3388 Commits (bc509409e893d173c263752232f98dd216aa1a4c)
 

Author SHA1 Message Date
bors[bot] bc509409e8
Merge #2290
2290: rspamd may trigger HFILTER_HOSTNAME_UNKNOWN if part of the delivery chain is using ipv6 r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

This PR addresses the problem raised in #2260 : where rspamd may trigger HFILTER_HOSTNAME_UNKNOWN if part of the delivery chain is using ipv6. It may affect non v6 enabled setup and this is why it's proposed for backport.

The PR also sturdies up the warning about enabling v6 (as discussed during the last dev-meeting).

AAAA lookups in nginx were disabled when SSO was introduced as IP addresses were used to differentiate in between logins from webmails and others. Nowadays Mailu uses ports instead, so there is no reason not to re-enable it.

### Related issue(s)
- closes #2260
- #2272

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
3 years ago
Florent Daigniere ca7fc34839 towncrier 3 years ago
Florent Daigniere a88424d19f Sturdy up the warning about v6 in setup 3 years ago
Florent Daigniere 9b952da6c2 Allow nginx to lookup IPv6 addresses
It creates issues with RSPAMD/HFILTER_HOSTNAME_UNKNOWN on v6 enabled
setups see
https://github.com/Mailu/Mailu/issues/2260#issuecomment-1066797661
3 years ago
bors[bot] 8cc91bad75
Merge #2281 #2285 #2286 #2287
2281: Update alpine-linux to 3.14.4 - OpenSSL security FIX r=mergify[bot] a=willofr

## What type of PR?
Security fix

## What does this PR do?
Update Dockerfiles to use alpine-linux 3.14.4 which contains a security fix for openssl
https://alpinelinux.org/posts/Alpine-3.12.10-3.13.8-3.14.4-released.html

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


2285: Update names of language json files r=mergify[bot] a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

language json files of datatables i18n have been renamed
this updates the mappings to the current names


2286: Fix typo in Traefik reverse proxy docs r=mergify[bot] a=ghostwheel42

Slight typo in the Traefik reverse proxy docs. Found through running into the issue on my own instance.

## What type of PR?

documentation

## What does this PR do?

Adds  #2282 to master


2287: Fix typo in docs: cert not certs r=mergify[bot] a=ghostwheel42

## What type of PR?

documentation

## What does this PR do?

just a typo

Co-authored-by: Will <will@packer-output-c8fcfb40-3d93-4475-8f87-e14a9dd683b6>
Co-authored-by: willofr <willofr@users.noreply.github.com>
Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
Co-authored-by: DAHPr0gram3r <cbillwork02@gmail.com>
3 years ago
bors[bot] a7149b83d4
Merge #2284
2284: Fixing AUTH_RATELIMIT_IP not working on imap/pop3/smtp r=mergify[bot] a=fischerscode

#2283

## What type of PR?

bug-fix

## What does this PR do?
This fixes AUTH_RATELIMIT_IP not working on imap/pop3/smtp.

### Related issue(s)
closes #2283

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.

Co-authored-by: Maximilian Fischer <github@maaeps.de>
Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
3 years ago
Alexander Graf 2f75625140
Fix typo in docs: cert not certs 3 years ago
Alexander Graf 90d7c43872
Update alpine version in rpi docs 3 years ago
bors[bot] 68d3d67b8c
Merge #2255
2255: Create a polite and turtle delivery queue to accommodate destinations that expect emails to be sent slowly r=mergify[bot] a=nextgens

## What type of PR?

Feature

## What does this PR do?

Create a polite and turtle delivery queue to accommodate destinations that expect emails to be sent slowly

### Related issue(s)
- closes #2213

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
3 years ago
bors[bot] cbb2112c84
Merge #2277
2277: Update RainLoop application.ini r=mergify[bot] a=the-djmaze

`contacts_autosave` is part of `[defaults]`, not `[plugins]`

Co-authored-by: the-djmaze <3752035+the-djmaze@users.noreply.github.com>
3 years ago
DAHPr0gram3r 77ad6d19ae
Fix typo in Traefik reverse proxy docs
Slight typo in the Traefik reverse proxy docs. Found through running into the issue on my own instance.
3 years ago
Alexander Graf d70596d431
Update names of language json files 3 years ago
Alexander Graf 64ad6931e9
Move 'is_valid_user = user is not None' into else 3 years ago
Alexander Graf 630a4e9b5e
Update auth.py
Add spaces
3 years ago
Maximilian Fischer dcfe0fbe91 Create 2284.bugfix 3 years ago
Maximilian Fischer 8775dc5b15 Fixing AUTH_RATELIMIT_IP not working on imap/pop3/smtp
#2283
3 years ago
willofr c6ad3c7f9e
Create 2281.bugfix 3 years ago
Will d02296c3bc Update alpine-linux to 3.14.4 - OpenSSL security FIX 3 years ago
bors[bot] 0b25854de0
Merge #2210
2210: Add input validation for domain creation r=mergify[bot] a=0pc0deFR

## What type of PR?

bug-fix

## What does this PR do?

This patch add the input validation for domain creation.

