Up until now HTTPS was only offered by redirect, making MitM possible
before server redirect hit the client.
Add scheme-force to HTTPS to the url-generation.
fixes#963
Changing Hostname in the .env and in the banner might lead to various breakages of the setup — so don’t advise it to users in the FAQ.
Co-authored-by: Thomas Sänger <thomas@gecko.space>
1596: Fix ANTIVIRUS line in mailu.env file r=mergify[bot] a=Diman0
The ANTIVIRUS line is commented in mailu.env file. Each mailu.env file generated by setup.mailu.io will have the antivirus line commented. Removed the # so that antivirus works again for new deployments.
## What type of PR?
bug fix
## What does this PR do?
### Related issue(s)
- #1595
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [N/A ] In case of feature or enhancement: documentation updated accordingly
- [ N/A minor change] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.
Co-authored-by: Dimitri Huisman <52963853+Diman0@users.noreply.github.com>
The ANTIVIRUS line is commented in mailu.env file. Each mailu.env file generated by setup.mailu.io will have the antivirus line commented. Removed the # so that antivirus works again for new deployments.
1586: Add documentation in regard to the spam filter in Mailu. Added all su… r=mergify[bot] a=Diman0
…ggestions from Liquidat and Nebukadneza..
I have added the suggestions mentioned in pull request #1575
## What type of PR?
Adds FAQ section 'Spam filtering' that describes how spam filtering works. It also describes how you can create your own local black list. This enables the user to set up a map that can be live-updated via Rspamd webgui for blocking emails from listed sender domains.
## What does this PR do?
### Related issue(s)
#1167#1566
Closes issue #1167
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
[ N/A] In case of feature or enhancement: documentation updated accordingly
[ Done] Unless it's docs or a minor change: add changelog entry file.
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
1587: Pin test/build pip-dependencies to their last known versions r=mergify[bot] a=Nebukadneza
## What type of PR?
bug-fix
## What does this PR do?
Fix current travis docker API-version mismatches … in a crude, but safe
way.
### Related issue(s)
None
## Prerequistes
- [x] no docs
- [x] minor change
Co-authored-by: Dario Ernst <dario@kanojo.de>
1541: alpine 3.12 as base image r=mergify[bot] a=ofthesun9
## What type of PR?
Keep in sync with alpine devel
alpine 3.12 was [released](https://alpinelinux.org/posts/Alpine-3.12.0-released.html) on 29 May 2020.
Update for the main services:
nginx 1.18 (vs 1.16)
dovecot 2.3.10 (unchanged)
postfix 3.5.2 (vs 3.4.7)
rspamd 2.5 (vs 1.9.4)
clamav 0.102/3 (vs 0.101.5)
fetchmail 6.4.5
## What does this PR do?
Mostly Dockerfile modification
Co-authored-by: ofthesun9 <olivier@ofthesun.net>
1570: Update webmail.yaml r=mergify[bot] a=DerH4NNES
Duplicated "ports:"
## What type of PR?
bug-fix
## What does this PR do?
fixes service specs
### Related issue(s)
/
Co-authored-by: Sascha Hannes <saschahannes@web.de>
1511: Setup, compose: add note about reverse DNS r=mergify[bot] a=liquidat
## What type of PR?
documentation
## What does this PR do?
If the [mailu setup utility](https://setup.mailu.io/master/) is used with the Compose flavor, in step 4 a list of public host names needs to be provided:
![Screenshot from 2020-05-17 01-54-06](https://user-images.githubusercontent.com/1998084/82132563-5227d780-97e1-11ea-85ed-fa5d5108e24e.png)
The [first entry in this list is configured as hostname by postfix](ddac2672fc/core/postfix/conf/main.cf (L10)). That is crucial: if the reverse DNS entry for that host is not the same as this first entry in this list, it will be a mismatch between rDNS and HELO, which will lead to bad scoring in many spam filters.
This commit clarifies that point.
It also fixes a missing parenthesis.
