1635: Add support for AUTH LOGIN authentication mechanism for relaying emai… r=mergify[bot] a=Diman0
…l via smart hosts.
## What type of PR?
Feature
## What does this PR do?
This PR adds support to postfix for AUTH LOGIN authentication mechanism. This enables using smart hosts which only offer AUTH LOGIN.
### Related issue(s)
- Auto close an issue like: closes#1633
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [n/a] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
1613: Add warnings about Dockers IPv6 solution r=mergify[bot] a=Simonmicro
## What type of PR?
enhancement
## What does this PR do?
Added some warnings and explanations about the current Docker ipv6 situation as suggested in https://github.com/Mailu/Mailu/issues/1578.
### Related issue(s)
closes#1578
## Prerequistes
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.
1617: relax TLS settings on port 25 r=mergify[bot] a=lub
Because basically every MTA out there uses opportunistic TLS _in
the best case_, it's actually counter productive to use such strict
settings.
The alternative to a handshake error is often an unencrypted submission,
which is basically the opposite of what strict ssl_protocols and
ssl_ciphers tries to achieve.
Even big and established providers like Amazon SES are incompatible with the current
settings.
This reverts commit 2ddf46ad2b.
## What type of PR?
bug-fix
## What does this PR do?
### Related issue(s)
- this reverts #1398
- the settings in this PR were initially introduced in #1321 and intentionally divert from tls.conf
cc @bladeswords as they introduced the current config
1636: Add config file for the "stale" robot to clean up issues r=mergify[bot] a=Nebukadneza
## What type of PR?
enhancement
## What does this PR do?
With this, and the already activated github-app, the stale robot will
mark and subsequently close issues as specified in the config.
Currently we mark after 21 days, close after 7 more days, and ignore
issues with an assigned priority or milestone.
### Related issue(s)
Related: #1582
## Prerequistes
- No: In case of feature or enhancement: documentation updated accordingly
- No: Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.
Co-authored-by: Simonmicro <simon@simonmicro.de>
Co-authored-by: lub <git@lubiland.de>
Co-authored-by: Dario Ernst <dario.ernst@rommelag.com>
1629: Add mergify team-members r=Nebukadneza a=Nebukadneza
## What type of PR?
enhancement
## What does this PR do?
Sync the newly added team-members to the mergify team-regex so that they will benefit from the "team needs only one approve" rule
### Related issue(s)
## Prerequistes
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.
Co-authored-by: Dario Ernst <dario.ernst@rommelag.com>
With this, and the already activated github-app, the stale robot will
mark and subsequently close issues as specified in the config.
Currently we mark after 21 days, close after 7 more days, and ignore
issues with an assigned priority or milestone.
1615: Create ISSUE_TEMPLATE.md r=Nebukadneza a=Diman0
Add bug template to be used for reporting issues.
## What type of PR?
Feature?
## What does this PR do?
Add bug template which we will use to get better quality bug reports.
### Related issue(s)
- Auto close an issue like: closes#1331
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [N/A] In case of feature or enhancement: documentation updated accordingly
- [N/A] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.
Co-authored-by: Dimitri Huisman <52963853+Diman0@users.noreply.github.com>
Co-authored-by: Dario Ernst <dario@kanojo.de>
Because basically every MTA out there uses opportunistic TLS _in
the best case_, it's actually counter productive to use such strict
settings.
The alternative to a handshake error is often an unencrypted submission,
which is basically the opposite of what strict ssl_protocols and
ssl_ciphers tries to achieve.
Even big and established providers like Amazon SES are incompatible with the current
settings.
This reverts commit 2ddf46ad2b.
1601: Fixing documentation minor typo r=mergify[bot] a=akevinieron
## What type of PR?
Documentation
## What does this PR do?
Fixing minor typo on certificate section
## Related issue(s)
N/A
Co-authored-by: Kevin Jimenez <kevinjimenezlorenzo@gmail.com>
1603: fixed workflow example in documentation r=mergify[bot] a=ghostwheel42
## What type of PR?
documentation
## What does this PR do?
fix error in workflow example. use "git remote add" to add upstream as remote.
### Related issue(s)
-/-
Co-authored-by: Alexander Graf <agraf@kevag-telekom.de>
1599: Fix hardcoded reference to admin container. r=mergify[bot] a=Nebukadneza
Superseding #1330
## What type of PR?
big-fix
## What does this PR do?
Fixes a hardcoded reference to ``admin`` container which may or may not be called ``admin`` in reality, since the user may eventually to name the container otherwise.
