
optgroup += "</optgroup>"
$('#bcc-local-dest').append(optgroup);
// Alias domains
var optgroup = "<optgroup label='" + lang.domain_aliases + "'>";
$.each(data.alias_domains, function(index, alias_domain){
optgroup += "<option value='" + alias_domain + "'>" + alias_domain + "</option>"
});
optgroup += "</optgroup>"
$('#bcc-local-dest').append(optgroup);
// Mailboxes and aliases
$.each(data.mailboxes, function(mailbox, aliases){
var optgroup = "<optgroup label='" + mailbox + "'>";
$.each(aliases, function(index, alias){
optgroup += "<option value='" + alias + "'>" + alias + "</option>"
});
optgroup += "</optgroup>"
$('#bcc-local-dest').append(optgroup);
});
// Finish
$('#bcc-local-dest').find('option:selected').remove();
$('#bcc-local-dest').selectpicker('refresh');
});
$(".goto_checkbox").click(function( event ) {
$("form[data-id='add_alias'] .goto_checkbox").not(this).prop('checked', false);
if ($("form[data-id='add_alias'] .goto_checkbox:checked").length > 0) {
@@ -236,9 +205,6 @@ $(document).ready(function() {
});
jQuery(function($){
// http://stackoverflow.com/questions/24816/escaping-html-strings-with-jquery
var entityMap={"&":"&amp;","<":"&lt;",">":"&gt;",'"':"&quot;","'":"&#39;","/":"&#x2F;","`":"&#x60;","=":"&#x3D;"};
function escapeHtml(n){return String(n).replace(/[&<>"'`=\/]/g,function(n){return entityMap[n]})}
// http://stackoverflow.com/questions/46155/validate-email-address-in-javascript
function humanFileSize(i){if(Math.abs(i)<1024)return i+" B";var B=["KiB","MiB","GiB","TiB","PiB","EiB","ZiB","YiB"],e=-1;do{i/=1024,++e}while(Math.abs(i)>=1024&&e<B.length-1);return i.toFixed(1)+" "+B[e]}
function unix_time_format(i){return""==i?'<i class="bi bi-x-lg"></i>':new Date(i?1e3*i:0).toLocaleDateString(void 0,{year:"numeric",month:"2-digit",day:"2-digit",hour:"2-digit",minute:"2-digit",second:"2-digit"})}
@@ -293,6 +259,7 @@ jQuery(function($){
{"name":"rl","title":"RL","breakpoints":"xs sm md lg","style":{"min-width":"100px","width":"100px"}},
{"name":"backupmx","filterable": false,"style":{"min-width":"120px","width":"120px"},"title":lang.backup_mx,"breakpoints":"xs sm md lg","formatter": function(value){return 1==value?'<i class="bi bi-check-lg"></i>':0==value&&'<i class="bi bi-x-lg"></i>';}},
{"name":"domain_admins","title":lang.domain_admins,"style":{"word-break":"break-all","min-width":"200px"},"breakpoints":"xs sm md lg","filterable":(role == "admin"),"visible":(role == "admin")},
{"name":"tags","title":"Tags","style":{},"breakpoints":"xs sm md lg"},
{"name":"active","filterable": false,"style":{"min-width":"80px","width":"80px"},"title":lang.active,"formatter": function(value){return 1==value?'<i class="bi bi-check-lg"></i>':0==value&&'<i class="bi bi-x-lg"></i>';}},
{"name":"action","filterable": false,"sortable": false,"style":{"text-align":"right","min-width":"240px","width":"240px"},"type":"html","title":lang.action,"breakpoints":"xs sm md"}
],
@@ -330,6 +297,13 @@ jQuery(function($){
'<a href="#dnsInfoModal" class="btn btn-xs btn-xs-half btn-info" data-toggle="modal" data-domain="' + encodeURIComponent(item.domain_name) + '"><i class="bi bi-globe2"></i> DNS</a></div>';
}
if (Array.isArray(item.tags)){
var tags = '';
for (var i = 0; i < item.tags.length; i++)
tags += '<span class="badge badge-primary tag-badge"><i class="bi bi-tag-fill"></i> ' + escapeHtml(item.tags[i]) + '</span>';
item.tags = tags;
}
if (item.backupmx == 1) {
if (item.relay_unknown_only == 1) {
item.domain_name = '<div class="label label-info">Relay Non-Local</div> ' + item.domain_name;
@@ -418,6 +392,7 @@ jQuery(function($){
},
{"name":"messages","filterable": false,"title":lang.msg_num,"breakpoints":"xs sm md"},
/* {"name":"rl","title":"RL","breakpoints":"all","style":{"width":"125px"}}, */
{"name":"tags","title":"Tags","style":{},"breakpoints":"xs sm md lg"},
{"name":"active","filterable": false,"style":{"min-width":"80px","width":"80px"},"title":lang.active,"formatter": function(value){return 1==value?'<i class="bi bi-check-lg"></i>':(0==value?'<i class="bi bi-x-lg"></i>':2==value&&'&#8212;');}},
{"name":"action","filterable": false,"sortable": false,"style":{"min-width":"290px","text-align":"right"},"type":"html","title":lang.action,"breakpoints":"xs sm md"}
],
@@ -497,6 +472,13 @@ jQuery(function($){
'<div class="progress-bar-mailbox progress-bar progress-bar-' + item.percent_class + '" role="progressbar" aria-valuenow="' + item.percent_in_use + '" aria-valuemin="0" aria-valuemax="100" ' +
'style="min-width:2em;width:' + item.percent_in_use + '%">' + item.percent_in_use + '%' + '</div></div>';
item.username = escapeHtml(item.username);
if (Array.isArray(item.tags)){
var tags = '';
for (var i = 0; i < item.tags.length; i++)
tags += '<span class="badge badge-primary tag-badge"><i class="bi bi-tag-fill"></i> ' + escapeHtml(item.tags[i]) + '</span>';
item.tags = tags;
}
});
}
}),
@@ -571,6 +553,7 @@ jQuery(function($){
'</div>';
item.chkbox = '<input type="checkbox" data-id="resource" name="multi_select" value="' + encodeURIComponent(item.name) + '" />';
item.name = escapeHtml(item.name);
item.description = escapeHtml(item.description);
});
}
}),
@@ -610,6 +593,37 @@ jQuery(function($){
});
}
function draw_bcc_table() {
// Read bcc local dests
// Using ajax to not be a blocking moo
$.get("/api/v1/get/bcc-destination-options", function(data){
// Domains
var optgroup = "<optgroup label='" + lang.domains + "'>";
$.each(data.domains, function(index, domain){
optgroup += "<option value='" + domain + "'>" + domain + "</option>"
});
optgroup += "</optgroup>"
$('#bcc-local-dest').append(optgroup);
// Alias domains
var optgroup = "<optgroup label='" + lang.domain_aliases + "'>";
$.each(data.alias_domains, function(index, alias_domain){
optgroup += "<option value='" + alias_domain + "'>" + alias_domain + "</option>"
});
optgroup += "</optgroup>"
$('#bcc-local-dest').append(optgroup);
// Mailboxes and aliases
$.each(data.mailboxes, function(mailbox, aliases){
var optgroup = "<optgroup label='" + mailbox + "'>";
$.each(aliases, function(index, alias){
optgroup += "<option value='" + alias + "'>" + alias + "</option>"
});
optgroup += "</optgroup>"
$('#bcc-local-dest').append(optgroup);
});
// Finish
$('#bcc-local-dest').find('option:selected').remove();
$('#bcc-local-dest').selectpicker('refresh');
});
ft_bcc_table = FooTable.init('#bcc_table', {
"columns": [
{"name":"chkbox","title":"","style":{"min-width":"60px","width":"60px"},"filterable": false,"sortable": false,"type":"html"},
@@ -1009,7 +1023,7 @@ jQuery(function($){
if (!item.exclude > 0) {
item.exclude = '-';
} else {
item.exclude = '<code>' + item.exclude + '</code>';
item.exclude = '<code>' + escapeHtml(item.exclude) + '</code>';
}
item.server_w_port = escapeHtml(item.user1) + '@' + item.host1 + ':' + item.port1;
item.action = '<div class="btn-group footable-actions">' +
@@ -1147,15 +1161,33 @@ jQuery(function($){
event.stopPropagation();
})
draw_domain_table();
draw_mailbox_table();
draw_resource_table();
draw_alias_table();
draw_aliasdomain_table();
draw_sync_job_table();
draw_filter_table();
draw_bcc_table();
draw_recipient_map_table();
draw_tls_policy_table();
// detect element visibility changes
function onVisible(element, callback) {
$(element).ready(function() {
element_object = document.querySelector(element)
new IntersectionObserver((entries, observer) => {
entries.forEach(entry => {
if(entry.intersectionRatio > 0) {
callback(element_object);
observer.disconnect();
}
});
}).observe(element_object);
});
}
// Load only if the tab is visible
onVisible("[id^=tab-domains]", () => draw_domain_table());
onVisible("[id^=tab-mailboxes]", () => draw_mailbox_table());
onVisible("[id^=tab-resources]", () => draw_resource_table());
onVisible("[id^=tab-mbox-aliases]", () => draw_alias_table());
onVisible("[id^=tab-domain-aliases]", () => draw_aliasdomain_table());
onVisible("[id^=tab-syncjobs]", () => draw_sync_job_table());
onVisible("[id^=tab-filters]", () => draw_filter_table());
onVisible("[id^=tab-bcc]", () => {
draw_bcc_table();
draw_recipient_map_table();
});
onVisible("[id^=tab-tls-policy]", () => draw_tls_policy_table());
});

79
data/web/json_api.php
View File

@@ -14,8 +14,10 @@ function api_log($_data) {
if ($data == 'csrf_token') {
continue;
}
if ($value = json_decode($value, true)) {
unset($value["csrf_token"]);
$value = json_decode($value, true);
if ($value) {
if (is_array($value)) unset($value["csrf_token"]);
foreach ($value as $key => &$val) {
if(preg_match("/pass/i", $key)) {
$val = '*';
@@ -25,6 +27,7 @@ function api_log($_data) {
}
$data_var[] = $data . "='" . $value . "'";
}
try {
$log_line = array(
'time' => time(),
@@ -82,10 +85,10 @@ if (isset($_GET['query'])) {
if ($action == 'delete') {
$_POST['items'] = $request;
}
}
api_log($_POST);
$request_incomplete = json_encode(array(
'type' => 'error',
'msg' => 'Cannot find attributes in post data'
@@ -486,7 +489,12 @@ if (isset($_GET['query'])) {
case "domain":
switch ($object) {
case "all":
$domains = mailbox('get', 'domains');
$tags = null;
if (isset($_GET['tags']) && $_GET['tags'] != '')
$tags = explode(',', $_GET['tags']);
$domains = mailbox('get', 'domains', null, $tags);
if (!empty($domains)) {
foreach ($domains as $domain) {
if ($details = mailbox('get', 'domain_details', $domain)) {
@@ -952,23 +960,20 @@ if (isset($_GET['query'])) {
switch ($object) {
case "all":
case "reduced":
if (empty($extra)) {
$domains = mailbox('get', 'domains');
}
else {
$domains = explode(',', $extra);
}
$tags = null;
if (isset($_GET['tags']) && $_GET['tags'] != '')
$tags = explode(',', $_GET['tags']);
if (empty($extra)) $domains = mailbox('get', 'domains');
else $domains = explode(',', $extra);
if (!empty($domains)) {
foreach ($domains as $domain) {
$mailboxes = mailbox('get', 'mailboxes', $domain);
$mailboxes = mailbox('get', 'mailboxes', $domain, $tags);
if (!empty($mailboxes)) {
foreach ($mailboxes as $mailbox) {
if ($details = mailbox('get', 'mailbox_details', $mailbox, $object)) {
$data[] = $details;
}
else {
continue;
}
if ($details = mailbox('get', 'mailbox_details', $mailbox, $object)) $data[] = $details;
else continue;
}
}
}
@@ -980,8 +985,23 @@ if (isset($_GET['query'])) {
break;
default:
$data = mailbox('get', 'mailbox_details', $object);
process_get_return($data);
$tags = null;
if (isset($_GET['tags']) && $_GET['tags'] != '')
$tags = explode(',', $_GET['tags']);
if ($tags === null) {
$data = mailbox('get', 'mailbox_details', $object);
process_get_return($data);
} else {
$mailboxes = mailbox('get', 'mailboxes', $object, $tags);
if (is_array($mailboxes)) {
foreach ($mailboxes as $mailbox) {
if ($details = mailbox('get', 'mailbox_details', $mailbox))
$data[] = $details;
}
}
process_get_return($data, false);
}
break;
}
break;
@@ -1472,6 +1492,11 @@ if (isset($_GET['query'])) {
'solr_documents' => $solr_documents
));
break;
case "version":
echo json_encode(array(
'version' => $GLOBALS['MAILCOW_GIT_VERSION']
));
break;
}
}
break;
@@ -1575,13 +1600,25 @@ if (isset($_GET['query'])) {
process_delete_return(dkim('delete', array('domains' => $items)));
break;
case "domain":
process_delete_return(mailbox('delete', 'domain', array('domain' => $items)));
switch ($object){
case "tag":
process_delete_return(mailbox('delete', 'tags_domain', array('tags' => $items, 'domain' => $extra)));
break;
default:
process_delete_return(mailbox('delete', 'domain', array('domain' => $items)));
}
break;
case "alias-domain":
process_delete_return(mailbox('delete', 'alias_domain', array('alias_domain' => $items)));
break;
case "mailbox":
process_delete_return(mailbox('delete', 'mailbox', array('username' => $items)));
switch ($object){
case "tag":
process_delete_return(mailbox('delete', 'tags_mailbox', array('tags' => $items, 'username' => $extra)));
break;
default:
process_delete_return(mailbox('delete', 'mailbox', array('username' => $items)));
}
break;
case "resource":
process_delete_return(mailbox('delete', 'resource', array('name' => $items)));

