2129 Commits (2ddf46ad2b5054988ea5b270dcdb88ea80e6067e)
 

Author SHA1 Message Date
bladeswords 2ddf46ad2b
Update crypto to be modern and inline with tls.conf
Updated to match tls.conf and be aligned to more modern cryptographic standards and only use currently secure protocols and ciphers.
5 years ago
bors[bot] b8b1699f9e
Merge #1359
1359: Refactor the rate limiting code r=mergify[bot] a=kaiyou

## What type of PR?

Enhancement

## What does this PR do?

Rate limiting was already redesigned to use Python limits. This
introduced some unexpected behavior, including the fact that only
one criteria is supported per limiter. Docs and setup utility are
updated with this in mind.

Also, the code was made more generic, so limiters can be delivered
for something else than authentication. Authentication-specific
code was moved directly to the authentication routine.

### Related issue(s)

No specific issue.

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: kaiyou <pierre@jaury.eu>
5 years ago
bors[bot] a3c6002a0a
Merge #1321
1321: Upgrading nginx TLS configuration r=mergify[bot] a=radtkedev

## What type of PR?

Enhancement

## What does this PR do?

Upgrades the TLS protocols and ciphers to the recommended "Intermediate Configuration" and sets the "Old Configuration" for port 25 (SMTP) based on the [Mozilla SSL Configuration Generator](https://ssl-config.mozilla.org/) and adjusted for the nginx mail proxy.

Co-authored-by: Tom Radtke <tom@radtke.dev>
5 years ago
bors[bot] 1ca4d6769c
Merge #1349
1349: Add support for SRS, related to #328 r=mergify[bot] a=kaiyou

## What type of PR?

Feature

## What does this PR do?

It implements SRS using a Python SRS library.

### Related issue(s)
- closes #328 

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: kaiyou <pierre@jaury.eu>
5 years ago
Weblate cc4720d890 Merge branch 'origin/master' into Weblate 5 years ago
NeroPcStation 365f21007d Translated using Weblate (Polish)
Currently translated at 90.2% (147 of 163 strings)

Translation: Mailu/admin
Translate-URL: https://translate.tedomum.net/projects/mailu/admin/pl/
5 years ago
kaiyou 8e88f1b8c3 Refactor the rate limiting code
Rate limiting was already redesigned to use Python limits. This
introduced some unexpected behavior, including the fact that only
one criteria is supported per limiter. Docs and setup utility are
updated with this in mind.

Also, the code was made more generic, so limiters can be delivered
for something else than authentication. Authentication-specific
code was moved directly to the authentication routine.
5 years ago
bors[bot] 770d09b05b
Merge #1351
1351: Add some faq entries r=hoellen a=kaiyou

## What type of PR?

Documentation

## What does this PR do?

Add missing faq entries

### Related issue(s)
- Closes: #853 
- Closes: #897 
- Closes: #1090 
- Closes: #1315

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: kaiyou <pierre@jaury.eu>
5 years ago
kaiyou 76d2094b07 Apply suggestions from code review
Co-Authored-By: hoellen <hoellen@users.noreply.github.com>
5 years ago
kaiyou a39249a43a
Update docs/faq.rst
Co-Authored-By: hoellen <hoellen@users.noreply.github.com>
5 years ago
bors[bot] 00d49e2986
Merge #1350
1350: Update the tlv1 faq to indicate that a full config rewrite is required r=mergify[bot] a=kaiyou

## What type of PR?

Documentation

## What does this PR do?

Update the tlv1 faq to indicate that a full config rewrite is required

### Related issue(s)
- Closes: #944 

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: kaiyou <pierre@jaury.eu>
5 years ago
kaiyou 7507345ce9 Fix encoding of custom fields in fetchmailrc 5 years ago
bors[bot] cd3aca3609
Merge #1334
1334: Update RainLoop to 1.14.0 r=kaiyou a=hoellen

## What type of PR?

enhancement

## What does this PR do?
Update RainLoop to 1.14.0 (see [here](https://github.com/RainLoop/rainloop-webmail/releases/tag/v1.14.0))

