b5aec1f065 
								
							
								 
							
						 
						
							
							
								
								Default message_size_limit to 50MB  
							
							... 
							
							
							
							Add MESSAGE_SIZE_LIMIT variable in .env to allow setting the message
size limit for postfix. 
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								525089a531 
								
							
								 
							
						 
						
							
							
								
								Do not leak information about existing domains or users  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								dcda715382 
								
							
								 
							
						 
						
							
							
								
								Force temporary files to /tmp, related to  #54  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								2cb4a44b5a 
								
							
								 
							
						 
						
							
							
								
								Display fetchmail errors to the user,  fixes   #23  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								709869d4ba 
								
							
								 
							
						 
						
							
							
								
								Escape fetchmail parameters properly  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								55d5121816 
								
							
								 
							
						 
						
							
							
								
								Buld the proper http image  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								f07615c4a4 
								
							
								 
							
						 
						
							
							
								
								Do not expose the Web admin interface by default,  fixes   #40  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								ec5a75f603 
								
							
								 
							
						 
						
							
							
								
								Proxify to webmail only if enabled, related to  #40  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								18253b1dd3 
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #61  from vhf/admin-creation  
							
							... 
							
							
							
							Allow admin creation after initial setup 
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								c1770a1dc1 
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #62  from vhf/typofix  
							
							... 
							
							
							
							Fix a typo in the admin UI 
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								3976a5b38e 
								
							
								 
							
						 
						
							
							
								
								Allow admin creation after initial setup  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								97d952d7f1 
								
							
								 
							
						 
						
							
							
								
								Fix a typo  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								3f6175c34a 
								
							
								 
							
						 
						
							
							
								
								Remove deprecated awl settings  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								382030a7aa 
								
							
								 
							
						 
						
							
							
								
								Revert to using 'latest' for testing  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								d60ef1991c 
								
							
								 
							
						 
						
							
							
								
								Add a rainloop Webmail image,  fixes   #58  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								f5b9f569ca 
								
							
								 
							
						 
						
							
							
								
								Add a link to the demo server documentation  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								cbc6bb5dd6 
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #55  from kaiyou/feat-refactor-permissions  
							
							... 
							
							
							
							Refactor the access control code 
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								40b9883c8c 
								
							
								 
							
						 
						
							
							
								
								Filter outgoing email headers,  fixes   #52  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								92bbfde195 
								
							
								 
							
						 
						
							
							
								
								Add a PNG logo for rendering  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								56e6c7565e 
								
							
								 
							
						 
						
							
							
								
								Add a draft logo  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								e24da96e58 
								
							
								 
							
						 
						
							
							
								
								Add some documentation to access decorators  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								09bec055fd 
								
							
								 
							
						 
						
							
							
								
								Fix domain deletion permissions  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								c1f9b61dac 
								
							
								 
							
						 
						
							
							
								
								Add a simple permission audit script  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								f8dcef22ef 
								
							
								 
							
						 
						
							
							
								
								Fix the manager deletion behaviour  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								f541a951de 
								
							
								 
							
						 
						
							
							
								
								Remove obsolete utils module  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								713318f097 
								
							
								 
							
						 
						
							
							
								
								Clean imports and remove calls to the utils module  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								ee9a416696 
								
							
								 
							
						 
						
							
							
								
								Implement the decorator-based access control for all views  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								4e4f2b8037 
								
							
								 
							
						 
						
							
							
								
								First shot at improving access control, related to  #42  
							
							... 
							
							
							
							A couple of things are important to note for this commit:
- it only implements the new access control for alias and admin management
- the access control code is located in access.py
The idea behind simpler access control is auditability. There have been a
couple of bugs related to functions not checking permissions properly. If
checking permissions is as simple as decorating a function, exporting the
permission scheme for an audit should be simple.
Also, this still does not address the information leakage related to 404 errors
when an object does not exist, independently of permissions the user has over
the domain. 
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								3ea3bc1d8e 
								
							
								 
							
						 
						
							
							
								
								Enforce permission checks for admin management  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								ee6e9b2690 
								
							
								 
							
						 
						
							
							
								
								Add a reference to the Freenode IRC channel.  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								6dc9131b97 
								
							
								 
							
						 
						
							
							
								
								Fix the wildcard migration script,  fixes   #53  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								26f7f5a73b 
								
							
								 
							
						 
						
							
							
								
								Change the env file name in the README file  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								bac20081ee 
								
							
								 
							
						 
						
							
							
								
								Split the environment file into sections  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								d2d84acd5f 
								
							
								 
							
						 
						
							
							
								
								Comment all 'build' directives  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								e3197f9156 
								
							
								 
							
						 
						
							
							
								
								Have the admin interface listen on localhost  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								1b6c514dc5 
								
							
								 
							
						 
						
							
							
								
								Disable the frontend Web server by default  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								a8eafc508a 
								
							
								 
							
						 
						
							
							
								
								Default listen on localhost only  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								7ac44eabeb 
								
							
								 
							
						 
						
							
							
								
								Add a VERSION variable to avoid modifying the docker-compose file  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								14ec783ef7 
								
							
								 
							
						 
						
							
							
								
								Add a dynamic Webmail option with a 'none' container  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								cf84b82c57 
								
							
								 
							
						 
						
							
							
								
								Move the configuration file to .env to support global variables  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								581a0882af 
								
							
								 
							
						 
						
							
							
								
								Pull images from Docker Hub by default  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								8fc95a96d2 
								
							
								 
							
						 
						
							
							
								
								Disable debug and set an explicit default secret key  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								ef5d3a77c6 
								
							
								 
							
						 
						
							
							
								
								Pull images from Docker Hub by default  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								8601d5b8db 
								
							
								 
							
						 
						
							
							
								
								Fix   #49  when deleting a global admin  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								1273571299 
								
							
								 
							
						 
						
							
							
								
								Add a changelog  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								0d3c75aa89 
								
							
								 
							
						 
						
							
							
								
								Fix a migration issue with wildcard aliases  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								bfe9ededbc 
								
							
								 
							
						 
						
							
							
								
								Fix spam filtering when the score is negative  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								2602ef2883 
								
							
								 
							
						 
						
							
							
								
								Add a feature item about freedom  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								e916998bb2 
								
							
								 
							
						 
						
							
							
								
								Apply the BetterCrypto nginx configuration, related to  #45  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								3d1e5523d4 
								
							
								 
							
						 
						
							
							
								
								Use a non-starttls configuration for SMTPS port, related to  #45  
							
							
							
						 
						
							9 years ago