2
data/web/lang/lang.cs.json
View File

@@ -298,7 +298,7 @@
"rsettings_preset_2": "Postmasteři chtějí dostávat spam",
"rsettings_preset_3": "Povolit jen určité odesílatele pro schránku (např. jen interní schránka)",
"rsettings_preset_4": "Deaktivujte Rspamd pro doménu",
"rspamd-com_settings": "<a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd dokumentace</a>\r\n - Název nastavení bude automaticky vygenerován, viz níže uvedené předvolby.",
"rspamd_com_settings": "<a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd dokumentace</a>\r\n - Název nastavení bude automaticky vygenerován, viz níže uvedené předvolby.",
"rspamd_global_filters": "Mapa globálních filtrů",
"rspamd_global_filters_agree": "Budu opatrný!",
"rspamd_global_filters_info": "Mapa globálních filtrů obsahuje jiné globální black- a whitelisty.",

2
data/web/lang/lang.da.json
View File

@@ -276,7 +276,7 @@
"rsettings_preset_1": "Deaktiver alt undtagen DKIM og satsgrænse for godkendte brugere",
"rsettings_preset_2": "Postmestere ønsker spam",
"rsettings_preset_3": "Tillad kun specifikke afsendere til en postkasse (dvs. kun brug som intern postkasse)",
"rspamd-com_settings": "Et indstillingsnavn genereres automatisk, se eksemplet på forudindstillinger nedenfor. For flere detaljer se <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd docs</a>",
"rspamd_com_settings": "Et indstillingsnavn genereres automatisk, se eksemplet på forudindstillinger nedenfor. For flere detaljer se <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd docs</a>",
"rspamd_global_filters": "Globale filterkort",
"rspamd_global_filters_agree": "Jeg vil være forsigtig!",
"rspamd_global_filters_info": "Global filter maps contain different kind of global black and whitelists.",

5
data/web/lang/lang.de.json
View File

@@ -106,7 +106,8 @@
"timeout2": "Timeout für Verbindung zum lokalen Host",
"username": "Benutzername",
"validate": "Validieren",
"validation_success": "Erfolgreich validiert"
"validation_success": "Erfolgreich validiert",
"tags": "Tags"
},
"admin": {
"access": "Zugang",
@@ -295,7 +296,7 @@
"rsettings_preset_2": "Spam an Postmaster-Adressen nicht blockieren",
"rsettings_preset_3": "Nur einem oder vielen Absendern erlauben, eine Mailbox anzuschreiben (etwa interne Mailboxen)",
"rsettings_preset_4": "Rspamd für eine Domain deaktivieren",
"rspamd-com_settings": "Ein Name wird automatisch generiert. Beispielinhalte zur Einsicht stehen nachstehend bereit. Siehe auch <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd docs</a>",
"rspamd_com_settings": "Ein Name wird automatisch generiert. Beispielinhalte zur Einsicht stehen nachstehend bereit. Siehe auch <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd docs</a>",
"rspamd_global_filters": "Globale Filter-Maps",
"rspamd_global_filters_agree": "Ich werde vorsichtig sein!",
"rspamd_global_filters_info": "Globale Filter-Maps steuern globales White- und Blacklisting dieses Servers.",

5
data/web/lang/lang.en.json
View File

@@ -99,6 +99,7 @@
"subscribeall": "Subscribe all folders",
"syncjob": "Add sync job",
"syncjob_hint": "Be aware that passwords need to be saved plain-text!",
"tags": "Tags",
"target_address": "Goto addresses",
"target_address_info": "<small>Full email address/es (comma-separated).</small>",
"target_domain": "Target domain",
@@ -299,7 +300,7 @@
"rsettings_preset_2": "Postmasters want spam",
"rsettings_preset_3": "Only allow specific senders for a mailbox (i.e. usage as internal mailbox only)",
"rsettings_preset_4": "Disable Rspamd for a domain",
"rspamd-com_settings": "A setting name will be auto-generated, please see the example presets below. For more details see <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd docs</a>",
"rspamd_com_settings": "A setting name will be auto-generated, please see the example presets below. For more details see <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd docs</a>",
"rspamd_global_filters": "Global filter maps",
"rspamd_global_filters_agree": "I will be careful!",
"rspamd_global_filters_info": "Global filter maps contain different kind of global black and whitelists.",
@@ -1133,7 +1134,7 @@
"spamfilter_table_remove": "remove",
"spamfilter_table_rule": "Rule",
"spamfilter_wl": "Whitelist",
"spamfilter_wl_desc": "Whitelisted email addresses to <b>never</b> classify as spam. Wildcards may be used. A filter is only applied to direct aliases (aliases with a single target mailbox) excluding catch-all aliases and a mailbox itself.",
"spamfilter_wl_desc": "Whitelisted email addresses are programmed to <b>never</b> classify as spam. Wildcards may be used. A filter is only applied to direct aliases (aliases with a single target mailbox) excluding catch-all aliases and a mailbox itself.",
"spamfilter_yellow": "Yellow: this message may be spam, will be tagged as spam and moved to your junk folder",
"status": "Status",
"sync_jobs": "Sync jobs",

2
data/web/lang/lang.es.json
View File

@@ -224,7 +224,7 @@
"rsettings_insert_preset": "Insertar ejemplo preestablecido \"%s\"",
"rsettings_preset_1": "Deshabilita todos menos DKIM y el límite de velocidad para usuarios autenticados",
"rsettings_preset_2": "Postmaster quiere correo no deseado",
"rspamd-com_settings": "<a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Documentación de Rspamd</a>\r\n - Se generará automáticamente un nombre de configuración, consulte los ajustes preestablecidos de ejemplo a continuación:",
"rspamd_com_settings": "<a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Documentación de Rspamd</a>\r\n - Se generará automáticamente un nombre de configuración, consulte los ajustes preestablecidos de ejemplo a continuación:",
"rspamd_settings_map": "Reglas de ajustes de rspamd",
"save": "Guardar cambios",
"search_domain_da": "Buscar dominios",

2
data/web/lang/lang.fi.json
View File

@@ -250,7 +250,7 @@
"rsettings_insert_preset": "Lisää esimerkki esimääritetty \"%s\"",
"rsettings_preset_1": "Poista käytöstä kaikki paitsi DKIM-ja Rate Limit-oikeudet todennetuille käyttäjille",
"rsettings_preset_2": "Postimaisteri haluaa roska postia",
"rspamd-com_settings": "<a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd docs</a>\r\n - Asetus nimi luodaan automaattisesti, Katso esimerkki esiasetukset alla.",
"rspamd_com_settings": "<a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd docs</a>\r\n - Asetus nimi luodaan automaattisesti, Katso esimerkki esiasetukset alla.",
"rspamd_settings_map": "Rspamd-asetukset",
"save": "Tallenna muutokset",
"search_domain_da": "Etsi verkko tunnuksia",

