2290: rspamd may trigger HFILTER_HOSTNAME_UNKNOWN if part of the delivery chain is using ipv6 r=mergify[bot] a=nextgens
## What type of PR?
bug-fix
## What does this PR do?
This PR addresses the problem raised in #2260 : where rspamd may trigger HFILTER_HOSTNAME_UNKNOWN if part of the delivery chain is using ipv6. It may affect non v6 enabled setup and this is why it's proposed for backport.
The PR also sturdies up the warning about enabling v6 (as discussed during the last dev-meeting).
AAAA lookups in nginx were disabled when SSO was introduced as IP addresses were used to differentiate in between logins from webmails and others. Nowadays Mailu uses ports instead, so there is no reason not to re-enable it.
### Related issue(s)
- closes#2260
- #2272
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2281: Update alpine-linux to 3.14.4 - OpenSSL security FIX r=mergify[bot] a=willofr
## What type of PR?
Security fix
## What does this PR do?
Update Dockerfiles to use alpine-linux 3.14.4 which contains a security fix for openssl
https://alpinelinux.org/posts/Alpine-3.12.10-3.13.8-3.14.4-released.html
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
2285: Update names of language json files r=mergify[bot] a=ghostwheel42
## What type of PR?
bug-fix
## What does this PR do?
language json files of datatables i18n have been renamed
this updates the mappings to the current names
2286: Fix typo in Traefik reverse proxy docs r=mergify[bot] a=ghostwheel42
Slight typo in the Traefik reverse proxy docs. Found through running into the issue on my own instance.
## What type of PR?
documentation
## What does this PR do?
Adds #2282 to master
2287: Fix typo in docs: cert not certs r=mergify[bot] a=ghostwheel42
## What type of PR?
documentation
## What does this PR do?
just a typo
Co-authored-by: Will <will@packer-output-c8fcfb40-3d93-4475-8f87-e14a9dd683b6>
Co-authored-by: willofr <willofr@users.noreply.github.com>
Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
Co-authored-by: DAHPr0gram3r <cbillwork02@gmail.com>
2284: Fixing AUTH_RATELIMIT_IP not working on imap/pop3/smtp r=mergify[bot] a=fischerscode
#2283
## What type of PR?
bug-fix
## What does this PR do?
This fixes AUTH_RATELIMIT_IP not working on imap/pop3/smtp.
### Related issue(s)
closes#2283
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Maximilian Fischer <github@maaeps.de>
Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2255: Create a polite and turtle delivery queue to accommodate destinations that expect emails to be sent slowly r=mergify[bot] a=nextgens
## What type of PR?
Feature
## What does this PR do?
Create a polite and turtle delivery queue to accommodate destinations that expect emails to be sent slowly
### Related issue(s)
- closes#2213
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2277: Update RainLoop application.ini r=mergify[bot] a=the-djmaze
`contacts_autosave` is part of `[defaults]`, not `[plugins]`
Co-authored-by: the-djmaze <3752035+the-djmaze@users.noreply.github.com>
2210: Add input validation for domain creation r=mergify[bot] a=0pc0deFR
## What type of PR?
bug-fix
## What does this PR do?
This patch add the input validation for domain creation.
### Related issue(s)
- Mention an issue like: #1817
- Auto close an issue like: closes#1817
Co-authored-by: Kevin Falcoz <0pc0defr@gmail.com>
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2275: Fix2274: Inbound emails are rejected r=mergify[bot] a=nextgens
## What type of PR?
bug-fix
## What does this PR do?
Fix email reception
### Related issue(s)
- closes#2274
## Prerequisites
No documentation as this affects only people running master since yesterday
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
2265: Prevent an exception from being thrown if the username isn't an email address r=mergify[bot] a=nextgens
## What type of PR?
enhancement
## What does this PR do?
Mailu expects users to identify using an email address; some brute-force script don't send just an username and this leads to an exception... that makes the error message and return code vary.
This PR prevents the exceptions from being thrown in the first place
```
WARNING in nginx: Invalid user 'xxxx': (builtins.ValueError) invalid email address (no "`@")"`
```
### Related issue(s)
- closes#2261
- closes#1750
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
2254: Send ISRG_X1 on port 25, make DANE pin that r=mergify[bot] a=nextgens
## What type of PR?
bug-fix
## What does this PR do?
Ensure we send ISRG_X1 in the handshake on port 25 (non-interactive, size doesn't really matter).
Update the DANE pin to reflect the change.
I am not sure whether we will need to add --preferred-chain= in the future; This may be the case when letsencrypt decides to use X2/the ECDSA chain
This needs to be tested on a letsencrypt account that isn't mine (I'm opted in for the alternate cert chains)
### Related issue(s)
- closes#2138
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
There's already a towncrier news for it
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2253: Workaround the infamous coredns feature r=mergify[bot] a=nextgens
## What type of PR?
bug-fix
## What does this PR do?
Ensure that we set the ``DO`` flag on our queries to work around https://github.com/coredns/coredns/issues/5189
Add a FAQ entry to point users in the right direction in other cases (dnsmasq), discourage users from running Mailu without unbound
### Related issue(s)
- closes#2243
- closes#2239
- #2164
- #2163
- #2162
- #2135
- #1988
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
Dimitri Huisman