3257 Commits (42fceb622b0babfe2089b409ce745d8dc1381ff5)
 

Author SHA1 Message Date
lub 66db1f8fd0 add OCSP stapling to nginx.conf
It's not added in tls.conf, because apparently the mail ssl module
doesnt' support OCSP stapling.

https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_stapling
^ exists

https://nginx.org/en/docs/mail/ngx_mail_ssl_module.html#ssl_stapling
^ missing

When the configured certificate doesn't have OCSP information, it'll
just log a warning during startup.
4 years ago
Dario Ernst f3313fa26c Remove <> tags as they break markdown rendering 4 years ago
Dario Ernst 2e574d7ffb Fix issue-template whitespacing; Add some small formatting 4 years ago
lub 0cb0a26d95 relax TLS settings on port 25
Because basically every MTA out there uses opportunistic TLS _in
the best case_, it's actually counter productive to use such strict
settings.

The alternative to a handshake error is often an unencrypted submission,
which is basically the opposite of what strict ssl_protocols and
ssl_ciphers tries to achieve.

Even big and established providers like Amazon SES are incompatible with the current
settings.

This reverts commit 2ddf46ad2b.
4 years ago
Wolfgang Jung 1f4e9165fa Disables unencrypted http on TLS_ERROR 4 years ago
Dimitri Huisman 8b0e2edc52
Create ISSUE_TEMPLATE.md
Add bug template to be used for reporting issues.
4 years ago
Simonmicro eca00905cf
Minor formulation 4 years ago
Simonmicro 4a5678f571
Added explaining message about the current ipv6 problem 4 years ago
Simonmicro db440d46be
Added line of warning 4 years ago
Alexander Graf 8e14aa80ee documented options and added help text 4 years ago
Alexander Graf 9d2327b0f1 add space for more human readable indentation
add a newline before main sections
add some spaces to indent
4 years ago
Wolfgang Jung f999e3de08 Adds own server on port 80 for letsencrypt and redirect 4 years ago
lub 05e2af1802
fix small typo in Auth-SSL 4 years ago
lub d348477efc add towncrier for 1610 4 years ago
lub f0f873ffe7 add option to enforce inbound starttls 4 years ago
lub 714fa044e0 add towncrier for #1607 4 years ago
lub 426355f6b8 add some docs about _FILE variables 4 years ago
lub 02cfe326d3 support using files for SECRET_KEY and DB_PW
this enables usage of e.g. docker swarm secrets instead of exposing the
passwords directly via environment variables

just use DB_PW_FILE and SECRET_KEY_FILE instead of DB_PW and SECRET_KEY
4 years ago
Alexander Graf ffbeabeb6f updated test to use --verbose flag
--verbose (or -v) is now a flag and not an option
4 years ago
Alexander Graf 85de702129 small typo. Change 'omitting' to 'commiting' 4 years ago
Alexander Graf 0cf91f35a4 moved change log entry to towncrier 4 years ago
bors[bot] 550065b043
Merge #1601
1601: Fixing documentation minor typo r=mergify[bot] a=akevinieron

## What type of PR?
Documentation

## What does this PR do?
Fixing minor typo on certificate section

## Related issue(s)
N/A

Co-authored-by: Kevin Jimenez <kevinjimenezlorenzo@gmail.com>
4 years ago
Alexander Graf bc9362685b Merge remote-tracking branch 'upstream/master' into import-export 4 years ago
Alexander Graf 3a5a15a5e6 updated documentation and changelog
added some documentation for cli commands config-dump and config-update
4 years ago
Alexander Graf 69ccf791d2 fixed data import via from_dict
- stabilized CommaSeparatedList by sorting values
- CommaSeparatedList can now handle list and set input

- from_dict now handles mapped keys
- from_dict now handles null values

- class Domain: handle dkim-key None correctly
- class User: delete obsolete keys after converting
- class Alias: now uses Email._dict_input
4 years ago
Alexander Graf 190e7a709b renamed config-dump option --verbose to --full 4 years ago
bors[bot] 61e06ebbf9
Merge #1603
1603: fixed workflow example in documentation r=mergify[bot] a=ghostwheel42

## What type of PR?

documentation

## What does this PR do?

fix error in workflow example. use "git remote add" to add upstream as remote.

