Tim Möhlmann
3c7bf58211
Upgrade PyYAML
...
CVE-2017-18342
Vulnerable versions: < 4.2b1
Patched version: 4.2b1
In PyYAML before 4.1, the yaml.load() API could execute arbitrary code. In other words, yaml.safe_load is not used.
6 years ago
mergify[bot]
d483ef3c2a
Merge pull request #792 from hoellen/admin-broken-links-1
...
fix broken webmail and logo url in admin
6 years ago
Tim Möhlmann
74fe177297
Merge pull request #785 from TheLegend875/feat-displayed-name
...
Feature: send auto reply with displayed name
6 years ago
hoellen
f617e82c06
fix broken webmail and logo url in admin
6 years ago
TheLegend875
999d2a9557
changed default.sieve to send displayed name
6 years ago
TheLegend875
2954d84790
added necessary ui elements
6 years ago
TheLegend875
56f4d4c894
fixed auto-forward
6 years ago
TheLegend875
5bdbbf60d7
fixed display of username when not logged in
6 years ago
Tim Möhlmann
19df86f13f
Merge pull request #764 from usrpro/fix-alias-bug
...
Added regex validation for alias username
6 years ago
Tim Möhlmann
3a5b763018
Option to disable full text search (lucene)
...
This is a workaround for the bug in issue #751
6 years ago
mergify-bot
983c388150
Merge branch 'master' into 'fix-localpart-chars'
6 years ago
mergify-bot
6cfb74e96c
Merge branch 'master' into 'fix-localpart-chars'
6 years ago
Tim Möhlmann
af086bbdbe
Include DKIM in VOLUME
6 years ago
hoellen
c041a9d45c
allow all characters for username in dovecot
6 years ago
Tim Möhlmann
24828615cf
Webmail on root, fixes #757
6 years ago
Ionut Filip
8fc2846924
Added regex validation for alias username
6 years ago
Tim Möhlmann
3c4ee1b31e
Merge pull request #743 from kaiyou/master
...
Fixes #738 regarding application context
6 years ago
ofthesun9
97b3a85090
Merge pull request #737 from hoellen/fix-alias-match-behaviour
...
fix alias match behaviour
6 years ago
mergify-bot
09a50b6cfc
Merge branch 'master' into 'master'
6 years ago
kaiyou
4060ac2223
Remove some forgotten debugging
6 years ago
kaiyou
087841d5b7
Fix the way we handle the application context
...
The init script was pushing an application context, which maked
flask.g global and persisted across requests. This was evaluated
to have a minimal security impact.
This explains/fixes #738 : flask_wtf caches the csrf token in the
application context to have a single token per request, and only
sets the session attribute after the first generation.
6 years ago
kaiyou
b5f51b0e2e
Update python dependencies
6 years ago
hoellen
8fe9e695f3
prefer non-wildcard aliases over wildcard aliases
6 years ago
Tim Möhlmann
c7dcfee882
Merge pull request #713 from pgeorgi/extend-nginx
...
nginx: Allow extending config with overrides
6 years ago
hoellen
79768c09f6
fix alias matching behaviour
6 years ago
Tim Möhlmann
6ca8ed437d
Merge pull request #732 from Nebukadneza/add_front_certificate_reload
...
Add certificate watcher for external certs to reload nginx
6 years ago
Dario Ernst
1aa97c9914
Add certificate watcher for external certs to reload nginx
...
In case of TLS_FLAVOR=[mail,cert], the user supplies their own certificates.
However, since nginx is not aware of changes to these files, it cannot
reload itself e.g. when the certs get renewed.
To solve this, let’s add a small daemon in the place of
`letsencrypt.py`, which uses a flexible file-watching framework and
reloads nginx in the case the certificates change ….
6 years ago
Tim Möhlmann
c00910ca4b
Merge remote-tracking branch 'upstream/master' into extend-nginx
6 years ago
Tim Möhlmann
97d338e68a
Rectify 'endif' placement
6 years ago
Tim Möhlmann
425cdd5e77
Fix syntax errors
6 years ago
Tim Möhlmann
20f1faf6d0
Send 404 when nothing server at '/'
...
Prevents Nginx welcome screen
6 years ago
Tim Möhlmann
2de4995fec
Don't redirect when webmail is served on '/'
6 years ago
Tim Möhlmann
f0906073e3
Merge remote-tracking branch 'upstream/master' into feat-subnet2
6 years ago
mergify[bot]
a634c7b72d
Merge pull request #725 from usrpro/fix-outlook2019-smtp
...
