177 Commits (64ded60b5e8de1d929f6f46ec5d685b99f329a83)

Author SHA1 Message Date
Pierre Jaury afbcb9b8c6 Remove an exception trigger in the main init file 8 years ago
d-fens 40820e4701 Fix admin template to reference github repository 8 years ago
Pierre Jaury c9aff0691b Add a scheduler to the Flask application 8 years ago
Pierre Jaury d4f93e39db Select translation based on browser configuration, fixes #100 8 years ago
kaiyou 9f09e0c8e0 Update messages.po (POEditor.com) 8 years ago
Pierre Jaury 013286b8e1 Rename the freeposte/mailu directory and database 8 years ago
Pierre Jaury 7be2d458d9 Use Email as a mixin and explicitely specify table names
This also fixes #77, as explained in the ticket, because Flask
SQlAlchemy is not accessing declared attributes early anymore.
8 years ago
Pierre Jaury c7fe29c957 Push the missing messages.pot 8 years ago
Pierre Jaury c007b37df7 Display error messages when Docker is unreachable properly, related to #78 8 years ago
Pierre Jaury 984b605d05 Compile translations when building the admin container 8 years ago
Pierre Jaury acf4addae0 Add initial translations, fix #37 8 years ago
Pierre Jaury c37ad3557f Missing translations 8 years ago
Pierre Jaury 3fa44613b1 Add a default babel configuration 8 years ago
Pierre Jaury 3ade5641d9 Fix the confirmation form 8 years ago
Pierre Jaury 0beeeade41 Enable Babel for all views 8 years ago
Pierre Jaury a3ad45c8ac Use babel for base views 8 years ago
Pierre Jaury fe035114e9 Enable Babel for forms 8 years ago
Pierre Jaury d3436668d8 Enable Babel 8 years ago
Pierre Jaury 676a9a5d2c Do not redirect users to admin pages, fix #74 8 years ago
Pierre Jaury c028a3799d Write an equivalence test for domains, fixes #65
(cherry picked from commit 144f427088acf9439fd9971898296137b8339f9a)
8 years ago
kaiyou 1ae8fe6af1 Merge pull request #73 from diresi/junk_filter
dovecot: use rspamd X-Spamd-Result percentage to evaluate spam
8 years ago
Pierre Jaury c02faada94 Remove deprecated references to flask_wtf.Form, fix #72 8 years ago
Pierre Jaury e7399e6926 Add a development run.py script 8 years ago
Christoph Rissner b9de28e910 dovecot: use rspamd X-Spamd-Result percentage to evaluate spam
- configures dovecot to use the spamtest sieve plugins
- configures sieve to read the score from X-Spamd-Result: headers
- before.sieve applies the ${spam_threshold} to the spamtest percentage
- freeposte.db stores a percentage for ${spam_threshold}
- migrate freeposte.db spam_threshold from X/15 to percentages

the filter investigates the overall ratio of the `rspamd` header
`X-Spamd-Result` that looks something like this:

X-Spamd-Result: default: True [12.36 / 15.00]
 RBL_SPAMHAUS_XBL(4.00)[]
 BAYES_SPAM(3.06)[92.67%]
 RBL_SPAMHAUS_XBL_ANY(4.00)[]
 ONCE_RECEIVED_STRICT(4.00)[]
 HFILTER_HELO_BAREIP(3.00)[]
 RBL_SORBS_DUL(2.00)[]
 HFILTER_HOSTNAME_UNKNOWN(2.50)[]
 RBL_SPAMHAUS_PBL(2.00)[]
 RBL_SORBS_RECENT(1.50)[]
 MIME_UNKNOWN(0.10)[application/x-rar-compressed]
 RDNS_NONE(1.00)[]
 RBL_SORBS(0.00)[]
 R_SPF_NEUTRAL(0.00)[?all]
 ONCE_RECEIVED(0.10)[]
 RBL_SEM(1.00)[]
 MIME_HTML_ONLY(0.20)[]
 RBL_UCEPROTECT_LEVEL1(1.00)[]
 MIME_GOOD(-0.10)[multipart/mixed]

the sieve `spamtest :percent :value` in this case would be
   100*12.36/15 = 82.4%
8 years ago
Pierre Jaury 525089a531 Do not leak information about existing domains or users 8 years ago
Pierre Jaury 2cb4a44b5a Display fetchmail errors to the user, fixes #23 8 years ago
kaiyou 18253b1dd3 Merge pull request #61 from vhf/admin-creation
Allow admin creation after initial setup
8 years ago
Victor Felder 3976a5b38e Allow admin creation after initial setup 8 years ago
Victor Felder 97d952d7f1 Fix a typo 8 years ago
Pierre Jaury e24da96e58 Add some documentation to access decorators 8 years ago
Pierre Jaury 09bec055fd Fix domain deletion permissions 8 years ago
Pierre Jaury c1f9b61dac Add a simple permission audit script 8 years ago
Pierre Jaury f8dcef22ef Fix the manager deletion behaviour 8 years ago
Pierre Jaury f541a951de Remove obsolete utils module 8 years ago
Pierre Jaury 713318f097 Clean imports and remove calls to the utils module 8 years ago
Pierre Jaury ee9a416696 Implement the decorator-based access control for all views 8 years ago
Pierre Jaury 4e4f2b8037 First shot at improving access control, related to #42
A couple of things are important to note for this commit:
- it only implements the new access control for alias and admin management
- the access control code is located in access.py

The idea behind simpler access control is auditability. There have been a
couple of bugs related to functions not checking permissions properly. If
checking permissions is as simple as decorating a function, exporting the
permission scheme for an audit should be simple.