### Related issue(s)

-/-

Co-authored-by: Alexander Graf <agraf@kevag-telekom.de>
4 years ago
Alexander Graf 5c0efe82cf implemented config_update and config_dump
enhanced data model with to_dict and from_dict methods
added config_dump function to manage command
config_update now uses new data model methods
4 years ago
Alexander Graf c26ddd3c68 fixed user's destination property
self.forward_destination is a list (and not string)
4 years ago
Alexander Graf 5dfccdafe9 fixed some minor typos, removed unused variable 4 years ago
Alexander Graf 669d8da9ac fixed workflow example in documentation
use "git remote add" instead of "git add remote"
4 years ago
Kevin Jimenez b86dc12c1f
Fixing documentation minor typo 4 years ago
bors[bot] f612758a4a
Merge #1599
1599: Fix hardcoded reference to admin container. r=mergify[bot] a=Nebukadneza

Superseding #1330 

## What type of PR?

big-fix

## What does this PR do?

Fixes a hardcoded reference to ``admin`` container which may or may not be called ``admin`` in reality, since the user may eventually to name the container otherwise.

### Related issue(s)
- closes #1323
- subsumes #1324 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- Minor bug-fix, no additional documentation needed.


Co-authored-by: Richard Gomes <rgomes.info@gmail.com>
4 years ago
bors[bot] 7e5991796f
Merge #1600
1600: Force setup-file download scheme to HTTPS r=mergify[bot] a=Nebukadneza



## What type of PR?

bug-fix

## What does this PR do?
Up until now HTTPS was only offered by redirect, making MitM possible
before server redirect hit the client.
Add scheme-force to HTTPS to the url-generation.

### Related issue(s)
- fixes #963 

## Prerequistes
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Dario Ernst <dario.ernst@rommelag.com>
4 years ago
bors[bot] ac3dfd5cde
Merge #1553
1553: Added FAQ about SMTP Banner r=mergify[bot] a=arother

## What type of PR?
documentation

## What does this PR do?
Adding FAQ about SMTP Banner

### Related issue(s)
- closes #1368 

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

Co-authored-by: Andreas Rother <andreas@rother.org>
Co-authored-by: Dario Ernst <github@kanojo.de>
4 years ago
Dario Ernst 9a440e2604 Force setup-file download scheme to HTTPS
Up until now HTTPS was only offered by redirect, making MitM possible
before server redirect hit the client.
Add scheme-force to HTTPS to the url-generation.

fixes #963
4 years ago
Dario Ernst bf8acbb343
Remove section about hostname change
Changing Hostname in the .env and in the banner might lead to various breakages of the setup — so don’t advise it to users in the FAQ.

Co-authored-by: Thomas Sänger <thomas@gecko.space>
4 years ago
Richard Gomes b414757ff8 Fix hardcoded reference to admin container. 4 years ago
bors[bot] 4ab977a9f1
Merge #1596
1596: Fix ANTIVIRUS line in mailu.env file r=mergify[bot] a=Diman0

The ANTIVIRUS line is commented in mailu.env file. Each mailu.env file generated by setup.mailu.io will have the antivirus line commented. Removed the # so that antivirus works again for new deployments.

## What type of PR?

bug fix

## What does this PR do?

### Related issue(s)
- #1595 

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [N/A ] In case of feature or enhancement: documentation updated accordingly
- [ N/A minor change] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <52963853+Diman0@users.noreply.github.com>
4 years ago
Dimitri Huisman e5f355c902
Fix ANTIVIRUS line in mailu.env file
The ANTIVIRUS line is commented in mailu.env file. Each mailu.env file generated by setup.mailu.io will have the antivirus line commented. Removed the # so that antivirus works again for new deployments.
4 years ago
Dimitri Huisman b3e9e1bd1a Add documentation for the web administration gui. 4 years ago
bors[bot] ec1c45d789
Merge #1586
1586: Add documentation in regard to the spam filter in Mailu. Added all su… r=mergify[bot] a=Diman0

…ggestions from Liquidat and Nebukadneza..