121
data/web/lang/lang.fr.json
View File

@@ -136,11 +136,11 @@
"arrival_time": "Heure d'arrivée (heure du serveur)",
"authed_user": "Utilisateur autorisé",
"ays": "Voulez-vous vraiment le faire ?",
"ban_list_info": "Consultez la liste des adresses IP interdites ci-dessous: <b>réseau (durée d'interdiction restante) - [actions]</b>.<br />Les adresses IP mises en file d'attente pour être interdites seront supprimées de la liste d'interdiction active dans quelques secondes.<br />Les étiquettes rouges indiquent des interdictions permanentes actives par liste noire.",
"ban_list_info": "Consultez la liste des adresses IP bannies ci-dessous : <b>réseau (durée de bannissement restante) - [actions]</b>.<br />Les adresses IP mises en file d'attente pour être dé-bannies seront supprimées de la liste de bannissement dans quelques secondes.<br />Les étiquettes rouges indiquent les bannissement permanent par liste noire.",
"change_logo": "Changer de logo",
"configuration": "Configuration",
"convert_html_to_text": "Convertir le code HTML en texte brut",
"credentials_transport_warning": "<b>Attention</b>: Lajout dune nouvelle entrée de carte de transport mettra à jour les informations didentification pour toutes les entrées avec une colonne nexthop correspondante.",
"credentials_transport_warning": "<b>Attention</b> : Lajout dune nouvelle entrée de carte de transport mettra à jour les informations didentification pour toutes les entrées avec une colonne nexthop.",
"customer_id": "ID client",
"customize": "Personnaliser",
"delete_queue": "Tout supprimer",
@@ -176,7 +176,7 @@
"f2b_netban_ipv4": "Taille du sous-réseau IPv4 pour l'application du bannissement (8-32)",
"f2b_netban_ipv6": "Taille du sous-réseau IPv6 pour l'application du bannissement (8-128)",
"f2b_parameters": "Paramètres Fail2ban",
"f2b_regex_info": "Logs pris en compte: SOGo, Postfix, Dovecot, PHP-FPM.",
"f2b_regex_info": "Logs pris en compte : SOGo, Postfix, Dovecot, PHP-FPM.",
"f2b_retry_window": "Fenêtre de nouvel essai pour le nb max. de tentatives",
"f2b_whitelist": "Réseaux/hôtes en liste blanche",
"filter_table": "Table de filtrage",
@@ -216,7 +216,7 @@
"no_record": "Aucun enregistrement",
"oauth2_client_id": "Client ID",
"oauth2_client_secret": "Secret client",
"oauth2_info": "L'implémentation OAuth2 prend en charge le type d'autorisation \"Authorization Code\" et émet des jetons d'actualisation.<br>\r\nLe serveur émet également automatiquement de nouveaux jetons d'actualisation, après qu'un jeton d'actualisation a été utilisé.<br><br>\r\n→ La portée par défaut est <i>profile</i>. Seuls les utilisateurs de boîte peuvent être authentifiés par rapport à OAuth2. Si le paramètre scope est omis, il revient au <i>profile</i>.<br>\r\n→ Le paramètre <i>state</i> doit être envoyé par le client dans le cadre de la demande d'autorisation.<br><br>\r\nChemins d'accès aux requêtes vers l'API OAuth <br>\r\n<ul>\r\n <li>Point de terminaison d'autorisation: <code>/oauth/authorize</code></li>\r\n <li>Point de terminaison du jeton: <code>/oauth/token</code></li>\r\n <li>Page de ressource: <code>/oauth/profile</code></li>\r\n</ul>\r\nLa régénération du secret client n'expirera pas les codes d'autorisation existants, mais ils ne renouvelleront pas leur jeton.<br><br>\r\nLa révocation des jetons clients entraînera la fin immédiate de toutes les sessions actives.\nTous les clients doivent se ré-authentifier.",
"oauth2_info": "L'implémentation OAuth2 prend en charge le type d'autorisation \"Authorization Code\" et émet des jetons d'actualisation.<br>\nLe serveur émet également automatiquement de nouveaux jetons d'actualisation, après qu'un jeton d'actualisation a été utilisé.<br><br>\n→ La portée par défaut est <i>profile</i>. Seuls les utilisateurs d'une boîte peuvent être authentifiés par rapport à OAuth2. Si le paramètre scope est omis, il revient au <i>profile</i>.<br>\n→ Le paramètre <i>state</i> doit être envoyé par le client dans le cadre de la demande d'autorisation.<br><br>\nChemins d'accès aux requêtes vers l'API OAuth <br>\n<ul>\n <li>Point de terminaison d'autorisation : <code>/oauth/authorize</code></li>\n <li>Point de terminaison du jeton : <code>/oauth/token</code></li>\n <li>Page de ressource : <code>/oauth/profile</code></li>\n</ul>\nLa régénération du secret client ne fera pas expirer les codes d'autorisation existants, mais ils ne pourront pas renouveler leur jeton.<br><br>\nLa révocation des jetons clients entraînera la fin immédiate de toutes les sessions actives. Tous les clients doivent se ré-authentifier.",
"oauth2_redirect_uri": "URI de redirection",
"oauth2_renew_secret": "Générer un nouveau secret client",
"oauth2_revoke_tokens": "Révoquer tous les jetons",
@@ -230,7 +230,7 @@
"quarantine_exclude_domains": "Exclure les domaines et les alias de domaine",
"quarantine_max_age": "Âge maximun en jour(s)<br><small>La valeur doit être égale ou supérieure à 1 jour.</small>",
"quarantine_max_size": "Taille maximum en Mo (les éléments plus grands sont mis au rebut):<br><small>0 ne signifie <b>pas</b> illimité.</small>",
"quarantine_max_score": "Ignorer la notification si le score de spam est au dessus de cette valeur:<br><small>Par défaut: 9999.0</small>",
"quarantine_max_score": "Ignorer la notification si le score de spam est au dessus de cette valeur :<br><small>Par défaut : 9999.0</small>",
"quarantine_notification_html": "Modèle de courriel de notification:<br><small>Laisser vide pour restaurer le modèle par défaut.</small>",
"quarantine_notification_sender": "Notification par e-mail de lexpéditeur",
"quarantine_notification_subject": "Objet du courriel de notification",
@@ -262,8 +262,8 @@
"regex_maps": "Cartes Regex (expression régulière)",
"relay_from": "\"De:\" adresse",
"relay_run": "Lancer le test",
"relayhosts": "Transports de lexpéditeur",
"relayhosts_hint": "Définir les transports dépendant de lexpéditeur pour pouvoir les sélectionner dans un dialogue de configuration de domaines.<br>\r\n Le service de transport est toujours \"SMTP:\" et va donc essayer TLS (lorsquil est proposé. Le TLS encapsulé (SMTPS) nest pas pris en charge. Il est tenu compte de la définition de la politique TLS pour chaque utilisateur sortant.<br>\r\n Affecte les domaines sélectionnés, y compris les domaines alias.",
"relayhosts": "Transports dépendant de lexpéditeur",
"relayhosts_hint": "Définir les transports dépendant de lexpéditeur pour pouvoir les sélectionner dans un dialogue de configuration de domaines.<br>\n Le service de transport est toujours \"SMTP:\" et va donc essayer TLS lorsquil est proposé. Le TLS encapsulé (SMTPS) nest pas pris en charge. Il est tenu compte de la définition de la politique TLS pour chaque utilisateur sortant.<br>\n Affecte les domaines sélectionnés, y compris les domaines alias.",
"remove": "Supprimer",
"remove_row": "Supprimer la ligne",
"reset_default": "Réinitialisation à la valeur par défaut",
@@ -278,7 +278,7 @@
"rsettings_preset_1": "Désactiver tout sauf DKIM et la limite tarifaire pour les utilisateurs authentifiés",
"rsettings_preset_2": "Les postmasters veulent du spam",
"rsettings_preset_3": "Autoriser uniquement des expéditeurs particuliers pour une boîte (c.-à-d. utilisation comme boîte interne seulement)",
"rspamd-com_settings": "Un nom de paramètre sera généré automatiquement, voir lexemple de préréglages ci-dessous. Pour plus de détails voir : <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Docs Rspamd</a>",
"rspamd_com_settings": "Un nom de paramètre sera généré automatiquement, voir lexemple de préréglages ci-dessous. Pour plus de détails voir : <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Docs Rspamd</a>",
"rspamd_global_filters": "Cartes des filtres globaux",
"rspamd_global_filters_agree": "Je serai prudent !",
"rspamd_global_filters_info": "Les cartes de filtres globales contiennent différents types de listes noires et blanches globales.",
@@ -299,9 +299,9 @@
"title": "Titre",
"title_name": "\"mailcow UI\" titre du site web",
"to_top": "Retour en haut",
"transport_dest_format": "Syntaxe: example.org, .example.org, *, box@example.org (les valeurs multiples peuvent être séparées par des virgules)",
"transport_dest_format": "Syntaxe : example.org, .example.org, *, box@example.org (les valeurs multiples peuvent être séparées par des virgules)",
"transport_maps": "Plans de transport",
"transports_hint": "→ Une entrée de carte de transport <b>annule</b> une carte de transport dépendante de lexpéditeur</b>.<br>\r\n→ Les paramètres de politique TLS sortants par utilisateur sont ignorés et ne peuvent être appliqués que par les entrées de carte de politique TLS.<br>\r\n→ Le service de transport pour des transports définis est toujours \"smtp:\" et va donc essayer TLS lorsquil est offert. Wrapped TLS (SMTPS) nest pas pris en charge.<br>\r\n→ Les adresses correspondantes \"/localhost$/\" seront toujours transportées via \"local:\", donc une destination \"*\" ne s'applique pas à ces adresses.<br>\r\n→ Pour déterminer les compétences dans l'exemple suivant \"[host]:25\", Postfix demande <b>toujours</b> pour \"host\" avant de chercher \"[host]:25\". Ce comportement rend impossible lutilisation \"host\" et \"[host]:25\" en même temps.",
"transports_hint": "→ Une entrée de carte de transport <b>annule</b> une carte de transport dépendante de lexpéditeur</b>.<br>\n→ Les transports basés sur le MX sont préférables.<br>\n→ Les paramètres de politique TLS sortants par utilisateur sont ignorés et ne peuvent être appliqués que par les entrées de carte de politique TLS.<br>\n→ Pour chaque transports défini, le servie de transports sera \"smtp:\", TLS sera essayé lorsque disponible. Le Wrapped TLS (SMTPS) nest pas pris en charge.<br>\n→ Les adresses qui correspondent à\"/localhost$/\" seront toujours transportées via \"local:\", donc une destination \"*\" ne s'applique pas à ces adresses.<br>\n→ Pour déterminer les informations d'identification dans l'exemple suivant \"[host]:25\", Postfix va <b>toujours</b> faire une requête pour \"host\" avant de chercher \"[host]:25\". Ce comportement rend impossible lutilisation \"host\" et \"[host]:25\" en même temps.",
"ui_footer": "Pied de page (HTML autorisé)",
"ui_header_announcement": "Annonces",
"ui_header_announcement_active": "Définir lannonce active",
@@ -319,7 +319,10 @@
"username": "Nom d'utilisateur",
"validate_license_now": "Valider le GUID par rapport au serveur de licence",
"verify": "Verifier",
"yes": "&#10003;"
"yes": "&#10003;",
"api_read_write": "Accès Lecture-Écriture",
"oauth2_add_client": "Ajouter un client OAuth2",
"password_policy": "Politique de mots de passe"
},
"danger": {
"access_denied": "Accès refusé ou données de formulaire non valides",
@@ -327,7 +330,7 @@
"alias_empty": "L'alias d'adresse ne peut pas être vide",
"alias_goto_identical": "Lalias et ladresse Goto ne doivent pas être identiques",
"alias_invalid": "L'alias d'adresse %s est non valide",
"aliasd_targetd_identical": "Le domaine alias ne doit pas être égal au domaine cible: %s",
"aliasd_targetd_identical": "Le domaine alias ne doit pas être égal au domaine cible : %s",
"aliases_in_use": "Max. alias doit être supérieur ou égal à %d",
"app_name_empty": "Le nom de l'application ne peut pas être vide",
"app_passwd_id_invalid": "Le mot de passe ID %s de l'application est non valide",
@@ -338,7 +341,7 @@
"defquota_empty": "Le quota par défaut par boîte ne doit pas être 0.",
"description_invalid": "La description des ressources pour %s est non valide",
"dkim_domain_or_sel_exists": "Une clé DKIM pour \"%s\" existe et ne sera pas écrasée",
"dkim_domain_or_sel_invalid": "Domaine ou sélection DKIM non valide: %s",
"dkim_domain_or_sel_invalid": "Domaine ou sélection DKIM non valide : %s",
"domain_cannot_match_hostname": "Le domaine ne correspond pas au nom dhôte",
"domain_exists": "Le domaine %s exite déjà",
"domain_invalid": "Le mom de domaine est vide ou non valide",
@@ -350,24 +353,24 @@
"file_open_error": "Le fichier ne peut pas être ouvert pour l'écriture",
"filter_type": "Type de fltre erroné",
"from_invalid": "Expéditeur ne peut pas être vide",
"global_filter_write_error": "Impossible décrire le fichier de filtre: %s",
"global_filter_write_error": "Impossible décrire le fichier de filtre : %s",
"global_map_invalid": "ID de carte globale %s non valide",
"global_map_write_error": "Impossible décrire lID de la carte globale %s: %s",
"global_map_write_error": "Impossible décrire lID de la carte globale %s : %s",
"goto_empty": "Une adresse alias doit contenir au moins une adresse 'goto'valide",
"goto_invalid": "Adresse Goto %s non valide",
"ham_learn_error": "Erreur d'apprentissage Ham: %s",
"ham_learn_error": "Erreur d'apprentissage Ham : %s",
"imagick_exception": "Erreur : Exception Imagick lors de la lecture de limage",
"img_invalid": "Impossible de valider le fichier image",
"img_tmp_missing": "Impossible de valider le fichier image: Fichier temporaire introuvable",
"img_tmp_missing": "Impossible de valider le fichier image : Fichier temporaire introuvable",
"invalid_bcc_map_type": "Type de carte BCC non valide",
"invalid_destination": "Le format de la destination \"%s\" est non valide",
"invalid_filter_type": "Type de filtre non valide",
"invalid_host": "Hôte non valide spécifié: %s",
"invalid_host": "Hôte non valide spécifié : %s",
"invalid_mime_type": "Type mime non valide",
"invalid_nexthop": "Le format de saut suivant est non valide",
"invalid_nexthop_authenticated": "Next hop existe avec différents identifiants, veuillez dabord mettre à jour les identifiants existants pour ce prochain saut.",
"invalid_recipient_map_new": "Nouveau destinataire précisé non valide: %s",
"invalid_recipient_map_old": "Destinataire original précisé non valide: %s",
"invalid_recipient_map_new": "Nouveau destinataire spécifié non valide : %s",
"invalid_recipient_map_old": "Destinataire original spécifié non valide : %s",
"ip_list_empty": "La liste des adresses IP autorisées ne peut pas être vide",
"is_alias": "%s est déjà connu comme une adresse alias",
"is_alias_or_mailbox": "%s est déjà connu comme un alias, une boîte ou une adresse alias développée à partir dun domaine alias.",
@@ -378,7 +381,7 @@
"mailbox_invalid": "Le nom de la boîte n'est pas valide",
"mailbox_quota_exceeded": "Le quota dépasse la limite du domaine (max. %d Mo)",
"mailbox_quota_exceeds_domain_quota": "Le quota maximum dépasse la limite du quota de domaine",
"mailbox_quota_left_exceeded": "Espace libre insuffisant (espace libre: %d Mo)",
"mailbox_quota_left_exceeded": "Espace libre insuffisant (espace libre : %d Mio)",
"mailboxes_in_use": "Le max. des boîtes doit être supérieur ou égal à %d",
"malformed_username": "Nom dutilisateur malformé",
"map_content_empty": "Le contenu de la carte ne peut pas être vide",
@@ -386,9 +389,9 @@