### Related issue(s)
- (none)
## Prerequistes
- (none applicable)
Co-authored-by: liquidat <liquidat@bayz.de>
1526: Use Radicale 3.x for webdav service r=mergify[bot] a=ofthesun9
- remove -f flag in Dockerfile CMD
- remove deprecated daemon and dns_lookup settings from radicale.conf
- move realm setting from [server] to [auth] in radicale.conf
- add newsfragment
## What type of PR?
Miscellaneous
## What does this PR do?
Modifications in Dockerfile and radicale.conf to get Radicale 3.0 service building properly.
Functional tests would be needed before merge.
### Related issue(s)
- closes#1512
## Prerequistes
- [X] In case of feature or enhancement: documentation updated accordingly
Co-authored-by: ofthesun9 <olivier@ofthesun.net>
1557: Explicitly define ProxyFix options r=mergify[bot] a=brian-maloney
## What type of PR?
bug-fix
## What does this PR do?
This PR explicitly defines the options for the ProxyFix module, which fixes a regression in admin behind a reverse proxy.
### Related issue(s)
- #1309
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [X] In case of feature or enhancement: documentation updated accordingly
- [X] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.
This is a bugfix, so not doc changes, and it's an extremely minor change.
Co-authored-by: Brian Maloney <3286425+brian-maloney@users.noreply.github.com>
1538: Introduce environment variable to control dovecot full-text-search r=mergify[bot] a=tremlin
## What type of PR?
Enhancement
## What does this PR do?
In #1320 a full-text-search feature was enabled in Dovecot by default. Since this can have a big impact on performance, I think it's preferable to offer an option to disable the feature if it is not needed. This PR doesn't change the default behavior (FTS on).
### Related issue(s)
- #1320
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [ ] In case of feature or enhancement: documentation updated accordinagly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.
Co-authored-by: Thomas Rehn <thomas.rehn@initos.com>
1499: Harmonization of the various docker-compose.yml templates r=mergify[bot] a=ofthesun9
## What type of PR?
Mainly documentation and update of the docker-compose.yml templates
## What does this PR do?
- Update of setup/flavors/stack/docker-compose.yml and docs/compose/docker-compose.yml to keep parity with setup/flavors/compose/docker-compose.yml (last changes with pr1444)
- Also refresh of the mkdir command found in setup/flavors/stack/setup.html to cope with the creation of mailqueue; overrides/nginx, overrides/dovecot folders.
### Related issue(s)
None
## Prerequistes
- [x] In case of feature or enhancement: documentation updated accordingly
Co-authored-by: ofthesun9 <olivier@ofthesun.net>
1478: Allow to enforce TLS for outbound r=mergify[bot] a=micw
using OUTBOUND_TLS_LEVEL=encrypt (default is 'may')
## What type of PR?
enhancement
## What does this PR do?
Add an option to postfix to enforce outbound traffic to be TLS encrypted.
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.
1501: In setup/flavor, change DMARC RUA and RUF email default settings r=mergify[bot] a=ofthesun9
## What type of PR?
bug-fix
## What does this PR do?
This PR changes the default value used to set DMARC_RUA and DMARC_RUF:
DMARC_RUA and DMARC_RUF defaults will reuse the value defined for POSTMASTER,
instead of 'admin' as previously.
Please note that the setup tool doesn't allow (yet?) to define dmarc_rua nor dmarc_ruf, so the default value is indeed used for the time being.
### Related issue(s)
closes#1463
## Prerequistes
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.
1532: Replace SMPT with SMTP r=mergify[bot] a=dhoppe
1543: Disable Health checks on swarm mode r=mergify[bot] a=ofthesun9
ref: https://github.com/moby/moby/issues/35451
## What type of PR?
bug-fix
## What does this PR do?
Modify the docker-compose.yml template used by setup (swarm flavor) to disable Health checks on swarm mode for each service
### Related issue(s)
closes#1289
## Prerequistes
- [x] add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.
Co-authored-by: Michael Wyraz <michael@wyraz.de>
Co-authored-by: ofthesun9 <olivier@ofthesun.net>
Co-authored-by: Dennis Hoppe <github@debian-solutions.de>
1542: Remove unused variables r=mergify[bot] a=dhoppe
## What type of PR?
Cleanup.
## What does this PR do?
This pull request will remove unused variables. I do not think @matst14 will update his pull request because his account seems to be quite inactive.
