1980: fix freshclam startup r=mergify[bot] a=ghostwheel42
## What type of PR?
bug-fix
## What does this PR do?
make freshclam start and run
- create pid file in existing folder /run
- let freshclam log to stdout
- remove deprecated SafeBrowsing
### Related issue(s)
closes#1632
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [X] In case of feature or enhancement: documentation updated accordingly
- [X] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
1975: Replace traceback with error message when creating initial admin user r=mergify[bot] a=ghostwheel42
## What type of PR?
small enhancement
## What does this PR do?
when creating the admin user via cli a traceback is shown when this user is already present in the database.
This is confusing users. I've replaced the traceback with an error message.
### Related issue(s)
#1921
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [X] In case of feature or enhancement: documentation updated accordingly
- [X] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
1976: fix spelling in PULL_REQUEST_TEMPLATE.md r=mergify[bot] a=ghostwheel42
## What type of PR?
bug-fix
## What does this PR do?
fix spelling in PULL_REQUEST_TEMPLATE.md => Prerequisites
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [X] In case of feature or enhancement: documentation updated accordingly
- [X] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
1974: handle DEFER_ON_TLS_ERROR as bool r=mergify[bot] a=ghostwheel42
## What type of PR?
bug-fix
## What does this PR do?
DEFER_ON_TLS_ERROR is a bool and not a string: fixed jinja2 templates
move mta-sts-daemon.yml to core/postfix/conf
### Related issue(s)
closes#1973
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [X] In case of feature or enhancement: documentation updated accordingly
- [X] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
1968: optimize handle_authentication r=mergify[bot] a=ghostwheel42
## What type of PR?
bug-fix
## What does this PR do?
catch utf-8 decoding errors and log a warning in handle_authentication instead of writing a traceback into the log.
### Related issue(s)
closes#1361
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [X] In case of feature or enhancement: documentation updated accordingly
- [X] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
1967: fix 1789: ensure that nginx resolves ipv4 addresses r=mergify[bot] a=nextgens
## What type of PR?
bug-fix
## What does this PR do?
This fixes ipv6 enabled setup by disabling it. If you were using SUBNET6 in your configuration, odds are it's broken since gunicorn isn't bound on an on an ipv6 enabled socket.
Should we backport this?
### Related issue(s)
- close#1789
- close#1802
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
1961: Implement MTA-STS and DANE validation r=mergify[bot] a=nextgens
## What type of PR?
Feature
## What does this PR do?
Implement MTA-STS: the tls_policy_map will now be auto-configured based on the policies published by the various domains. A FAQ entry has been added to document how to publish a policy using Mailu.
As configured by default there is no persistence. If we want persistence we can have either sqlite3 (with a db in the mailqueue) or redis...
This also introduces a DEFER_ON_TLS_ERROR (default: True) setting that will harden policy enforcement and defer emails that shouldn't be delivered. Turn it off if you never want to set an override.
### Related issue(s)
- closes#1798
- closes#707
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
1800: AdminLTE 3 r=mergify[bot] a=DjVinnii
## What type of PR?
Enhancement
## What does this PR do?
This PR implements AdminLTE 3 for the admin interface. It also includes the implementation of DataTables and a language selector.
### Related issue(s)
- closes: #1567
- closes: #1764
## Prerequistes
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.
Co-authored-by: Vincent Kling <vincentkling@msn.com>
Co-authored-by: DjVinnii <vincentkling@msn.com>
Co-authored-by: Dimitri Huisman <52963853+Diman0@users.noreply.github.com>
Co-authored-by: Diman0 <diman@huisman.xyz>
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
1965: postfix/tls_policy: Use lmdb map instead of hash r=mergify[bot] a=tonobo
## What type of PR?
bug-fix
## What does this PR do?
### Related issue(s)
#1918https://github.com/Mailu/Mailu/pull/1902/#issuecomment-902108080
Co-authored-by: Tim Foerster <timhormersdorf@googlemail.com>
This will default to True and defer emails that fail even "loose"
validation of DANE or MTA-STS
It should work most of the time but if it doesn't and you would rather
see your emails delivered, you can turn it off.
1959: Ensure that we don't trust client headers r=mergify[bot] a=nextgens
## What type of PR?
bug-fix
## What does this PR do?
Document how REAL_IP_FROM and REAL_IP_HEADER should be used. Ensure that we strip True-Client-IP and X-Forwarded-For if neither are set.
We should also update the documentation on reverse-proxies... but that's #1958
### Related issue(s)
- #1958
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
bors[bot]