"max_mailbox_exceeded": "Le nombre max. de boîte est dépassé (%d of %d)",
"max_quota_in_use": "Le quota de la boîte doit être supérieur ou égal à %d Mo",
"maxquota_empty": "Le quota maximum par boîte ne doit pas être de 0.",
"mysql_error": "Erreur MySQL: %s",
"nginx_reload_failed": "Le rechargement de Nginx a échoué: %s",
"network_host_invalid": "Réseau ou host non valide: %s",
"mysql_error": "Erreur MySQL : %s",
"nginx_reload_failed": "Le rechargement de Nginx a échoué : %s",
"network_host_invalid": "Réseau ou hôte non valide : %s",
"next_hop_interferes": "%s interfère avec le nexthop %s",
"next_hop_interferes_any": "Un saut suivant existant interfère avec %s",
"no_user_defined": "Aucun utilisateur défini",
@@ -399,15 +402,15 @@
"password_mismatch": "Le mot de passe de confirmation ne correspond pas",
"policy_list_from_exists": "Un enregistrement avec ce nom existe déjà",
"policy_list_from_invalid": "Le format de lenregistrement est invalide",
"private_key_error": "Erreur de clé privée: %s",
"private_key_error": "Erreur de clé privée : %s",
"pushover_credentials_missing": "Jeton Pushover ou clé manquante",
"pushover_key": "La clé Pushover a un mauvais format",
"pushover_token": "Le jeton Pushover a un mauvais format",
"quota_not_0_not_numeric": "Le quota doit être numerique et >= 0",
"recipient_map_entry_exists": "Une entrée dans la carte du bénéficiaire \"%s\" existe",
"redis_error": "Erreur Redis: %s",
"redis_error": "Erreur Redis : %s",
"relayhost_invalid": "La saisie de la carte %s est invalide",
"release_send_failed": "Le message na pas pu être diffusé: %s",
"release_send_failed": "Le message na pas pu être diffusé : %s",
"reset_f2b_regex": "Le filtre regex n'a pas pu être réinitialisé à temps, veuillez réessayer ou attendre quelques secondes de plus et recharger le site web.",
"resource_invalid": "Le nom de la resource %s n'est pas valide",
"rl_timeframe": "Le délai limite du taux est incorrect",
@@ -416,8 +419,8 @@
"sender_acl_invalid": "La valeur ACL de lexpéditeur %s est invalide",
"set_acl_failed": "Impossible de définir ACL",
"settings_map_invalid": "La carte des paramètres %s est invalide",
"sieve_error": "Erreur danalyseur de tamis: %s",
"spam_learn_error": "Erreur d'apprentissage du spam: %s",
"sieve_error": "Erreur d'analyse syntaxique Sieve : %s",
"spam_learn_error": "Erreur d'apprentissage du spam : %s",
"subject_empty": "Le sujet ne peut^pas être vide",
"target_domain_invalid": "Le domaine cible %s n'est pas valide",
"targetd_not_found": "Le domaine cible %s est introuvable",
@@ -430,15 +433,15 @@
"tls_policy_map_parameter_invalid": "Le paramètre Policy est invalide",
"totp_verification_failed": "Echec de la vérification TOTP",
"transport_dest_exists": "La destination de transport \"%s\" existe",
"webauthn_verification_failed": "Echec de la vérification WebAuthn: %s",
"fido2_verification_failed": "La vérification FIDO2 a échoué: %s",
"webauthn_verification_failed": "Echec de la vérification WebAuthn : %s",
"fido2_verification_failed": "La vérification FIDO2 a échoué : %s",
"unknown": "Une erreur inconnue est survenue",
"unknown_tfa_method": "Methode TFA inconnue",
"unlimited_quota_acl": "Quota illimité interdit par les ACL",
"username_invalid": "Le nom d'utilisateur %s ne peut pas être utilisé",
"validity_missing": "Veuillez attribuer une période de validité",
"value_missing": "Veuillez fournir toutes les valeurs",
"yotp_verification_failed": "La vérification Yubico OTP a échoué: %s"
"yotp_verification_failed": "La vérification Yubico OTP a échoué : %s"
},
"debug": {
"chart_this_server": "Graphique (ce serveur)",
@@ -509,7 +512,7 @@
"force_pw_update_info": "Cet utilisateur pourra uniquement se connecter à %s.",
"full_name": "Nom complet",
"gal": "Liste d'adresses globale (GAL)",
"gal_info": "La liste d'adresses globale (GAL) contient tous les objets dun domaine et ne peut pas être édité par un utilisateur. Les informations libres/occupées dans SOGo sont manquantes si elles sont désactivées! <b>Redémarrer SOGo pour appliquer les modifications.</b>",
"gal_info": "La liste d'adresses globale (GAL) contient tous les objets dun domaine et ne peut pas être édité par un utilisateur. Les informations libres/occupées dans SOGo sont manquantes si elles sont désactivées! <b>Redémarrer SOGo pour appliquer les modifications.</b>",
"generate": "générer",
"grant_types": "Types 'autorisation",
"hostname": "Nom d'hôte",
@@ -574,14 +577,16 @@
"title": "Editer l'objet",
"unchanged_if_empty": "Si non modifié, laisser en blanc",
"username": "Nom d'utilisateur",
"validate_save": "Valider et sauver"
"validate_save": "Valider et sauver",
"lookup_mx": "La destination est une expression régulière qui doit correspondre avec le nom du MX (<code>.*google\\.com</code> pour acheminer tout le courrier destiné à un MX se terminant par google.com via ce saut).",
"mailbox_relayhost_info": "S'applique uniquement à la boîte aux lettres et aux alias directs, remplace le relayhost du domaine."
},
"footer": {
"cancel": "Annuler",
"confirm_delete": "Confirmer la suppression",
"delete_now": "Effacer maintenant",
"delete_these_items": "Veuillez confirmer les modifications apportées à lidentifiant dobjet suivant",
"hibp_nok": "Trouvé! Il sagit dun mot de passe potentiellement dangereux!",
"hibp_nok": "Trouvé ! Il sagit dun mot de passe potentiellement dangereux !",
"hibp_ok": "Aucune correspondance trouvée.",
"loading": "Veuillez patienter...",
"restart_container": "Redémarrer le conteneur",
@@ -740,9 +745,9 @@
"tls_enforce_in": "Appliquer le TLS entrant",
"tls_enforce_out": "Appliquer le TLS sortant",
"tls_map_dest": "Destination",
"tls_map_dest_info": "Exemples: example.org, .example.org, [mail.example.org]:25",
"tls_map_dest_info": "Exemples : example.org, .example.org, [mail.example.org]:25",
"tls_map_parameters": "Paramètres",
"tls_map_parameters_info": "Vide ou paramètres, par exemple: protocols=!SSLv2 ciphers=medium exclude=3DES",
"tls_map_parameters_info": "Vide ou paramètres, par exemple : protocols=!SSLv2 ciphers=medium exclude=3DES",
"tls_map_policy": "Politique",
"tls_policy_maps": "Cartes des politiques des TLS",
"tls_policy_maps_info": "Cette carte de politique remplace les règles de transport TLS sortantes indépendamment des paramètres de politique TLS des utilisateurs.<br>\r\n Veuillez vérifier <a href=\"http://www.postfix.org/postconf.5.html#smtp_tls_policy_maps\" target=\"_blank\">la doc \"smtp_tls_policy_maps\" </a> pour plus d'informations.",
@@ -756,8 +761,8 @@
},
"oauth2": {
"access_denied": "Veuillez vous connecter en tant que propriétaire de la boîte pour accorder laccès via Oauth2.",
"authorize_app": "Authorize application",
"deny": "Deny",
"authorize_app": "Autoriser l'application",
"deny": "Refuser",
"permit": "Autorise l'application",
"profile": "Profil",
"profile_desc": "Afficher les informations personnelles : nom dutilisateur, nom complet, créé, modifié, actif",
@@ -772,7 +777,7 @@
"danger": "Danger",
"deliver_inbox": "Envoyer dans la boîte de reception",
"disabled_by_config": "La configuration actuelle du système désactive la fonctionnalité de quarantaine. Veuillez définir \"retentions par boîte\" et une \"taille maximum\" pour les éléments en quarantaine.",
"settings_info": "Quantité maximum d'éléments à mettre en quarantaine: %s<br>Taille maximale des e-mails: %s MiB",
"settings_info": "Quantité maximum d'éléments à mettre en quarantaine : %s<br>Taille maximale des e-mails : %s MiB",
"download_eml": "Télécharger (.eml)",
"empty": "Pas de résultat",
"high_danger": "Haut",
@@ -819,7 +824,7 @@
"start": {
"help": "Afficher/masquer le panneau daide",
"imap_smtp_server_auth_info": "Veuillez utiliser votre adresse e-mail complète et le mécanisme dauthentification PLAIN.<br>\r\nVos données de connexion seront cryptées par le cryptage obligatoire côté serveur.",
"mailcow_apps_detail": "Utiliser une application Maicow pour accéder à vos messages, calendrier, contacts et plus.",
"mailcow_apps_detail": "Utiliser une application mailcow pour accéder à vos messages, calendrier, contacts et plus.",
"mailcow_panel_detail": "<b>Les administrateurs de domaines</b> peuvent créer, modifier or supprimer des boîtes et alias, changer de domaines et lire de plus amples renseignements sur les domaines qui leurs sont attribués.<br>\r\n<b>Les utilisateurs de boîtes</b> sont en mesure de créer des alias limités dans le temps (alias spam), de modifier leurs mots de passe et les paramètres du filtre anti-spam."
},
"success": {
@@ -837,14 +842,14 @@
"app_links": "Modifications enregistrées dans les liens dapplication",
"app_passwd_added": "Ajout dun nouveau mot de passe dapplication",
"app_passwd_removed": "Suppression de lidentifiant du mot de passe de lapplication %s",
"bcc_deleted": "Suppression des entrées de la carte BCC: %s",
"bcc_deleted": "Suppression des entrées de la carte BCC : %s",
"bcc_edited": "Entrée de la carte BCC %s modifiée",
"bcc_saved": "Saisie de carte BCC enregistrée",
"db_init_complete": "Initialisation de la base de données terminée",
"delete_filter": "ID des filtres supprimés %s",
"delete_filters": "Filtres supprimés: %s",
"deleted_syncjob": "Job de synchronisation supprimé ID %s",
"deleted_syncjobs": "Jobs de synchronisation supprimé: %s",
"delete_filters": "Filtres supprimés : %s",
"deleted_syncjob": "ID du travail de synchronisation supprimé : %s",
"deleted_syncjobs": "Travail de synchronisation supprimé : %s",
"dkim_added": "La clé DKIM %s a été sauvegardée",
"dkim_duplicated": "La clé DKIM pour e domaine %s a été copiée vers %s",
"dkim_removed": "La clé DKIM %s a été supprimée",
@@ -908,7 +913,7 @@
"enter_qr_code": "Votre code TOTP si votre appareil ne peut pas scanner les codes QR",
"error_code": "Code d'erreur",
"init_webauthn": "Initialisation, veuillez patienter...",
"key_id": "Un identifiant pour votre Yubikey",
"key_id": "Un identifiant pour votre Périphérique",
"key_id_totp": "Un identifiant pour votre clé",
"none": "Désactiver",
"reload_retry": "- (recharger le navigateur si lerreur persiste)",
@@ -969,7 +974,7 @@
"direct_aliases": "Adresses alias directes",
"direct_aliases_desc": "Les adresses dalias directes sont affectées par le filtre anti-spam et les paramètres de politique TLS.",
"eas_reset": "Réinitialiser le cache de lappareil Activesync",
"eas_reset_help": "Dans de nombreux cas, une réinitialisation du cache de lappareil aidera à récupérer un profil Activesync cassé.<br><b>Attention:</b> Tous les éléments seront à nouveau chargés!",
"eas_reset_help": "Dans de nombreux cas, une réinitialisation du cache de lappareil aidera à récupérer un profil Activesync cassé.<br><b>Attention :</b> Tous les éléments seront à nouveau téléchargés !",
"eas_reset_now": "Réinitialiser maintenant",
"edit": "Editer",
"email": "Email",
@@ -1033,9 +1038,9 @@
"spamfilter_bl": "Liste noire (BlackList)",
"spamfilter_bl_desc": "Les adresses de courriel sur la liste noire de <b>always (toujours)</b> peuvent être classées comme des pourriels et rejetées. Des caractères génériques peuvent être utilisés. Un filtre nest appliqué quaux alias directs (alias avec une seule boîte cible), à lexclusion des alias tous azimuts et dune boîte elle-même.",
"spamfilter_default_score": "Valeurs par défaut",
"spamfilter_green": "Vert: ce message n'est pas un spam",
"spamfilter_hint": "La première valeur indique un \"faible score de spam\", la seconde représente un \"haut score de spam\".",
"spamfilter_red": "Rouge: Ce message est un spam et sera rejeté par le serveur",
"spamfilter_green": "Vert : ce message n'est pas un spam",
"spamfilter_hint": "La première valeur indique un \"faible score de spam\", la seconde représente un \"haut score de spam\".",
"spamfilter_red": "Rouge : Ce message est un spam et sera rejeté par le serveur",
"spamfilter_table_action": "Action",
"spamfilter_table_add": "Ajouter un élément",
"spamfilter_table_domain_policy": "n/a (politique de domaine)",
@@ -1043,13 +1048,13 @@
"spamfilter_table_remove": "supprimer",
"spamfilter_table_rule": "Règle",
"spamfilter_wl": "Liste blanche (WhiteList)",
"spamfilter_wl_desc": "Liste blanche des adresses e-mail à <b> ne jamais</b> classer comme spam. Des caractères génériques peuvent être utilisés. Un filtre nest appliqué quaux alias directs (alias avec une seule boîte cible), à lexclusion des alias tous azimuts et dune boîte elle-même.",
"spamfilter_yellow": "Jaune: ce message est peut être un spam, il sera étiqueté comme spam et déplacé vers votre dossier Junk",
"spamfilter_wl_desc": "La liste blanche est programmé pour <b> ne jamais</b> classer comme spam les adresses e-mail qu'elle contient. Des caractères génériques peuvent être utilisés. Un filtre nest appliqué quaux alias directs (alias avec une seule boîte cible), à lexclusion des alias catch-all et dune boîte mail.",
"spamfilter_yellow": "Jaune : ce message est peut être un spam, il sera étiqueté comme spam et déplacé vers votre dossier Pourriel",
"status": "Statut",
"sync_jobs": "Jobs de synchronisation",
"tag_handling": "Régler la manipulation du courrier étiqueté",
"tag_help_example": "Exemple pour une adresse e-mail étiquetée: me<b>+Facebook</b>@example.org",
"tag_help_explain": "Dans sous-dossier: un nouveau sous-dossier nommé daprès la balise sera créé sous INBOX (\"INBOX/Facebook\").<br>\r\nDans le sujet : le nom des balises sera ajouté au début du sujet du mail, exemple : \"[Facebook] My News\".",
"tag_help_example": "Exemple pour une adresse e-mail étiquetée : me<b>+Facebook</b>@example.org",
"tag_help_explain": "Dans un sous-dossier : un nouveau sous-dossier nommé selon l'étiquette sera créé sous INBOX (\"INBOX/Facebook\").<br>\nDans le sujet : le nom des balises sera ajouté au début du sujet du mail, exemple : \"[Facebook] My News\".",
"tag_in_none": "Ne rien faire",
"tag_in_subfolder": "Dans un sous dossier",
"tag_in_subject": "Dans le sujet",
@@ -1073,10 +1078,10 @@
"dovecot_restart_failed": "Dovecot na pas pu redémarrer, veuillez vérifier les journaux",
"fuzzy_learn_error": "Erreur dapprentissage du hachage flou: %s",
"hash_not_found": "Hachage non trouvé ou déjà supprimé",
"ip_invalid": "IP non valide ignorée: %s",
"ip_invalid": "IP non valide ignorée : %s",
"no_active_admin": "Impossible de désactiver le dernier administrateur active",
"quota_exceeded_scope": "Dépassement du quota de domaine: Seules des boîtes illimitées peuvent être créées dans ce domaine.",
"session_token": "Jeton de formulaire invalide: Décalage des jetons",
"session_ua": "Jeton de formulaire invalide: erreur de validation User-Agent"
"quota_exceeded_scope": "Dépassement du quota de domaine : Seules des boîtes illimitées peuvent être créées dans ce domaine.",
"session_token": "Jeton de formulaire invalide : Jeton différent",
"session_ua": "Jeton de formulaire invalide : erreur de validation User-Agent"
}
}