I have added the suggestions mentioned in pull request #1575 

## What type of PR?

Adds FAQ section 'Spam filtering' that describes how spam filtering works. It also describes how you can create your own local black list. This enables the user to set up a map that can be live-updated via Rspamd webgui for blocking emails from listed sender domains.

## What does this PR do?

### Related issue(s)
    #1167
    #1566
    Closes issue #1167


## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

    [ N/A] In case of feature or enhancement: documentation updated accordingly
    [ Done] Unless it's docs or a minor change: add changelog entry file.



Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
4 years ago
bors[bot] 14f5fd8278
Merge #1587
1587: Pin test/build pip-dependencies to their last known versions r=mergify[bot] a=Nebukadneza

## What type of PR?

bug-fix

## What does this PR do?
Fix current travis docker API-version mismatches … in a crude, but safe
way.

### Related issue(s)
None

## Prerequistes
- [x] no docs
- [x] minor change


Co-authored-by: Dario Ernst <dario@kanojo.de>
4 years ago
Dario Ernst 1ffc92887a Pin test/build pip-dependencies to their last known versions
Fix current travis docker API-version mismatches … in a crude, but safe
way.
4 years ago
Dimitri Huisman 1544bc4a95 Add documentation in regard to the spam filter in Mailu. Added all suggestions from Liquidat and Nebukadneza.. 4 years ago
bors[bot] 3a89c1e910
Merge #1541
1541: alpine 3.12 as base image r=mergify[bot] a=ofthesun9

## What type of PR?
Keep in sync with alpine devel
alpine 3.12 was [released](https://alpinelinux.org/posts/Alpine-3.12.0-released.html) on  29 May 2020.
Update for the main services:
nginx 1.18 (vs 1.16)
dovecot 2.3.10 (unchanged)
postfix 3.5.2 (vs 3.4.7)
rspamd 2.5 (vs 1.9.4)
clamav 0.102/3 (vs 0.101.5)
fetchmail 6.4.5
 
## What does this PR do?
Mostly Dockerfile modification


Co-authored-by: ofthesun9 <olivier@ofthesun.net>
4 years ago
ofthesun9 539114a3d6
Merge branch 'master' into test-alpine-3.12 4 years ago
bors[bot] 72f997d4ea
Merge #1570
1570: Update webmail.yaml r=mergify[bot] a=DerH4NNES

Duplicated "ports:"

## What type of PR?

bug-fix

## What does this PR do?
fixes service specs
### Related issue(s)
/

Co-authored-by: Sascha Hannes <saschahannes@web.de>
4 years ago
bors[bot] 88ffb9fcf1
Merge #1511
1511: Setup, compose: add note about reverse DNS r=mergify[bot] a=liquidat

## What type of PR?

documentation

## What does this PR do?

If the [mailu setup utility](https://setup.mailu.io/master/) is used with the Compose flavor, in step 4 a list of public host names needs to be provided:
![Screenshot from 2020-05-17 01-54-06](https://user-images.githubusercontent.com/1998084/82132563-5227d780-97e1-11ea-85ed-fa5d5108e24e.png)
The [first entry in this list is configured as hostname by postfix](ddac2672fc/core/postfix/conf/main.cf (L10)). That is crucial: if the reverse DNS entry for that host is not the same as this first entry in this list, it will be a mismatch between rDNS and HELO, which will lead to bad scoring in many spam filters.

This commit clarifies that point.
It also fixes a missing parenthesis.

### Related issue(s)

- (none)

## Prerequistes

- (none applicable)

Co-authored-by: liquidat <liquidat@bayz.de>
4 years ago
bors[bot] 3e533a84ae
Merge #1526
1526: Use Radicale 3.x for webdav service r=mergify[bot] a=ofthesun9

- remove -f flag in Dockerfile CMD
- remove deprecated daemon and dns_lookup settings from radicale.conf
- move realm setting from [server] to [auth] in radicale.conf
- add newsfragment

## What type of PR?
Miscellaneous

## What does this PR do?
Modifications in Dockerfile and radicale.conf to get Radicale 3.0 service building properly.
Functional tests would be needed before merge.

### Related issue(s)
- closes #1512 

## Prerequistes
- [X] In case of feature or enhancement: documentation updated accordingly


Co-authored-by: ofthesun9 <olivier@ofthesun.net>
4 years ago