### Related issue(s)
- closes#1323
- subsumes #1324
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- Minor bug-fix, no additional documentation needed.
Co-authored-by: Richard Gomes <rgomes.info@gmail.com>
1600: Force setup-file download scheme to HTTPS r=mergify[bot] a=Nebukadneza
## What type of PR?
bug-fix
## What does this PR do?
Up until now HTTPS was only offered by redirect, making MitM possible
before server redirect hit the client.
Add scheme-force to HTTPS to the url-generation.
### Related issue(s)
- fixes#963
## Prerequistes
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.
Co-authored-by: Dario Ernst <dario.ernst@rommelag.com>
1553: Added FAQ about SMTP Banner r=mergify[bot] a=arother
## What type of PR?
documentation
## What does this PR do?
Adding FAQ about SMTP Banner
### Related issue(s)
- closes#1368
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
Co-authored-by: Andreas Rother <andreas@rother.org>
Co-authored-by: Dario Ernst <github@kanojo.de>
Up until now HTTPS was only offered by redirect, making MitM possible
before server redirect hit the client.
Add scheme-force to HTTPS to the url-generation.
fixes#963
Changing Hostname in the .env and in the banner might lead to various breakages of the setup — so don’t advise it to users in the FAQ.
Co-authored-by: Thomas Sänger <thomas@gecko.space>
1596: Fix ANTIVIRUS line in mailu.env file r=mergify[bot] a=Diman0
The ANTIVIRUS line is commented in mailu.env file. Each mailu.env file generated by setup.mailu.io will have the antivirus line commented. Removed the # so that antivirus works again for new deployments.
## What type of PR?
bug fix
## What does this PR do?
### Related issue(s)
- #1595
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [N/A ] In case of feature or enhancement: documentation updated accordingly
- [ N/A minor change] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.
Co-authored-by: Dimitri Huisman <52963853+Diman0@users.noreply.github.com>
The ANTIVIRUS line is commented in mailu.env file. Each mailu.env file generated by setup.mailu.io will have the antivirus line commented. Removed the # so that antivirus works again for new deployments.
1586: Add documentation in regard to the spam filter in Mailu. Added all su… r=mergify[bot] a=Diman0
…ggestions from Liquidat and Nebukadneza..
I have added the suggestions mentioned in pull request #1575
## What type of PR?
Adds FAQ section 'Spam filtering' that describes how spam filtering works. It also describes how you can create your own local black list. This enables the user to set up a map that can be live-updated via Rspamd webgui for blocking emails from listed sender domains.
## What does this PR do?
### Related issue(s)
#1167#1566
Closes issue #1167
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
[ N/A] In case of feature or enhancement: documentation updated accordingly
[ Done] Unless it's docs or a minor change: add changelog entry file.
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
1587: Pin test/build pip-dependencies to their last known versions r=mergify[bot] a=Nebukadneza
## What type of PR?
bug-fix
## What does this PR do?
Fix current travis docker API-version mismatches … in a crude, but safe
way.
### Related issue(s)
None
## Prerequistes
- [x] no docs
- [x] minor change
Co-authored-by: Dario Ernst <dario@kanojo.de>
1541: alpine 3.12 as base image r=mergify[bot] a=ofthesun9
## What type of PR?
Keep in sync with alpine devel
alpine 3.12 was [released](https://alpinelinux.org/posts/Alpine-3.12.0-released.html) on 29 May 2020.
Update for the main services:
nginx 1.18 (vs 1.16)
dovecot 2.3.10 (unchanged)
postfix 3.5.2 (vs 3.4.7)
rspamd 2.5 (vs 1.9.4)
clamav 0.102/3 (vs 0.101.5)
fetchmail 6.4.5
## What does this PR do?
Mostly Dockerfile modification
Co-authored-by: ofthesun9 <olivier@ofthesun.net>
1570: Update webmail.yaml r=mergify[bot] a=DerH4NNES
Duplicated "ports:"
## What type of PR?
bug-fix
## What does this PR do?
fixes service specs
### Related issue(s)
/
Co-authored-by: Sascha Hannes <saschahannes@web.de>
1511: Setup, compose: add note about reverse DNS r=mergify[bot] a=liquidat
## What type of PR?
documentation
## What does this PR do?
If the [mailu setup utility](https://setup.mailu.io/master/) is used with the Compose flavor, in step 4 a list of public host names needs to be provided:
![Screenshot from 2020-05-17 01-54-06](https://user-images.githubusercontent.com/1998084/82132563-5227d780-97e1-11ea-85ed-fa5d5108e24e.png)
The [first entry in this list is configured as hostname by postfix](ddac2672fc/core/postfix/conf/main.cf (L10)). That is crucial: if the reverse DNS entry for that host is not the same as this first entry in this list, it will be a mismatch between rDNS and HELO, which will lead to bad scoring in many spam filters.