15
data/web/lang/lang.it.json
View File

@@ -2,8 +2,8 @@
"acl": {
"alias_domains": "Aggiungi alias di dominio",
"app_passwds": "Gestisci le password delle app",
"bcc_maps": "BCC maps",
"delimiter_action": "Delimiter action",
"bcc_maps": "Mappe CCN",
"delimiter_action": "Azione delimitatrice",
"domain_desc": "Modifica la descrizione del dominio",
"domain_relayhost": "Modifica relayhost per un dominio",
"eas_reset": "Ripristina i dispositivi EAS",
@@ -106,7 +106,8 @@
"validate": "Convalida",
"validation_success": "Convalidato con successo",
"bcc_dest_format": "Il destinatario in copia nascosta deve essere un singolo indirizzo email.<br>Se si vuole spedire una copia del messaggio a più destinatari, bisogna creare un alias ed utilizzarlo per questa opzione.",
"app_passwd_protocols": "Protocolli consentiti per la password dell'app"
"app_passwd_protocols": "Protocolli consentiti per la password dell'app",
"tags": "Tag"
},
"admin": {
"access": "Accedi",
@@ -294,7 +295,7 @@
"rsettings_preset_1": "Disable all but DKIM and rate limit for authenticated users",
"rsettings_preset_2": "I postmaster vogliono lo spam",
"rsettings_preset_3": "Consenti solo mittenti specifici per una casella di posta (ad esempio: utilizzo solo come casella di posta interna)",
"rspamd-com_settings": "A setting name will be auto-generated, please see the example presets below. For more details see <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd docs</a>",
"rspamd_com_settings": "A setting name will be auto-generated, please see the example presets below. For more details see <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd docs</a>",
"rspamd_global_filters": "Global filter maps",
"rspamd_global_filters_agree": "Starò attento!",
"rspamd_global_filters_info": "Global filter maps contain different kind of global black and whitelists.",
@@ -983,7 +984,7 @@
"enter_qr_code": "Il codice TOTP se il tuo dispositivo non è in grado di acquisire i codici QR",
"error_code": "Codice di errore",
"init_webauthn": "Inizializzazione, attendere prego...",
"key_id": "Identificatore per il tuo YubiKey",
"key_id": "Identificatore per il tuo dispositivo",
"key_id_totp": "Identificatore per la tua chiave",
"none": "Disattivato",
"reload_retry": "- (ricaricare la pagina se l'errore persiste)",
@@ -997,7 +998,9 @@
"waiting_usb_auth": "<i>In attesa del device USB...</i><br /><br />Tocca ora il pulsante sul dispositivo WebAuthn USB.",
"waiting_usb_register": "<i>In attesa del device USB...</i><br /><br />Inserisci la tua password qui sopra e conferma la tua registrazione WebAuthn toccando il pulsante del dispositivo WebAuthn USB.",
"yubi_otp": "Autenticazione Yubico OTP",
"tfa_token_invalid": "Token TFA non valido"
"tfa_token_invalid": "Token TFA non valido",
"u2f_deprecated": "Sembra che la tua chiave sia stata registrata utilizzando il metodo U2F deprecato. Disattiveremo Two-Factor-Authenticaiton per te e cancelleremo la tua chiave.",
"u2f_deprecated_important": "Registra la tua chiave nel pannello di amministrazione con il nuovo metodo WebAuthn."
},
"user": {
"action": "Azione",

2
data/web/lang/lang.ko.json
View File

@@ -269,7 +269,7 @@
"rsettings_preset_1": "인증된 사용자에 대해 DKIM과 속도 제한을 제외한 모든 것을 비활성화",
"rsettings_preset_2": "포스트 마스터가 스팸을 원함",
"rsettings_preset_3": "메일박스에 특정 발신자만 허용 (i.e. 서버 내부 메일함으로만 이용)",
"rspamd-com_settings": "설정 이름은 자동으로 생성되며 아래 사전 설정 예제를 참고하세요. 자세한 내용은 <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd 문서</a>를 참조하세요.",
"rspamd_com_settings": "설정 이름은 자동으로 생성되며 아래 사전 설정 예제를 참고하세요. 자세한 내용은 <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd 문서</a>를 참조하세요.",
"rspamd_global_filters": "글로벌 필터 맵",
"rspamd_global_filters_agree": "조심할게!",
"rspamd_global_filters_info": "글로벌 필터 맵은 다른 종류의 글로벌 블랙리스트와 화이트리스트를 포함합니다.",

2
data/web/lang/lang.nl.json
View File

@@ -277,7 +277,7 @@
"rsettings_preset_1": "Schakel alles uit voor geauthenticeerde gebruikers, behalve ARC/DKIM en ratelimiting",
"rsettings_preset_2": "Laat postmasters spam ontvangen",
"rsettings_preset_3": "Sta uitsluitend specifieke afzenders toe voor een mailbox (bijvoorbeeld als interne mailbox)",
"rspamd-com_settings": "Een beschrijving voor deze instelling zal automatisch worden gegenereerd, gebruik de onderstaande presets als voorbeeld. Raadpleeg de <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd-documentatie</a> voor meer informatie.",
"rspamd_com_settings": "Een beschrijving voor deze instelling zal automatisch worden gegenereerd, gebruik de onderstaande presets als voorbeeld. Raadpleeg de <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd-documentatie</a> voor meer informatie.",
"rspamd_global_filters": "Globale filters",
"rspamd_global_filters_agree": "Ik ben me ervan bewust dat aanpassingen desastreuze gevolgen kunnen hebben",
"rspamd_global_filters_info": "Ieder globaal filter heeft zijn eigen functie, zie de namen.",

2
data/web/lang/lang.ro.json
View File

@@ -299,7 +299,7 @@
"rsettings_preset_2": "Postmasterii doresc spam",
"rsettings_preset_3": "Permiteți numai expeditori specifici pentru o căsuță poștală (ex: utilizare numai ca adresa de email internă)",
"rsettings_preset_4": "Dezactivați Rspamd pentru domeniu",
"rspamd-com_settings": "<a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Documente Rspamd</a>\n - Un nume de setare va fi generat automat, te rog să consulți presetările exemplu de mai jos.",
"rspamd_com_settings": "<a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Documente Rspamd</a>\n - Un nume de setare va fi generat automat, te rog să consulți presetările exemplu de mai jos.",
"rspamd_global_filters": "Hărți cu filtru global",
"rspamd_global_filters_agree": "Voi fi atent!",
"rspamd_global_filters_info": "Hărțile cu filtre globale conțin diferite tipuri de liste negre și albe.",

21
data/web/lang/lang.ru.json
View File

@@ -105,7 +105,9 @@
"timeout2": "Тайм-аут для подключения к локальному хосту",
"username": "Имя пользователя",
"validate": "Проверить",
"validation_success": "Проверка прошла успешно"
"validation_success": "Проверка прошла успешно",
"tags": "Теги",
"app_passwd_protocols": "Разрешенные протоколы для пароля приложения"
},
"admin": {
"access": "Настройки доступа",
@@ -190,7 +192,7 @@
"flush_queue": "Отправить все сообщения",
"forwarding_hosts": "Переадресация хостов",
"forwarding_hosts_add_hint": "Можно указывать: IPv4/IPv6 подсети в нотации CIDR, имена хостов (которые будут разрешаться в IP-адреса) или доменные имена (которые будут решаться с IP-адресами путем запроса SPF записей или, в случае их отсутствия - запросом MX записей).",
"forwarding_hosts_hint": "Входящие сообщения безоговорочно принимаются от любых хостов, перечисленных здесь. Эти хосты не проходят проверку DNSBL и graylisting. Спам, полученный от них, никогда не отклоняется, но при желании можно включить спам фильтр и письма с плохим рейтингом будут попадать в Junk. Наиболее распространенное использование - указать почтовые серверы, на которых вы установили правило, которое перенаправляет входящие электронные письма на ваш почтовый сервер.",
"forwarding_hosts_hint": "Входящие сообщения безоговорочно принимаются от любых хостов, перечисленных здесь. Эти хосты не проходят проверку DNSBL и graylisting. Спам, полученный от них, никогда не отклоняется, но при желании можно включить спам фильтр и письма с плохим рейтингом будут попадать в Junk. Наиболее распространенное использование - указать почтовые серверы, на которых вы установили правило, которое перенаправляет входящие электронные письма на ваш почтовый сервер mailcow.",
"from": "От",
"generate": "сгенерировать",
"guid": "GUID - уникальный ID",
@@ -298,7 +300,7 @@
"rsettings_preset_2": "Не проверять письма на спам Postmaster",
"rsettings_preset_3": "Разрешить только определённых отправителей для почтового ящика (использование только в качестве внутреннего почтового ящика)",
"rsettings_preset_4": "Отключить Rspamd для домена",
"rspamd-com_settings": "Имена правил будут сгенерированы на основе их ID.<br> Инструкция доступна на сайте <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">документация Rspamd user settings</a>, заготовленные шаблоны:",
"rspamd_com_settings": "Имена правил будут сгенерированы на основе их ID.<br> Инструкция доступна на сайте <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">документация Rspamd user settings</a>, заготовленные шаблоны:",
"rspamd_global_filters": "Глобальные правила фильтрации",
"rspamd_global_filters_agree": "Я понимаю, что я делаю, и буду осторожен!",
"rspamd_global_filters_info": "Глобальные правила фильтрации содержат различные виды глобальных черных и белых списков.",
@@ -460,7 +462,8 @@
"unlimited_quota_acl": "Неограниченная квота запрещена политикой доступа",
"username_invalid": "Имя пользователя %s нельзя использовать",
"validity_missing": "Пожалуйста, назначьте срок действия",
"value_missing": "Пожалуйста заполните все поля"
"value_missing": "Пожалуйста заполните все поля",
"yotp_verification_failed": "Ошибка валидации Yubico OTP: %s"
},
"debug": {
"chart_this_server": "Диаграмма (текущий сервер)",
@@ -886,11 +889,11 @@
"type": "Тип"
},
"ratelimit": {
"disabled": "Отключен",
"second": "сообщений / секунду",
"minute": "сообщений / минуту",
"hour": "сообщений / час",
"day": "сообщений / день"
"disabled": "Отключен",
"second": "сообщений / секунду",
"minute": "сообщений / минуту",
"hour": "сообщений / час",
"day": "сообщений / день"
},
"start": {
"help": "Справка",

2
data/web/lang/lang.sk.json
View File

@@ -299,7 +299,7 @@
"rsettings_preset_2": "Prijať každý spam",
"rsettings_preset_3": "Povoliť len špecifických odosielateľov (využitie ako interná schránka pre lokálne doručovanie)",
"rsettings_preset_4": "Deaktivujte Rspamd pre doménu",
"rspamd-com_settings": "Názov nastavenia bude automaticky vygenerovaný, pozrite sa prosím na ukážky uvedené nižšie. Pre viac informácií navštívte <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd dokumentáciu</a>",
"rspamd_com_settings": "Názov nastavenia bude automaticky vygenerovaný, pozrite sa prosím na ukážky uvedené nižšie. Pre viac informácií navštívte <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd dokumentáciu</a>",
"rspamd_global_filters": "Mapy globálnych filtrov",
"rspamd_global_filters_agree": "Budem opatrný!",
"rspamd_global_filters_info": "Mapy globálnych filtrov obsahujú rozličné druhy globálnych blacklistov a whitelistov.",

2
data/web/lang/lang.sv.json
View File

@@ -288,7 +288,7 @@
"rsettings_preset_1": "Inaktivera allt förutom DKIM och hastighetsbegränsningar för inloggade användare",
"rsettings_preset_2": "Avvisa inte skräppost till postmasteradresser",
"rsettings_preset_3": "Tillåt bara en eller flera avsändare att skriva till en brevlåda (t.ex. interna brevlådor)",
"rspamd-com_settings": "Ett inställningsnamn kommer att genereras automatiskt, se exemplet nedan. För mer detaljer se <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd dokumentationen</a>",
"rspamd_com_settings": "Ett inställningsnamn kommer att genereras automatiskt, se exemplet nedan. För mer detaljer se <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd dokumentationen</a>",
"rspamd_global_filters": "Globala filterregler",
"rspamd_global_filters_agree": "Jag ska vara försiktig!",
"rspamd_global_filters_info": "En global filterregel kan styra den globala vita- och svartlistan på denna server.",

1186
data/web/lang/lang.uk.json Normal file
View File

File diff suppressed because it is too large Load Diff

2
data/web/lang/lang.zh.json
View File

@@ -274,7 +274,7 @@
"rsettings_preset_1": "为已认证用户关闭除DKIM和ratelimit规则外的所有规则",
"rsettings_preset_2": "管理员(postmaster)想要垃圾邮件",
"rsettings_preset_3": "只允许指定的发件人 (如只允许内部邮箱发送)",
"rspamd-com_settings": "自动生成设置名称,请看下方的示例预设。查看<a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd docs</a>以了解更多细节。",
"rspamd_com_settings": "自动生成设置名称,请看下方的示例预设。查看<a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd docs</a>以了解更多细节。",
"rspamd_global_filters": "全局过滤规则",
"rspamd_global_filters_agree": "我会小心谨慎的!",
"rspamd_global_filters_info": "全局过滤规则包含了不同类型的全局黑名单和白名单。",

9
data/web/resource.php
View File

@@ -1,6 +1,15 @@
<?php
if (!isset($_GET['file']) ) {
http_response_code(404);
exit;
}
$pathinfo = pathinfo($_GET['file']);
if (!array_key_exists('extension', $pathinfo)) {
http_response_code(404);
exit;
}
$extension = strtolower($pathinfo['extension']);
$filepath = '/tmp/' . $pathinfo['basename'];