### Related issue(s)
- Mention an issue like: #1817
- Auto close an issue like: closes #1817


Co-authored-by: Kevin Falcoz <0pc0defr@gmail.com>
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
3 years ago
the-djmaze a3c01a2bbf
Update application.ini
`contacts_autosave` is part of `[defaults]`, not `[plugins]`
3 years ago
bors[bot] 43598119b8
Merge #2275
2275: Fix2274: Inbound emails are rejected r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Fix email reception

### Related issue(s)
- closes #2274

## Prerequisites
No documentation as this affects only people running master since yesterday

Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
3 years ago
Florent Daigniere a7f9a35fa1
Merge branch 'master' into fix2274 3 years ago
Florent Daigniere a4ed464170 doh 3 years ago
bors[bot] fe7397bedf
Merge #2265
2265: Prevent an exception from being thrown if the username isn't an email address r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Mailu expects users to identify using an email address; some brute-force script don't send just an username and this leads to an exception... that makes the error message and return code vary.

This PR prevents the exceptions from being thrown in the first place

```
WARNING in nginx: Invalid user 'xxxx': (builtins.ValueError) invalid email address (no "`@")"`
```

### Related issue(s)
- closes #2261
- closes #1750

Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
3 years ago
Florent Daigniere 0bfbb3bcd4
doh 3 years ago
Florent Daigniere cd3eee4c51 ghostwheel42's suggestion 3 years ago
Florent Daigniere d723326b8e style 3 years ago
Florent Daigniere f01d8cd9b9 improve 3 years ago
Florent Daigniere 7b9c4e01f7 improve 3 years ago
Florent Daigniere 91de20c49c Fix exception in logs
This was occuring when you had square brackets in the domain part
3 years ago
Florent Daigniere 8cf76afbab Catch the ValueError instead 3 years ago
Florent Daigniere 08aa32a5df Revert "Don't bother running the query without an address"
This reverts commit dc81979550.
3 years ago
Florent Daigniere 7ce7f2096b belt, braces and suspenders 3 years ago
Florent Daigniere dc81979550 Don't bother running the query without an address
This should solve the following in admin logs:
"WARNING in nginx: Invalid user 'xxxx': (builtins.ValueError)
invalid email address (no "@")"
3 years ago
bors[bot] 2e9b14d536
Merge #2254
2254: Send ISRG_X1 on port 25, make DANE pin that r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Ensure we send ISRG_X1 in the handshake on port 25 (non-interactive, size doesn't really matter).

Update the DANE pin to reflect the change.

I am not sure whether we will need to add --preferred-chain= in the future; This may be the case when letsencrypt decides to use X2/the ECDSA chain

This needs to be tested on a letsencrypt account that isn't mine (I'm opted in for the alternate cert chains)

### Related issue(s)
- closes #2138

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

There's already a towncrier news for it

Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
3 years ago
Florent Daigniere f9869b1d79 ghostwheel42's suggestions 3 years ago
bors[bot] cac9b48027
Merge #2253
2253: Workaround the infamous coredns feature r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Ensure that we set the ``DO`` flag on our queries to work around https://github.com/coredns/coredns/issues/5189

Add a FAQ entry to point users in the right direction in other cases (dnsmasq), discourage users from running Mailu without unbound

### Related issue(s)
- closes #2243
- closes #2239
- #2164
- #2163
- #2162
- #2135
- #1988

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
3 years ago
Dimitri Huisman c40a0f4b80 Change link in warning to master. Master is always available. 1.9 will be unavaiable in the future. 3 years ago
Dimitri Huisman dfd5e441bd Fix resolver warning message not being displayed in setup. 3 years ago
Florent Daigniere 0abbf2ba4a untested but it should work 3 years ago
Florent Daigniere 66b660d331 clarify 3 years ago
Florent Daigniere ee34417c8c typo 3 years ago
Florent Daigniere a62ebceb3d document 3 years ago
Florent Daigniere ab35492589 the first time the loop runs we don't have the second cert 3 years ago
Florent Daigniere 0816cb9497 simplify as per ghostwheel42's suggestion 3 years ago
Florent Daigniere 7166e7d2b2 Implement #2213: slow transports 3 years ago
Florent Daigniere e4a32b55f5 Send ISRG_X1 on port 25, make DANE pin that 3 years ago
Florent Daigniere 1364451a9e towncrier 3 years ago
Florent Daigniere d3e7ea5389 spell it out 3 years ago
Florent Daigniere a8dc20962a workaround a bug in coredns 3 years ago