This commit clarifies that point.
It also fixes a missing parenthesis.
### Related issue(s)
- (none)
## Prerequistes
- (none applicable)
Co-authored-by: liquidat <liquidat@bayz.de>
1526: Use Radicale 3.x for webdav service r=mergify[bot] a=ofthesun9
- remove -f flag in Dockerfile CMD
- remove deprecated daemon and dns_lookup settings from radicale.conf
- move realm setting from [server] to [auth] in radicale.conf
- add newsfragment
## What type of PR?
Miscellaneous
## What does this PR do?
Modifications in Dockerfile and radicale.conf to get Radicale 3.0 service building properly.
Functional tests would be needed before merge.
### Related issue(s)
- closes#1512
## Prerequistes
- [X] In case of feature or enhancement: documentation updated accordingly
Co-authored-by: ofthesun9 <olivier@ofthesun.net>
1557: Explicitly define ProxyFix options r=mergify[bot] a=brian-maloney
## What type of PR?
bug-fix
## What does this PR do?
This PR explicitly defines the options for the ProxyFix module, which fixes a regression in admin behind a reverse proxy.
### Related issue(s)
- #1309
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [X] In case of feature or enhancement: documentation updated accordingly
- [X] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.
This is a bugfix, so not doc changes, and it's an extremely minor change.
Co-authored-by: Brian Maloney <3286425+brian-maloney@users.noreply.github.com>
1538: Introduce environment variable to control dovecot full-text-search r=mergify[bot] a=tremlin
## What type of PR?
Enhancement
## What does this PR do?
In #1320 a full-text-search feature was enabled in Dovecot by default. Since this can have a big impact on performance, I think it's preferable to offer an option to disable the feature if it is not needed. This PR doesn't change the default behavior (FTS on).
### Related issue(s)
- #1320
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [ ] In case of feature or enhancement: documentation updated accordinagly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.
Co-authored-by: Thomas Rehn <thomas.rehn@initos.com>
1499: Harmonization of the various docker-compose.yml templates r=mergify[bot] a=ofthesun9
## What type of PR?
Mainly documentation and update of the docker-compose.yml templates
## What does this PR do?
- Update of setup/flavors/stack/docker-compose.yml and docs/compose/docker-compose.yml to keep parity with setup/flavors/compose/docker-compose.yml (last changes with pr1444)
- Also refresh of the mkdir command found in setup/flavors/stack/setup.html to cope with the creation of mailqueue; overrides/nginx, overrides/dovecot folders.
### Related issue(s)
None
## Prerequistes
- [x] In case of feature or enhancement: documentation updated accordingly
Co-authored-by: ofthesun9 <olivier@ofthesun.net>
1478: Allow to enforce TLS for outbound r=mergify[bot] a=micw
using OUTBOUND_TLS_LEVEL=encrypt (default is 'may')
## What type of PR?
enhancement
## What does this PR do?
Add an option to postfix to enforce outbound traffic to be TLS encrypted.
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.
1501: In setup/flavor, change DMARC RUA and RUF email default settings r=mergify[bot] a=ofthesun9
## What type of PR?
bug-fix
## What does this PR do?
This PR changes the default value used to set DMARC_RUA and DMARC_RUF:
DMARC_RUA and DMARC_RUF defaults will reuse the value defined for POSTMASTER,
instead of 'admin' as previously.
Please note that the setup tool doesn't allow (yet?) to define dmarc_rua nor dmarc_ruf, so the default value is indeed used for the time being.
### Related issue(s)
closes#1463
## Prerequistes
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.
1532: Replace SMPT with SMTP r=mergify[bot] a=dhoppe
1543: Disable Health checks on swarm mode r=mergify[bot] a=ofthesun9
ref: https://github.com/moby/moby/issues/35451
## What type of PR?
bug-fix
## What does this PR do?
Modify the docker-compose.yml template used by setup (swarm flavor) to disable Health checks on swarm mode for each service
### Related issue(s)
closes#1289
## Prerequistes
- [x] add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.
Co-authored-by: Michael Wyraz <michael@wyraz.de>
Co-authored-by: ofthesun9 <olivier@ofthesun.net>
Co-authored-by: Dennis Hoppe <github@debian-solutions.de>