16
data/web/templates/edit/domain.twig
View File

@@ -23,6 +23,22 @@
<input type="text" class="form-control" name="description" value="{{ result.description }}">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2">{{ lang.add.tags }}</label>
<div class="col-sm-10">
<div class="form-control tag-box">
{% for tag in domain_details.tags %}
<span data-action='delete_selected' data-item="{{ tag|url_encode }}" data-id="domain_tag_{{ tag }}" data-api-url='delete/domain/tag/{{ domain }}' class="badge badge-primary tag-badge btn-badge">
<i class="bi bi-tag-fill"></i>
{{ tag }}
</span>
{% endfor %}
<input type="text" class="tag-input">
<span class="btn tag-add"><i class="bi bi-plus-lg"></i></span>
<input type="hidden" value="" name="tags" class="tag-values" />
</div>
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="relayhost">{{ lang.edit.relayhost }}</label>
<div class="col-sm-10">

20
data/web/templates/edit/mailbox.twig
View File

@@ -22,6 +22,22 @@
<input type="text" class="form-control" name="name" value="{{ result.name }}">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2">{{ lang.add.tags }}</label>
<div class="col-sm-10">
<div class="form-control tag-box">
{% for tag in mailbox_details.tags %}
<span data-action='delete_selected' data-item="{{ tag }}" data-id="mailbox_tag_{{ tag }}" data-api-url='delete/mailbox/tag/{{ mailbox }}' class="badge badge-primary tag-badge btn-badge">
<i class="bi bi-tag-fill"></i>
{{ tag }}
</span>
{% endfor %}
<input type="text" class="tag-input">
<span class="btn tag-add"><i class="bi bi-plus-lg"></i></span>
<input type="hidden" value="" name="tags" class="tag-values" />
</div>
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="quota">{{ lang.edit.quota_mb }}
<br><span id="quotaBadge" class="badge">max. {{ (result.max_new_quota / 1048576) }} MiB</span>
@@ -154,12 +170,16 @@
<div class="col-sm-10">
<div class="btn-group" data-acl="{{ acl.tls_policy }}">
<button type="button" class="btn btn-sm btn-xs-half visible-xs-block visible-sm-inline visible-md-inline visible-lg-inline btn-default{% if get_tls_policy.tls_enforce_in == '1' %} active"{% endif %}"
role="switch"
aria-checked="{% if get_tls_policy.tls_enforce_in == '1' %}true{% else %}false{% endif %}"
data-action="edit_selected"
data-item="{{ mailbox }}"
data-id="tls_policy"
data-api-url='edit/tls_policy'
data-api-attr='{"tls_enforce_in": {% if get_tls_policy.tls_enforce_in == '1' %}0{% else %}1{% endif %} }'>{{ lang.user.tls_enforce_in }}</button>
<button type="button" class="btn btn-sm btn-xs-half visible-xs-block visible-sm-inline visible-md-inline visible-lg-inline btn-default{% if get_tls_policy.tls_enforce_out == '1' %} active"{% endif %}"
role="switch"
aria-checked="{% if get_tls_policy.tls_enforce_out == '1' %}true{% else %}false{% endif %}"
data-action="edit_selected"
data-item="{{ mailbox }}"
data-id="tls_policy"

2
data/web/templates/mailbox/tab-filters.twig
View File

@@ -31,7 +31,7 @@
<li><a data-action="edit_selected" data-id="filter_item" data-api-url='edit/filter' data-api-attr='{"filter_type":"prefilter"}' href="#">{{ lang.mailbox.set_prefilter }}</a></li>
<li><a data-action="edit_selected" data-id="filter_item" data-api-url='edit/filter' data-api-attr='{"filter_type":"postfilter"}' href="#">{{ lang.mailbox.set_postfilter }}</a></li>
<li role="separator" class="divider"></li>
<li><a data-action="delete_selected" data-text="{{ lang.user.eas_reset }}?" data-id="filter_item" data-api-url='delete/filter' href="#">{{ lang.mailbox.remove }}</a></li>
<li><a data-action="delete_selected" data-text="{{ lang.edit.delete_ays }}" data-id="filter_item" data-api-url='delete/filter' href="#">{{ lang.mailbox.remove }}</a></li>
</ul>
<div class="clearfix visible-xs"></div>
<a class="btn btn-sm visible-xs-block visible-sm-inline visible-md-inline visible-lg-inline btn-success" href="#" data-toggle="modal" data-target="#addFilterModalAdmin"><i class="bi bi-plus-lg"></i> {{ lang.mailbox.add_filter }}</a>

2
data/web/templates/modals/admin.twig
View File

@@ -34,7 +34,7 @@
</div>
</form>
<hr>
<p>{{ lang.admin.rspamd-com_settings }}</p>
<p>{{ lang.admin.rspamd_com_settings | raw }}</p>
<ul id="rspamd_presets"></ul>
</div>
</div>

26
data/web/templates/modals/mailbox.twig
View File

@@ -30,6 +30,16 @@
<input type="text" class="form-control" name="name">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2">{{ lang.add.tags }}</label>
<div class="col-sm-10">
<div class="form-control tag-box">
<input type="text" class="tag-input">
<span class="btn tag-add"><i class="bi bi-plus-lg"></i></span>
<input type="hidden" value="" name="tags" class="tag-values" />
</div>
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="addInputQuota">{{ lang.add.quota_mb }}
<br /><span id="quotaBadge" class="badge">max. - MiB</span>
@@ -94,6 +104,16 @@
<input type="text" class="form-control" name="description">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2">{{ lang.add.tags }}</label>
<div class="col-sm-10">
<div class="form-control tag-box">
<input type="text" class="tag-input">
<span class="btn tag-add"><i class="bi bi-plus-lg"></i></span>
<input type="hidden" value="" name="tags" class="tag-values" />
</div>
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="aliases">{{ lang.add.max_aliases }}</label>
<div class="col-sm-10">
@@ -188,11 +208,11 @@
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10 btn-group">
{% if not skip_sogo %}
<button class="btn btn-xs-lg btn-xs-half visible-xs-block visible-sm-inline visible-md-inline visible-lg-inline btn-default" data-action="add_item" data-id="add_domain" data-api-url='add/domain' data-api-attr='{}' href="#">{{ lang.add.add_domain_only }}</button>
<button class="btn btn-xs-lg btn-xs-half visible-xs-block visible-sm-inline visible-md-inline visible-lg-inline btn-default" data-action="add_item" data-id="add_domain" data-api-url='add/domain' data-api-attr='{"restart_sogo":"1"}' href="#">{{ lang.add.add_domain_restart }}</button>
<button class="btn btn-xs-lg btn-xs-half visible-xs-block visible-sm-inline visible-md-inline visible-lg-inline btn-default" data-action="add_item" data-id="add_domain" data-api-url='add/domain' data-api-attr='{"tags": []}' href="#">{{ lang.add.add_domain_only }}</button>
<button class="btn btn-xs-lg btn-xs-half visible-xs-block visible-sm-inline visible-md-inline visible-lg-inline btn-default" data-action="add_item" data-id="add_domain" data-api-url='add/domain' data-api-attr='{"restart_sogo":"1", "tags": []}' href="#">{{ lang.add.add_domain_restart }}</button>
<div class="clearfix visible-xs"></div>
{% else %}
<button class="btn btn-xs-lg visible-xs-block visible-sm-inline visible-md-inline visible-lg-inline btn-success" data-action="add_item" data-id="add_domain" data-api-url='add/domain' data-api-attr='{}' href="#">{{ lang.add.add }}</button>
<button class="btn btn-xs-lg visible-xs-block visible-sm-inline visible-md-inline visible-lg-inline btn-success" data-action="add_item" data-id="add_domain" data-api-url='add/domain' data-api-attr='{"tags": []}' href="#">{{ lang.add.add }}</button>
{% endif %}
</div>
</div>

8
data/web/templates/user/tab-user-auth.twig
View File

@@ -2,11 +2,14 @@
<div class="panel panel-default">
<div class="panel-heading">{{ lang.user.mailbox_general }}</div>
<div class="panel-body">
{% if mailboxdata.attributes.force_pw_update == '1' %}
<div class="alert alert-danger">{{ lang.user.force_pw_update|raw }}</div>
{% endif %}
{% if not skip_sogo %}
<div class="row">
<div class="hidden-xs col-md-3 col-xs-5 text-right"></div>
<div class="col-md-3 col-xs-12">
{% if dual_login and allow_admin_email_login == 'n' %}
{% if dual_login and allow_admin_email_login == 'n' or mailboxdata.attributes.force_pw_update == '1' %}
<button disabled class="btn btn-default btn-block btn-xs-lg">
<i class="bi bi-inbox-fill"></i> {{ lang.user.open_webmail_sso }}
</button>
@@ -115,9 +118,6 @@
<hr>
<div class="row">
<div class="col-sm-offset-3 col-sm-9">
{% if mailboxdata.attributes.force_pw_update == '1' %}
<div class="alert alert-danger">{{ lang.user.force_pw_update|raw }}</div>
{% endif %}
<p><a target="_blank" href="https://mailcow.github.io/mailcow-dockerized-docs/client/client/#{{ clientconfigstr }}">[{{ lang.user.client_configuration }}]</a></p>
<p><a href="#userFilterModal" data-toggle="modal">[{{ lang.user.show_sieve_filters }}]</a></p>
<hr>

4
data/web/templates/user/tab-user-settings.twig
View File

@@ -37,12 +37,16 @@
<div class="col-sm-9 col-xs-12">
<div class="btn-group" data-acl="{{ acl.tls_policy }}">
<button type="button" class="btn btn-sm btn-xs-half visible-xs-block visible-sm-inline visible-md-inline visible-lg-inline btn-default{% if get_tls_policy.tls_enforce_in == '1' %} active"{% endif %}"
role="switch"
aria-checked="{% if get_tls_policy.tls_enforce_in == '1' %}true{% else %}false{% endif %}"
data-action="edit_selected"
data-item="{{ mailcow_cc_username }}"
data-id="tls_policy"
data-api-url='edit/tls_policy'
data-api-attr='{"tls_enforce_in": {% if get_tls_policy.tls_enforce_in == '1' %}0{% else %}1{% endif %} }'>{{ lang.user.tls_enforce_in }}</button>
<button type="button" class="btn btn-sm btn-xs-half visible-xs-block visible-sm-inline visible-md-inline visible-lg-inline btn-default{% if get_tls_policy.tls_enforce_out == '1' %} active"{% endif %}"
role="switch"
aria-checked="{% if get_tls_policy.tls_enforce_out == '1' %}true{% else %}false{% endif %}"
data-action="edit_selected"
data-item="{{ mailcow_cc_username }}"
data-id="tls_policy"