Also, this still does not address the information leakage related to 404 errors
when an object does not exist, independently of permissions the user has over
the domain.
8 years ago
Pierre Jaury 3ea3bc1d8e Enforce permission checks for admin management 8 years ago
Pierre Jaury 6dc9131b97 Fix the wildcard migration script, fixes #53 8 years ago
Pierre Jaury e3197f9156 Have the admin interface listen on localhost 8 years ago
Pierre Jaury 8601d5b8db Fix #49 when deleting a global admin 8 years ago
Pierre Jaury 0d3c75aa89 Fix a migration issue with wildcard aliases 8 years ago
Pierre Jaury 84769cab3e Switch to form-based confirmations, fixes #20 8 years ago
Pierre Jaury 5a69ada041 Add an action confirmation form, related to #20 8 years ago
Pierre Jaury 58337d7dd6 Set a proper default for spam thresholds 8 years ago
Pierre Jaury 1ce0bf2ef7 Update the user settings view with a slider 8 years ago
Pierre Jaury 0371da6307 Add the migration script for wildcard aliases, related to #38 8 years ago
XYunknown 6d4243ec66 Adding SQL Like format for aliases 8 years ago
Pierre Jaury b3d7b657ab Remove deprecated flask.ext imports 8 years ago
Pierre Jaury 9640d59aca Fix #25, serve static resources locally 8 years ago
Pierre Jaury 689c022a4a Get back to a single forward destination 8 years ago
Pierre Jaury 678a5c8065 Fix #22, use ellipsis for overflowing text 8 years ago
Pierre Jaury c07211677c Fix the default value for comma separated lists 8 years ago
Pierre Jaury 163494cb78 Use readonly attribute instead of disabled 8 years ago
Pierre Jaury 6af7a07e77 Avoid having an empty entry in destionation fields 8 years ago
Pierre Jaury 5581f1b0d9 Related to #19, fix the alias creation page 8 years ago
Pierre Jaury dcaf3e3473 Fix #30, use cascade deletion on domains 8 years ago
Pierre Jaury 49a1281976 Display the alias list properly 8 years ago
Pierre Jaury 5f36e6f4f2 Related to #19, implement domain specific field and database type 8 years ago
Pierre Jaury aace1c2d78 Get back to serving CDN assets, related to #25 9 years ago
Pierre Jaury 1673631e69 Fix the columns in the fetch list 9 years ago
Pierre Jaury f8a220e72a Serve local assets only 9 years ago
Pierre Jaury 21bec865b3 Fix permission management when editing/deleting fetches 9 years ago
Pierre Jaury 58ec3597ab Fix te DKIM DNS example 9 years ago
Pierre Jaury 6a3af51785 Add a confirmation modal when regenerating keys 9 years ago
Pierre Jaury 66a1b50cc9 Sign outgoing emails using DKIM 9 years ago
Pierre Jaury 24680957f7 Handle DKIM key generation and storage 9 years ago
Pierre Jaury 2fa8b879db Display domain SPF and DMARC example entries, fixes #15 9 years ago
Pierre Jaury 1c132fe92e Add migratoin scripts to the docker container 9 years ago
Pierre Jaury 2095b3f189 Fix the admin creation command 9 years ago
Pierre Jaury ec12ee9703 Fix a last typo in the migration script, fixes #17 9 years ago
Pierre Jaury cc013560d9 Perform automatic database migration 9 years ago
Pierre Jaury fa30a71e66 Remove deprecated initdb script 9 years ago
Pierre Jaury cca6eee8db Add the first database revision 9 years ago
Pierre Jaury 014993ee6e Add utility functions to manage.py 9 years ago
Pierre Jaury 5d7b3b981d Initialize the migration system 9 years ago
Pierre Jaury 215ba74275 Remove non-minimized static assets 9 years ago
Pierre Jaury 4853e54f0b Replace tagsinput with select2 9 years ago
Pierre Jaury 0668f9abc9 Fix the user create form 9 years ago
Pierre Jaury 5c1441486b Fix permissions for non-admin users 9 years ago
Pierre Jaury 7f7ff4d722 Fix #9, do not reuse the flask_login object for updates, query instead 9 years ago
Pierre Jaury e22f4b29b6 Fix a bug when updating the forward address 9 years ago
Pierre Jaury 82ec86afd8 Do not always add objects to the session before committing 9 years ago
Pierre Jaury 9efc798246 Store the state of reply and forward settings being enabled 9 years ago
Pierre Jaury 493fcf3a58 Use populate_obj to update objects 9 years ago
Pierre Jaury d3b13c2412 Use SQLAlchemy Session.get instead of filter_by 9 years ago
Pierre Jaury 3eca6864c3 Rename the generic 'address' to 'email' 9 years ago
Pierre Jaury 5343a397ff Fix the link to the fetchmail list 9 years ago
Pierre Jaury f832b74c85 Redirect to the fetch list after creation 9 years ago
Pierre Jaury 30ecbf81cd First fetchmail implementation 9 years ago
Pierre Jaury c56a51f7b7 Fix references to the deprecrated admin_of field 9 years ago
Pierre Jaury 340edc629e Implement admin and manager management 9 years ago
Pierre Jaury e2faf8e1be Fix the logo link 9 years ago
Pierre Jaury 5677c85368 Rename /status to /services 9 years ago
Pierre Jaury 78abe64068 Fix the behavior of the 'enable reply' checkbox 9 years ago
Pierre Jaury 85a9ae4361 Add a basic service status page 9 years ago
Pierre Jaury 3a4703b764 Implement auto-forward and auto-reply 9 years ago
Pierre Jaury 18af763293 Store the full address as a computed field 9 years ago
Pierre Jaury 8cc2a90ba0 Remove personal TODO file 9 years ago
Pierre Jaury 96ee0ea45d Use a single domain form 9 years ago