Co-authored-by: hoellen <dev@hoellen.eu>
5 years ago
kaiyou 6edf7a7896 Add some faq entries 5 years ago
kaiyou 450be78898 Update the tlv1 faq to indicate that a full config rewrite is required 5 years ago
kaiyou 6ad9b7c2b2 Add a newsfragment 5 years ago
Weblate b248f6a800 Merge branch 'origin/master' into Weblate 5 years ago
Andrási István 395a0d14dc Translated using Weblate (Hungarian)
Currently translated at 100.0% (163 of 163 strings)

Translation: Mailu/admin
Translate-URL: https://translate.tedomum.net/projects/mailu/admin/hu/
5 years ago
hoellen 9c2390ff7e Update RainLoop to 1.14.0 5 years ago
bors[bot] 96f832835a
Merge #1278
1278: Limiter implementation r=kaiyou a=micw

## What type of PR?

(Feature, enhancement, bug-fix, documentation)

## What does this PR do?

Adds a custom limter based on the "limits" lirary that counts up on failed auths only

### Related issue(s)
- closes #1195
- closes #634

## Prerequistes

- [X] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Michael Wyraz <michael@wyraz.de>
Co-authored-by: micw <michael@wyraz.de>
5 years ago
bors[bot] 0bc10b7bc5
Merge #1269
1269: Add Fail2Ban section r=hoellen a=iohenkies

## What type of PR?
documentation

## What does this PR do?
This PR adds documentation to setup Fail2Ban to secure Mailu.

### Related issue(s)
- closes #1263

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.

edit [@hoellen]: Give information about the PR and link issue.

Co-authored-by: iohenkies <33115951+iohenkies@users.noreply.github.com>
5 years ago
iohenkies ae6f82984d Add Fail2Ban section 5 years ago
bors[bot] 9db709515a
Merge #1308
1308: Use redis 5 on k8s & add selector r=mergify[bot] a=der-eismann

## What type of PR?
Enhancement

## What does this PR do?
This PR is updating Redis to version 5 in the kubernetes manifests. It is already used in the compose and swarm files, so I don't expect any incompatibilities. There is no necessary migration, you just can't go back.
In addition I added a selector to the manifest and applied a consistent formatting.

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Philipp Trulson <philipp@trulson.de>
5 years ago
Tom Radtke 4f973f63e6
Upgrading nginx TLS configuration 5 years ago
bors[bot] 761fade9a9
Merge #1316
1316: Fix the encoding of incoming user email and password r=mergify[bot] a=kaiyou

## What type of PR?

Bug fix

## What does this PR do?

As described in the changes, RFC2616 states that header should be considered ISO8859-1 in HTTP, which obviously nginx does not really care about when forwarding the password from SMTP authentication to the backend. Hence, we need to encode-then-decode passwords to get the proper value in case a special char is in there.

### Related issue(s)
- This fixes #1139 
- This is also related to #1281 
- This is also related to #1139

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: kaiyou <pierre@jaury.eu>
5 years ago
bors[bot] ad041094e5
Merge #1319
1319: Upgrading to a 2048-bit DKIM key r=mergify[bot] a=radtkedev

## What type of PR?

Enhancement

## What does this PR do?

Upgrades to a 2048-bit DKIM key from the currently used and outdated 1024-bit DKIM key.

### Related issue(s)
- #1301 

Co-authored-by: Tom Radtke <tom@radtke.dev>
5 years ago
Tom Radtke 9d213b213a
Upgrading to a 2048-bit DKIM key 5 years ago
Torben Jensen 6f910c5738 Translated using Weblate (Danish)
Currently translated at 80.8% (122 of 151 strings)

Translation: Mailu/admin
Translate-URL: https://translate.tedomum.net/projects/mailu/admin/da/
5 years ago
kaiyou bd69b7a491 Add support for SRS, related to #328 5 years ago
kaiyou e80589dda4 Add the newsfragment 5 years ago
kaiyou 9b7a027d6f Fix the encoding of incoming user email and password 5 years ago
Weblate 869f230e0d Merge branch 'origin/master' into Weblate 5 years ago
Torben Jensen 619a87a821 Added translation using Weblate (Danish) 5 years ago
bors[bot] 5fe6169e75
Merge #1312
1312: Fixed small typo r=mergify[bot] a=thunderstorm99