80
docker-compose.yml
View File

@@ -2,7 +2,7 @@ version: '2.1'
services:
unbound-mailcow:
image: mailcow/unbound:1.15
image: mailcow/unbound:1.16
environment:
- TZ=${TZ}
volumes:
@@ -22,8 +22,8 @@ services:
- unbound-mailcow
stop_grace_period: 45s
volumes:
- mysql-vol-1:/var/lib/mysql/:Z
- mysql-socket-vol-1:/var/run/mysqld/:z
- mysql-vol-1:/var/lib/mysql/
- mysql-socket-vol-1:/var/run/mysqld/
- ./data/conf/mysql/:/etc/mysql/conf.d/:ro,Z
environment:
- TZ=${TZ}
@@ -43,7 +43,7 @@ services:
redis-mailcow:
image: redis:6-alpine
volumes:
- redis-vol-1:/data/:Z
- redis-vol-1:/data/
restart: always
ports:
- "${REDIS_PORT:-127.0.0.1:7654}:6379"
@@ -58,8 +58,10 @@ services:
- redis
clamd-mailcow:
image: mailcow/clamd:1.44
image: mailcow/clamd:1.52
restart: always
depends_on:
- unbound-mailcow
dns:
- ${IPV4_NETWORK:-172.22.1}.254
environment:
@@ -67,13 +69,14 @@ services:
- SKIP_CLAMD=${SKIP_CLAMD:-n}
volumes:
- ./data/conf/clamav/:/etc/clamav/:Z
- clamd-db-vol-1:/var/lib/clamav
networks:
mailcow-network:
aliases:
- clamd
rspamd-mailcow:
image: mailcow/rspamd:1.80
image: mailcow/rspamd:1.90
stop_grace_period: 30s
depends_on:
- dovecot-mailcow
@@ -92,7 +95,7 @@ services:
- ./data/conf/rspamd/lua/:/etc/rspamd/lua/:ro,Z
- ./data/conf/rspamd/rspamd.conf.local:/etc/rspamd/rspamd.conf.local:Z
- ./data/conf/rspamd/rspamd.conf.override:/etc/rspamd/rspamd.conf.override:Z
- rspamd-vol-1:/var/lib/rspamd:z
- rspamd-vol-1:/var/lib/rspamd
restart: always
hostname: rspamd
dns:
@@ -103,7 +106,7 @@ services:
- rspamd
php-fpm-mailcow:
image: mailcow/phpfpm:1.78
image: mailcow/phpfpm:1.79
command: "php-fpm -d date.timezone=${TZ} -d expose_php=0"
depends_on:
- redis-mailcow
@@ -112,8 +115,8 @@ services:
- ./data/web:/web:z
- ./data/conf/rspamd/dynmaps:/dynmaps:ro,z
- ./data/conf/rspamd/custom/:/rspamd_custom_maps:z
- rspamd-vol-1:/var/lib/rspamd:z
- mysql-socket-vol-1:/var/run/mysqld/:z
- rspamd-vol-1:/var/lib/rspamd
- mysql-socket-vol-1:/var/run/mysqld/
- ./data/conf/sogo/:/etc/sogo/:z
- ./data/conf/rspamd/meta_exporter:/meta_exporter:ro,z
- ./data/conf/phpfpm/sogo-sso/:/etc/sogo-sso/:z
@@ -165,7 +168,7 @@ services:
- phpfpm
sogo-mailcow:
image: mailcow/sogo:1.106
image: mailcow/sogo:1.108
environment:
- DBNAME=${DBNAME}
- DBUSER=${DBUSER}
@@ -191,9 +194,9 @@ services:
- ./data/conf/sogo/custom-favicon.ico:/usr/lib/GNUstep/SOGo/WebServerResources/img/sogo.ico:z
- ./data/conf/sogo/custom-theme.js:/usr/lib/GNUstep/SOGo/WebServerResources/js/theme.js:z
- ./data/conf/sogo/custom-sogo.js:/usr/lib/GNUstep/SOGo/WebServerResources/js/custom-sogo.js:z
- mysql-socket-vol-1:/var/run/mysqld/:z
- sogo-web-vol-1:/sogo_web:z
- sogo-userdata-backup-vol-1:/sogo_backup:Z
- mysql-socket-vol-1:/var/run/mysqld/
- sogo-web-vol-1:/sogo_web
- sogo-userdata-backup-vol-1:/sogo_backup
labels:
ofelia.enabled: "true"
ofelia.job-exec.sogo_sessions.schedule: "@every 1m"
@@ -212,7 +215,7 @@ services:
- sogo
dovecot-mailcow:
image: mailcow/dovecot:1.161
image: mailcow/dovecot:1.162
depends_on:
- mysql-mailcow
dns:
@@ -225,13 +228,13 @@ services:
- ./data/assets/ssl:/etc/ssl/mail/:ro,z
- ./data/conf/sogo/:/etc/sogo/:z
- ./data/conf/phpfpm/sogo-sso/:/etc/phpfpm/:z
- vmail-vol-1:/var/vmail:Z
- vmail-index-vol-1:/var/vmail_index:Z
- crypt-vol-1:/mail_crypt/:z
- vmail-vol-1:/var/vmail
- vmail-index-vol-1:/var/vmail_index
- crypt-vol-1:/mail_crypt/
- ./data/conf/rspamd/custom/:/etc/rspamd/custom:z
- ./data/assets/templates:/templates:z
- rspamd-vol-1:/var/lib/rspamd:z
- mysql-socket-vol-1:/var/run/mysqld/:z
- rspamd-vol-1:/var/lib/rspamd
- mysql-socket-vol-1:/var/run/mysqld/
environment:
- DOVECOT_MASTER_USER=${DOVECOT_MASTER_USER:-}
- DOVECOT_MASTER_PASS=${DOVECOT_MASTER_PASS:-}
@@ -292,17 +295,17 @@ services:
- dovecot
postfix-mailcow:
image: mailcow/postfix:1.66
image: mailcow/postfix:1.67
depends_on:
- mysql-mailcow
volumes:
- ./data/hooks/postfix:/hooks:Z
- ./data/conf/postfix:/opt/postfix/conf:z
- ./data/assets/ssl:/etc/ssl/mail/:ro,z
- postfix-vol-1:/var/spool/postfix:z
- crypt-vol-1:/var/lib/zeyple:z
- rspamd-vol-1:/var/lib/rspamd:z
- mysql-socket-vol-1:/var/run/mysqld/:z
- postfix-vol-1:/var/spool/postfix
- crypt-vol-1:/var/lib/zeyple
- rspamd-vol-1:/var/lib/rspamd
- mysql-socket-vol-1:/var/run/mysqld/
environment:
- LOG_LINES=${LOG_LINES:-9999}
- TZ=${TZ}
@@ -372,10 +375,10 @@ services:
- ./data/assets/ssl/:/etc/ssl/mail/:ro,z
- ./data/conf/nginx/:/etc/nginx/conf.d/:z
- ./data/conf/rspamd/meta_exporter:/meta_exporter:ro,z
- sogo-web-vol-1:/usr/lib/GNUstep/SOGo/:z
- sogo-web-vol-1:/usr/lib/GNUstep/SOGo/
ports:
- "${HTTPS_BIND:-:}:${HTTPS_PORT:-443}:${HTTPS_PORT:-443}"
- "${HTTP_BIND:-:}:${HTTP_PORT:-80}:${HTTP_PORT:-80}"
- "${HTTPS_BIND:-0.0.0.0}:${HTTPS_PORT:-443}:${HTTPS_PORT:-443}"
- "${HTTP_BIND:-0.0.0.0}:${HTTP_PORT:-80}:${HTTP_PORT:-80}"
restart: always
networks:
mailcow-network:
@@ -385,7 +388,7 @@ services:
acme-mailcow:
depends_on:
- nginx-mailcow
image: mailcow/acme:1.81
image: mailcow/acme:1.82
dns:
- ${IPV4_NETWORK:-172.22.1}.254
environment:
@@ -413,7 +416,7 @@ services:
- ./data/web/.well-known/acme-challenge:/var/www/acme:z
- ./data/assets/ssl:/var/lib/acme/:z
- ./data/assets/ssl-example:/var/lib/ssl-example/:ro,Z
- mysql-socket-vol-1:/var/run/mysqld/:z
- mysql-socket-vol-1:/var/run/mysqld/
restart: always
networks:
mailcow-network:
@@ -421,7 +424,7 @@ services:
- acme
netfilter-mailcow:
image: mailcow/netfilter:1.46
image: mailcow/netfilter:1.48
stop_grace_period: 30s
depends_on:
- dovecot-mailcow
@@ -444,15 +447,15 @@ services:
- /lib/modules:/lib/modules:ro
watchdog-mailcow:
image: mailcow/watchdog:1.96
image: mailcow/watchdog:1.97
dns:
- ${IPV4_NETWORK:-172.22.1}.254
tmpfs:
- /tmp
volumes:
- rspamd-vol-1:/var/lib/rspamd:z
- mysql-socket-vol-1:/var/run/mysqld/:z
- postfix-vol-1:/var/spool/postfix:z
- rspamd-vol-1:/var/lib/rspamd
- mysql-socket-vol-1:/var/run/mysqld/
- postfix-vol-1:/var/spool/postfix
- ./data/assets/ssl:/etc/ssl/mail/:ro,z
restart: always
environment:
@@ -506,7 +509,7 @@ services:
- watchdog
dockerapi-mailcow:
image: mailcow/dockerapi:1.41
image: mailcow/dockerapi:1.42
security_opt:
- label=disable
restart: always
@@ -527,7 +530,7 @@ services:
image: mailcow/solr:1.8.1
restart: always
volumes:
- solr-vol-1:/opt/solr/server/solr/dovecot-fts/data:Z
- solr-vol-1:/opt/solr/server/solr/dovecot-fts/data
ports:
- "${SOLR_PORT:-127.0.0.1:18983}:8983"
environment:
@@ -540,7 +543,7 @@ services:
- solr
olefy-mailcow:
image: mailcow/olefy:1.9
image: mailcow/olefy:1.10
restart: always
environment:
- TZ=${TZ}
@@ -631,3 +634,4 @@ volumes:
crypt-vol-1:
sogo-web-vol-1:
sogo-userdata-backup-vol-1:
clamd-db-vol-1:

20
generate_config.sh
View File

@@ -25,10 +25,26 @@ if cp --help 2>&1 | grep -q -i "busybox"; then
exit 1
fi
for bin in openssl curl docker-compose docker git awk sha1sum; do
for bin in openssl curl docker git awk sha1sum; do
if [[ -z $(which ${bin}) ]]; then echo "Cannot find ${bin}, exiting..."; exit 1; fi
done
echo "checking docker compose version...";
if docker compose >/dev/null 2>&1; then
echo -e "\e[32mFound Compose v2!\e[0m"
elif docker-compose version --short | grep -m1 "^1" > /dev/null 2>&1; then
echo -e "\e[33mWARN: Your machine is using Docker-Compose v1!\e[0m"
echo -e "\e[33mmailcow will drop the Docker-Compose v1 Support in December 2022\e[0m"
echo -e "\e[33mPlease consider a upgrade to Docker-Compose v2.\e[0m"
echo
echo
echo -e "\e[33mContinuing...\e[0m"
sleep 3
else
echo -e "\e[31mCannot find Docker-Compose v1 or v2 on your System. Please install Docker-Compose v2 and re-run the Script.\e[0m"
exit 1
fi
if [ -f mailcow.conf ]; then
read -r -p "A config file exists and will be overwritten, are you sure you want to continue? [y/N] " response
case $response in
@@ -144,7 +160,7 @@ DBROOT=$(LC_ALL=C </dev/urandom tr -dc A-Za-z0-9 | head -c 28)
# Do _not_ use IP:PORT in HTTP(S)_BIND or HTTP(S)_PORT
# IMPORTANT: Do not use port 8081, 9081 or 65510!
# Example: HTTP_BIND=1.2.3.4
# For IPv4 and IPv6 leave it empty: HTTP_BIND= & HTTPS_PORT=
# For IPv4 leave it as it is: HTTP_BIND= & HTTPS_PORT=
# For IPv6 see https://mailcow.github.io/mailcow-dockerized-docs/post_installation/firststeps-ip_bindings/
HTTP_PORT=80

68
helper-scripts/_cold-standby.sh
View File

@@ -77,15 +77,32 @@ function preflight_local_checks() {
exit 1
fi
for bin in rsync docker-compose docker grep cut; do
for bin in rsync docker grep cut; do
if [[ -z $(which ${bin}) ]]; then
>&2 echo -e "\e[31mCannot find ${bin} in local PATH, exiting...\e[0m"
exit 1
fi
done
echo "checking docker compose version...";
if docker compose >/dev/null 2>&1; then
echo -e "\e[32mFound Compose v2 on local machine!\e[0m"
elif docker-compose version --short | grep -m1 "^1" > /dev/null 2>&1; then
echo -e "\e[33mWARN: Your machine is using Docker-Compose v1!\e[0m"
echo -e "\e[33mmailcow will drop the Docker-Compose v1 Support in December 2022\e[0m"
echo -e "\e[33mPlease consider a upgrade to Docker-Compose v2.\e[0m"
echo
echo
echo -e "\e[33mContinuing...\e[0m"
sleep 3
else
echo -e "\e[31mCannot find Docker-Compose v1 or v2 on your System. Please install Docker-Compose v2 and re-run the Script.\e[0m"
exit 1
fi
if grep --help 2>&1 | head -n 1 | grep -q -i "busybox"; then
>&2 echo -e "\e[31mBusyBox grep detected on local system, please install GNU grep\e[0m"
echo -e "\e[31mBusyBox grep detected on local system, please install GNU grep\e[0m"
exit 1
fi
}
@@ -111,7 +128,7 @@ function preflight_remote_checks() {
exit 1
fi
for bin in rsync docker-compose docker; do
for bin in rsync docker; do
if ! ssh -o StrictHostKeyChecking=no \
-i "${REMOTE_SSH_KEY}" \
${REMOTE_SSH_HOST} \
@@ -122,6 +139,31 @@ function preflight_remote_checks() {
fi
done
echo "checking docker compose version on remote...";
if ssh -q -o StrictHostKeyChecking=no \
-i "${REMOTE_SSH_KEY}" \
${REMOTE_SSH_HOST} \
-p ${REMOTE_SSH_PORT} \
-t 'docker compose' >/dev/null 2>&1; then
echo -e "\e[32mFound Compose v2 on remote!\e[0m"
COMPOSE_COMMAND="docker compose"
elif ssh -q -o StrictHostKeyChecking=no \
-i "${REMOTE_SSH_KEY}" \
${REMOTE_SSH_HOST} \
-p ${REMOTE_SSH_PORT} \
-t 'docker-compose version --short' | grep -m1 "^1" > /dev/null 2>&1; then
echo -e "\e[33mWARN: The remote is using Docker-Compose v1!\e[0m"
echo -e "\e[33mmailcow will drop the Docker-Compose v1 Support in December 2022\e[0m"
echo -e "\e[33mPlease consider a upgrade to Docker-Compose v2 on remote.\e[0m"
echo
echo
echo -e "\e[33mContinuing...\e[0m"
sleep 3
COMPOSE_COMMAND="docker-compose"
else
echo -e "\e[31mCannot find Docker-Compose v1 or v2 on the Remote Machine! Please install Docker-Compose v2 on that and re-run the script.\e[0m"
exit 1
fi
}
preflight_local_checks
@@ -252,16 +294,18 @@ if ! ssh -o StrictHostKeyChecking=no \
fi
echo "OK"
echo -e "\033[1mPulling images on remote...\033[0m"
if ! ssh -o StrictHostKeyChecking=no \
-i "${REMOTE_SSH_KEY}" \
${REMOTE_SSH_HOST} \
-p ${REMOTE_SSH_PORT} \
docker-compose -f "${SCRIPT_DIR}/../docker-compose.yml" pull --no-parallel 2>&1 ; then
>&2 echo -e "\e[31m[ERR]\e[0m - Could not pull images on remote"
fi
echo -e "\e[33mPulling images on remote...\e[0m"
echo -e "\e[33mProcess is NOT stuck! Please wait...\e[0m"
echo -e "\033[1mForcing garbage cleanup on remote...\033[0m"
if ! ssh -o StrictHostKeyChecking=no \
-i "${REMOTE_SSH_KEY}" \
${REMOTE_SSH_HOST} \
-p ${REMOTE_SSH_PORT} \
$COMPOSE_COMMAND -f "${SCRIPT_DIR}/../docker-compose.yml" pull --no-parallel --quiet 2>&1 ; then
>&2 echo -e "\e[31m[ERR]\e[0m - Could not pull images on remote"
fi
echo -e "\033[1mExecuting update script and forcing garbage cleanup on remote...\033[0m"
if ! ssh -o StrictHostKeyChecking=no \
-i "${REMOTE_SSH_KEY}" \
${REMOTE_SSH_HOST} \