### Related issue(s)
- Mention an issue like: #1112#1437
- Auto close an issue like: closes#1112#1437
## Prerequistes
None.
Co-authored-by: Dennis Hoppe <github@debian-solutions.de>
1548: Update Roundcube to 1.4.6 r=mergify[bot] a=HorayNarea
## What type of PR?
enhancement
## What does this PR do?
Update Roundcube to 1.4.6
Co-authored-by: Thomas Sänger <thomas@gecko.space>
- remove ==2.1.12 in Dockerfile pip3 install radicale
- remove -f flag in Dockerfile CMD
- remove deprecated daemon and dns_lookup settings from radicale.conf
- move realm setting from [server] to [auth] in radicale.conf
- add newsfragment
1513: Stick radicale to 2.1.12 version r=ofthesun9 a=ofthesun9
As 3.0 is breaking compatibility with 2.1 branch
## What type of PR?
Sticking radicale to 2.1.12, while we investigate changes to use radicale 3.0
## What does this PR do?
Dockerfile modification to add ==2.1.12
### Related issue(s)
- #1512
Co-authored-by: ofthesun9 <olivier@ofthesun.net>
Harmonization (following pr1444) between:
- docs/compose/docker-compose.yml
- setup/flavors/stack/docker-compose.yml
- setup/flavors/compose/docker-compose.yml
Also refresh of the mkdir command found in setup/flavors/stack/setup.html
1338: Add GPG to Roundcube r=mergify[bot] a=PhilRW
The web UI was complaining that it couldn't find the GPG binary. Turns out it wasn't installed.
## What type of PR?
bug fix
## What does this PR do?
Adds GPG binary to Roundcube
Co-authored-by: Philip Rosenberg-Watt <PhilRW@users.noreply.github.com>
Co-authored-by: Dario Ernst <github@kanojo.de>
1298: Added carddav-plugin for roundcube webmail r=ofthesun9 a=sholl
## Feature
This PR enables the carddav contacts plugin for integration remote contact-repositories based on CardDAV.
## What does this PR do?
This PR enables the carddav contacts plugin for integration remote contact-repositories based on CardDAV.
### Related issue(s)
- Related #1230, at least for CardDAV.
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly (not needed since the plugins of webmail is not mentioned in the docs.)
- [x] Changelog-entry added
Co-authored-by: Stephan Holl <stephan@holl-land.de>
1487: Fix postfix queue permissions r=mergify[bot] a=ofthesun9
## What type of PR?
bug-fix (by anticipation of a potential change in base image)
## What does this PR do?
We need to check /queue permissions before starting postfix.
In case of postfix/postdrop uid/gid change, postfix would fail to start
### Related issue(s)
closes#1486
## Prerequistes
- [x] In case of feature or enhancement: documentation updated accordingly
Co-authored-by: ofthesun9 <olivier@ofthesun.net>
1481: Postgresql: default SUBNET6 in pg_hba r=mergify[bot] a=muhlemmer
## What type of PR?
Bug fix
## What does this PR do?
When PostgreSQL for Mailu is used in IPv4 only, without IPv6, `SUBNET6` is unset and causes an empty field in the `pg_hba.conf` file. PostgreSQL refuses to start in this case.
### Related issue(s)
- Bug was introduced in #1257, merged recently
- 1.7 user reported PostgreSQL connection errors on IPv6 in #1479
- #1257 was Backported to 1.7 in #1469
- Users on 1.7 reported this broke IPv4 installation in #1479
- Backport was reverted in #1480
Sorry for the mess 😒
**Note: ** if this patch seems to be stable, I will re-initiate the backport.
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.
Co-authored-by: Tim Möhlmann <muhlemmer@gmail.com>
1470: Adding faq entry: How to teach Bayes ham and spam #1438 r=muhlemmer a=ofthesun9
Fix#1438
## What type of PR?
documentation (faq)
## What does this PR do?
This PR add an faq entry to cover #1438
### Related issue(s)
closes#1438
## Prerequistes
- [x] In case of feature or enhancement: documentation updated accordingly
Co-authored-by: ofthesun9 <olivier@ofthesun.net>