Add login method to smtp_auth under ssl
6 years ago
Tim Möhlmann
8172f3eab8
Move the Mailu Docker network to a fixed subnet.
...
This will make network configuration and host based authentication
more robust, across different deployment platforms.
The options `RELAYNETS` and`POD_ADDRESS_RANGE` are kept for compatibility.
However, their usage have become optional.
6 years ago
kaiyou
b6aaf57be1
Merge branch 'refactor-config' of github.com:kaiyou/mailu into refactor-config
6 years ago
kaiyou
d0f07984b0
Merge remote-tracking branch 'upstream/master' into refactor-config
6 years ago
Tim Möhlmann
9dd447e23b
Add login method to smtp_auth under ssl
...
Fixes #704
6 years ago
Patrick Georgi
eac4d553a9
nginx: Allow extending config with overrides
...
To facilitate this, the default redirect at / can be disabled, even if
the default remains at redirecting to the webmailer.
The extensions are within the host scope and are read from
$ROOT/overrides/nginx/*.conf.
6 years ago
mergify[bot]
2d4bac03ad
Merge pull request #723 from usrpro/clean-healthcheck-logs
...
Admin: Prevent redirects during health checking
6 years ago
mergify[bot]
a382f74680
Merge pull request #705 from usrpro/fix-recaptcha
...
Fix recaptcha
6 years ago
mergify[bot]
37027cfce7
Merge pull request #633 from kaiyou/fix-sender-checks
...
Improve sender checks
6 years ago
Tim Möhlmann
d18cf7cb25
Prevent redirects during health checking
6 years ago
Tim Möhlmann
c9df311a0d
Set forward_destination to an empty list
...
The value of `None` resulted in an error, since a list was expected.
6 years ago
Tim Möhlmann
eff6c34632
Catch asterisk before resolve_domain
...
Asterisk results in IDNA error and a 500 return code.
6 years ago
David Rothera
88c174fb7a
Query alternative table for domain matches
...
At present postfix checks this view for matches in the domain table and is used to accept/deny messages sent into it however it never checks for matches in the alternative table.
Fixes #718
6 years ago
Ionut Filip
fed7146873
Captcha check on signup form
6 years ago
Tim Möhlmann
4783e61693
Fix password context
...
Fixes the following error:
```
admin_1 | [2018-11-09 09:44:10,533] ERROR in app: Exception on /internal/auth/email [GET]
admin_1 | Traceback (most recent call last):
admin_1 | File "/usr/lib/python3.6/site-packages/flask/app.py", line 2292, in wsgi_app
admin_1 | response = self.full_dispatch_request()
admin_1 | File "/usr/lib/python3.6/site-packages/flask/app.py", line 1815, in full_dispatch_request
admin_1 | rv = self.handle_user_exception(e)
admin_1 | File "/usr/lib/python3.6/site-packages/flask/app.py", line 1718, in handle_user_exception
admin_1 | reraise(exc_type, exc_value, tb)
admin_1 | File "/usr/lib/python3.6/site-packages/flask/_compat.py", line 35, in reraise
admin_1 | raise value
admin_1 | File "/usr/lib/python3.6/site-packages/flask/app.py", line 1813, in full_dispatch_request
admin_1 | rv = self.dispatch_request()
admin_1 | File "/usr/lib/python3.6/site-packages/flask/app.py", line 1799, in dispatch_request
admin_1 | return self.view_functions[rule.endpoint](**req.view_args)
admin_1 | File "/usr/lib/python3.6/site-packages/flask_limiter/extension.py", line 544, in __inner
admin_1 | return obj(*a, **k)
admin_1 | File "/app/mailu/internal/views/auth.py", line 18, in nginx_authentication
admin_1 | headers = nginx.handle_authentication(flask.request.headers)
admin_1 | File "/app/mailu/internal/nginx.py", line 48, in handle_authentication
admin_1 | if user.check_password(password):
admin_1 | File "/app/mailu/models.py", line 333, in check_password
admin_1 | context = User.pw_context
admin_1 | AttributeError: type object 'User' has no attribute 'pw_context'
```
6 years ago
kaiyou
72e1b444ca
Merge alembic migrations
6 years ago
kaiyou
5b769e23da
Merge branch 'master' into refactor-config
6 years ago