28
helper-scripts/backup_and_restore.sh
View File

@@ -76,6 +76,30 @@ else
CMPS_PRJ=$(echo ${COMPOSE_PROJECT_NAME} | tr -cd "[0-9A-Za-z-_]")
fi
echo "checking docker compose version...";
if docker compose >/dev/null 2>&1; then
echo -e "\e[32mFound Compose v2!\e[0m"
COMPOSE_COMMAND="docker compose"
elif docker-compose version --short | grep -m1 "^1" > /dev/null 2>&1; then
echo -e "\e[33mWARN: Your machine is using Docker-Compose v1!\e[0m"
echo -e "\e[33mmailcow will drop the Docker-Compose v1 Support in December 2022\e[0m"
echo -e "\e[33mPlease consider a upgrade to Docker-Compose v2.\e[0m"
echo
echo
echo -e "\e[33mContinuing...\e[0m"
sleep 3
COMPOSE_COMMAND="docker-compose"
else
echo -e "\e[31mCannot find Docker-Compose v1 or v2 on your System. Please install Docker-Compose v2 and re-run the Script.\e[0m"
exit 1
fi
if grep --help 2>&1 | head -n 1 | grep -q -i "busybox"; then
>&2 echo -e "\e[31mBusyBox grep detected on local system, please install GNU grep\e[0m"
exit 1
fi
function backup() {
DATE=$(date +"%Y-%m-%d-%H-%M-%S")
mkdir -p "${BACKUP_LOCATION}/mailcow-${DATE}"
@@ -226,7 +250,7 @@ function restore() {
continue
else
echo "Stopping mailcow..."
docker-compose -f ${COMPOSE_FILE} --env-file ${ENV_FILE} down
${COMPOSE_COMMAND} -f ${COMPOSE_FILE} --env-file ${ENV_FILE} down
fi
#docker stop $(docker ps -qf name=mysql-mailcow)
if [[ -d "${RESTORE_LOCATION}/mysql" ]]; then
@@ -264,7 +288,7 @@ function restore() {
sed -i --follow-symlinks "/DBROOT/c\DBROOT=${DBROOT}" ${SCRIPT_DIR}/../mailcow.conf
source ${SCRIPT_DIR}/../mailcow.conf
echo "Starting mailcow..."
docker-compose -f ${COMPOSE_FILE} --env-file ${ENV_FILE} up -d
${COMPOSE_COMMAND} -f ${COMPOSE_FILE} --env-file ${ENV_FILE} up -d
#docker start $(docker ps -aqf name=mysql-mailcow)
fi
;;

105
update.sh
View File

@@ -40,10 +40,28 @@ PATH=$PATH:/opt/bin
umask 0022
for bin in curl docker-compose docker git awk sha1sum; do
for bin in curl docker git awk sha1sum; do
if [[ -z $(which ${bin}) ]]; then echo "Cannot find ${bin}, exiting..."; exit 1; fi
done
echo "checking docker compose version...";
if docker compose >/dev/null 2>&1; then
echo -e "\e[32mFound Compose v2!\e[0m"
COMPOSE_COMMAND="docker compose"
elif docker-compose version --short | grep -m1 "^1" > /dev/null 2>&1; then
echo -e "\e[33mWARN: Your machine is using Docker-Compose v1!\e[0m"
echo -e "\e[33mmailcow will drop the Docker-Compose v1 Support in December 2022\e[0m"
echo -e "\e[33mPlease consider a upgrade to Docker-Compose v2.\e[0m"
echo
echo
echo -e "\e[33mContinuing...\e[0m"
sleep 3
COMPOSE_COMMAND="docker-compose"
else
echo -e "\e[31mCannot find Docker-Compose v1 or v2 on your System. Please install Docker-Compose v2 and re-run the Script.\e[0m"
exit 1
fi
export LC_ALL=C
DATE=$(date +%Y-%m-%d_%H_%M_%S)
BRANCH=$(cd ${SCRIPT_DIR}; git rev-parse --abbrev-ref HEAD)
@@ -235,18 +253,18 @@ while (($#)); do
echo -e "\e[32mRunning in forced mode...\e[0m"
FORCE=y
;;
--no-update-compose)
NO_UPDATE_COMPOSE=y
--skip-ping-check)
SKIP_PING_CHECK=y
;;
--help|-h)
echo './update.sh [-c|--check, --ours, --gc, --no-update-compose, --prefetch, --skip-start, -f|--force, -h|--help]
echo './update.sh [-c|--check, --ours, --gc, --no-update-compose, --prefetch, --skip-start, --skip-ping-check, -f|--force, -h|--help]
-c|--check - Check for updates and exit (exit codes => 0: update available, 3: no updates)
--ours - Use merge strategy option "ours" to solve conflicts in favor of non-mailcow code (local changes over remote changes), not recommended!
--gc - Run garbage collector to delete old image tags
--no-update-compose - Do not update docker-compose
--prefetch - Only prefetch new images and exit (useful to prepare updates)
--skip-start - Do not start mailcow after update
--skip-ping-check - Skip ICMP Check to public DNS resolvers (Use it only if you´ve blocked any ICMP Connections to your mailcow machine).
-f|--force - Force update, do not ask questions
'
exit 1
@@ -260,7 +278,7 @@ source mailcow.conf
DOTS=${MAILCOW_HOSTNAME//[^.]};
if [ ${#DOTS} -lt 2 ]; then
echo "MAILCOW_HOSTNAME (${MAILCOW_HOSTNAME}) is not a FQDN!"
echo "Please change it to a FQDN and run docker-compose down followed by docker-compose up -d"
echo "Please change it to a FQDN and run ${COMPOSE_COMMAND} down followed by ${COMPOSE_COMMAND} up -d"
exit 1
fi
@@ -533,12 +551,17 @@ elif [[ ${option} == "WATCHDOG_VERBOSE" ]]; then
fi
done
echo -en "Checking internet connection... "
if ! check_online_status; then
echo -e "\e[31mfailed\e[0m"
exit 1
if [[( ${SKIP_PING_CHECK} == "y")]]; then
echo -e "\e[32mSkipping Ping Check...\e[0m"
else
echo -e "\e[32mOK\e[0m"
echo -en "Checking internet connection... "
if ! check_online_status; then
echo -e "\e[31mfailed\e[0m"
exit 1
else
echo -e "\e[32mOK\e[0m"
fi
fi
echo -e "\e[32mChecking for newer update script...\e[0m"
@@ -569,13 +592,13 @@ if [ ! $FORCE ]; then
fi
echo -e "\e[32mValidating docker-compose stack configuration...\e[0m"
if ! docker-compose config -q; then
if ! ${COMPOSE_COMMAND} config -q; then
echo -e "\e[31m\nOh no, something went wrong. Please check the error message above.\e[0m"
exit 1
fi
echo -e "\e[32mChecking for conflicting bridges...\e[0m"
MAILCOW_BRIDGE=$(docker-compose config | grep -i com.docker.network.bridge.name | cut -d':' -f2)
MAILCOW_BRIDGE=$(${COMPOSE_COMMAND} config | grep -i com.docker.network.bridge.name | cut -d':' -f2)
while read NAT_ID; do
iptables -t nat -D POSTROUTING $NAT_ID
done < <(iptables -L -vn -t nat --line-numbers | grep $IPV4_NETWORK | grep -E 'MASQUERADE.*all' | grep -v ${MAILCOW_BRIDGE} | cut -d' ' -f1)
@@ -595,8 +618,8 @@ prefetch_images
echo -e "\e[32mStopping mailcow...\e[0m"
sleep 2
MAILCOW_CONTAINERS=($(docker-compose ps -q))
docker-compose down
MAILCOW_CONTAINERS=($(${COMPOSE_COMMAND} ps -q))
${COMPOSE_COMMAND} down
echo -e "\e[32mChecking for remaining containers...\e[0m"
sleep 2
for container in "${MAILCOW_CONTAINERS[@]}"; do
@@ -633,51 +656,16 @@ elif [[ ${MERGE_RETURN} == 1 ]]; then
elif [[ ${MERGE_RETURN} != 0 ]]; then
echo -e "\e[31m\nOh no, something went wrong. Please check the error message above.\e[0m"
echo
echo "Run docker-compose up -d to restart your stack without updates or try again after fixing the mentioned errors."
echo "Run ${COMPOSE_COMMAND} up -d to restart your stack without updates or try again after fixing the mentioned errors."
exit 1
fi
if [[ ${NO_UPDATE_COMPOSE} == "y" ]]; then
echo -e "\e[33mNot fetching latest docker-compose, please check for updates manually!\e[0m"
elif [[ -e /etc/alpine-release ]]; then
echo -e "\e[33mNot fetching latest docker-compose, because you are using Alpine Linux without glibc support. Please update docker-compose via apk!\e[0m"
else
echo -e "\e[32mFetching new docker-compose version...\e[0m"
echo -e "\e[32mTrying to determine GLIBC version...\e[0m"
if ldd --version > /dev/null; then
GLIBC_V=$(ldd --version | grep -E '(GLIBC|GNU libc)' | rev | cut -d ' ' -f1 | rev | cut -d '.' -f2)
if [ ! -z "${GLIBC_V}" ] && [ ${GLIBC_V} -gt 27 ]; then
DC_DL_SUFFIX=
else
DC_DL_SUFFIX=legacy
fi
else
DC_DL_SUFFIX=legacy
fi
sleep 1
if [[ ! -z $(which pip) && $(pip list --local 2>&1 | grep -v DEPRECATION | grep -c docker-compose) == 1 ]]; then
true
#prevent breaking a working docker-compose installed with pip
elif [[ $(curl -sL -w "%{http_code}" https://www.servercow.de/docker-compose/latest.php?vers=${DC_DL_SUFFIX} -o /dev/null) == "200" ]]; then
LATEST_COMPOSE=$(curl -#L https://www.servercow.de/docker-compose/latest.php)
COMPOSE_VERSION=$(docker-compose version --short)
if [[ "$LATEST_COMPOSE" != "$COMPOSE_VERSION" ]]; then
COMPOSE_PATH=$(which docker-compose)
if [[ -w ${COMPOSE_PATH} ]]; then
curl -#L https://github.com/docker/compose/releases/download/${LATEST_COMPOSE}/docker-compose-$(uname -s)-$(uname -m) > $COMPOSE_PATH
chmod +x $COMPOSE_PATH
else
echo -e "\e[33mWARNING: $COMPOSE_PATH is not writable, but new version $LATEST_COMPOSE is available (installed: $COMPOSE_VERSION)\e[0m"
fi
fi
else
echo -e "\e[33mCannot determine latest docker-compose version, skipping...\e[0m"
fi
fi
echo -e "\e[33mNot fetching latest docker-compose, please check for updates manually!\e[0m"
sleep 3
echo -e "\e[32mFetching new images, if any...\e[0m"
sleep 2
docker-compose pull
${COMPOSE_COMMAND} pull
# Fix missing SSL, does not overwrite existing files
[[ ! -d data/assets/ssl ]] && mkdir -p data/assets/ssl
@@ -698,9 +686,6 @@ fi
# Checking for old project name bug
sed -i --follow-symlinks 's#COMPOSEPROJECT_NAME#COMPOSE_PROJECT_NAME#g' mailcow.conf
# Checking old, wrong bindings
sed -i --follow-symlinks 's/HTTP_BIND=0.0.0.0/HTTP_BIND=/g' mailcow.conf
sed -i --follow-symlinks 's/HTTPS_BIND=0.0.0.0/HTTPS_BIND=/g' mailcow.conf
# Fix Rspamd maps
if [ -f data/conf/rspamd/custom/global_from_blacklist.map ]; then
@@ -735,11 +720,11 @@ else
fi
if [[ ${SKIP_START} == "y" ]]; then
echo -e "\e[33mNot starting mailcow, please run \"docker-compose up -d --remove-orphans\" to start mailcow.\e[0m"
echo -e "\e[33mNot starting mailcow, please run \"${COMPOSE_COMMAND} up -d --remove-orphans\" to start mailcow.\e[0m"
else
echo -e "\e[32mStarting mailcow...\e[0m"
sleep 2
docker-compose up -d --remove-orphans
${COMPOSE_COMMAND} up -d --remove-orphans
fi
echo -e "\e[32mCollecting garbage...\e[0m"
@@ -754,4 +739,4 @@ fi
#echo
#git reflog --color=always | grep "Before update on "
#echo
#echo "Use \"git reset --hard hash-on-the-left\" and run docker-compose up -d afterwards."
#echo "Use \"git reset --hard hash-on-the-left\" and run ${COMPOSE_COMMAND} up -d afterwards."