## What type of PR?
I fixed a small typo in the documentation regarding the MX record on the demo site.

Co-authored-by: Nils Jakobi <jakobi.nils@gmail.com>
5 years ago
Nils Jakobi c4fbc93171
Fixed small typo 5 years ago
bors[bot] 1db4fe59a2
Merge #1303
1303: Update database.rst r=mergify[bot] a=AndreKoepke

Correct keyword for postgresql-flavor

## What type of PR?

documentation

## What does this PR do?
Fix wrong key in docs

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: AndreKoepke <andre.koepke@haw-hamburg.de>
5 years ago
bors[bot] 812439332a
Merge #1299
1299: Don't remove the address extension in postfix r=mergify[bot] a=RobertMe

## What type of PR?
Bugfix

## What does this PR do?
Currently when the mail address is looked up by Postfix (using the admin
part) the address extension is removed. This is due to the address
extension being removed to look up the user, and afterwards returning
the users mail address. But by not returning the mail address including
the address extension it also isn't part anymore in the LMTP
communication to Dovecot. So Dovecot doesn't know about the extension,
and in turn the address extension can't be used in Sieve mail filtering.

This change fixes that by returning the original address by just
concatinating the "localpart" and domain again when the user is found.

### Related issue(s)
Fixes #982

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Robert Meijers <robert.meijers@gmail.com>
5 years ago
bors[bot] 6ae06f0b2d
Merge #1307
1307: Update Roundcube to 1.4.2 r=hoellen a=hoellen

## What type of PR?
enhancement

## What does this PR do?
Update Roundcube to 1.4.2 (see [here](https://github.com/roundcube/roundcubemail/releases/tag/1.4.2))


Co-authored-by: hoellen <dev@hoellen.eu>
5 years ago
Philipp Trulson 3b9281501a Use redis 5 on k8s & add selector 5 years ago
hoellen 94bfd7770b Update Roundcube to 1.4.2 5 years ago
Weblate 97b9098eb9 Merge branch 'origin/master' into Weblate 5 years ago
Angedestenebres c09f046ba7 Translated using Weblate (French)
Currently translated at 100.0% (163 of 163 strings)

Translation: Mailu/admin
Translate-URL: https://translate.tedomum.net/projects/mailu/admin/fr/
5 years ago
micw 7688caa784
Add missing self. 5 years ago
bors[bot] bd92cea3cb
Merge #1305
1305: Certwatcher: Use polling observer to workaround some symlink limitations r=mergify[bot] a=micw

## What type of PR?

bug-fix

## What does this PR do?

switch from inotify observer to polling observer to properly handle scenarios where the certs are symlinks to symlinks (e.g. on kubernetes with mounted secrets).

### Related issue(s)
- closes #1302

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

minor fix only


Co-authored-by: Michael Wyraz <michael@wyraz.de>
5 years ago
Michael Wyraz ace475d23c Certwatcher: Use polling observer to workaround some symlink limitations 5 years ago
AndreKoepke b42b48b836
Update database.rst
Correct keyword for postgresql-flavor
5 years ago
Robert Meijers 989e4d5db5 Don't remove the address extension in postfix
Currently when the mail address is looked up by Postfix (using the admin
part) the address extension is removed. This is due to the address
extension being removed to look up the user, and afterwards returning
the users mail address. But by not returning the mail address including
the address extension it also isn't part anymore in the LMTP
communication to Dovecot. So Dovecot doesn't know about the extension,
and in turn the address extension can't be used in Sieve mail filtering.

This change fixes that by returning the original address by just
concatinating the "localpart" and domain again when the user is found.

Fixes #982
5 years ago
bors[bot] 5d20f2893a
Merge #1291
1291: Upgrade alpine to get new clamav. r=mergify[bot] a=youngnicks

## What type of PR?
bug-fix

## What does this PR do?
Upgrades alpine version to get new clamav. Also upgrades clamav config to latest variable names.

### Related issue(s)
- Auto close an issue like: closes #1290


Co-authored-by: Nick Young <nick@bublup.com>
5 years ago
Nick Young 0281205313
Upgrade alpine to get new clamav. 5 years ago
Weblate 2b503332a0 Merge branch 'origin/master' into Weblate 5 years ago