382030a7aa 
								
							
								 
							
						 
						
							
							
								
								Revert to using 'latest' for testing  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								d60ef1991c 
								
							
								 
							
						 
						
							
							
								
								Add a rainloop Webmail image,  fixes   #58  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								f5b9f569ca 
								
							
								 
							
						 
						
							
							
								
								Add a link to the demo server documentation  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								cbc6bb5dd6 
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #55  from kaiyou/feat-refactor-permissions  
							
							... 
							
							
							
							Refactor the access control code 
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								40b9883c8c 
								
							
								 
							
						 
						
							
							
								
								Filter outgoing email headers,  fixes   #52  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								92bbfde195 
								
							
								 
							
						 
						
							
							
								
								Add a PNG logo for rendering  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								56e6c7565e 
								
							
								 
							
						 
						
							
							
								
								Add a draft logo  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								e24da96e58 
								
							
								 
							
						 
						
							
							
								
								Add some documentation to access decorators  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								09bec055fd 
								
							
								 
							
						 
						
							
							
								
								Fix domain deletion permissions  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								c1f9b61dac 
								
							
								 
							
						 
						
							
							
								
								Add a simple permission audit script  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								f8dcef22ef 
								
							
								 
							
						 
						
							
							
								
								Fix the manager deletion behaviour  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								f541a951de 
								
							
								 
							
						 
						
							
							
								
								Remove obsolete utils module  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								713318f097 
								
							
								 
							
						 
						
							
							
								
								Clean imports and remove calls to the utils module  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								ee9a416696 
								
							
								 
							
						 
						
							
							
								
								Implement the decorator-based access control for all views  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								4e4f2b8037 
								
							
								 
							
						 
						
							
							
								
								First shot at improving access control, related to  #42  
							
							... 
							
							
							
							A couple of things are important to note for this commit:
- it only implements the new access control for alias and admin management
- the access control code is located in access.py
The idea behind simpler access control is auditability. There have been a
couple of bugs related to functions not checking permissions properly. If
checking permissions is as simple as decorating a function, exporting the
permission scheme for an audit should be simple.
Also, this still does not address the information leakage related to 404 errors
when an object does not exist, independently of permissions the user has over
the domain. 
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								3ea3bc1d8e 
								
							
								 
							
						 
						
							
							
								
								Enforce permission checks for admin management  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								ee6e9b2690 
								
							
								 
							
						 
						
							
							
								
								Add a reference to the Freenode IRC channel.  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								6dc9131b97 
								
							
								 
							
						 
						
							
							
								
								Fix the wildcard migration script,  fixes   #53  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								26f7f5a73b 
								
							
								 
							
						 
						
							
							
								
								Change the env file name in the README file  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								bac20081ee 
								
							
								 
							
						 
						
							
							
								
								Split the environment file into sections  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								d2d84acd5f 
								
							
								 
							
						 
						
							
							
								
								Comment all 'build' directives  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								e3197f9156 
								
							
								 
							
						 
						
							
							
								
								Have the admin interface listen on localhost  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								1b6c514dc5 
								
							
								 
							
						 
						
							
							
								
								Disable the frontend Web server by default  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								a8eafc508a 
								
							
								 
							
						 
						
							
							
								
								Default listen on localhost only  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								7ac44eabeb 
								
							
								 
							
						 
						
							
							
								
								Add a VERSION variable to avoid modifying the docker-compose file  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								14ec783ef7 
								
							
								 
							
						 
						
							
							
								
								Add a dynamic Webmail option with a 'none' container  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								cf84b82c57 
								
							
								 
							
						 
						
							
							
								
								Move the configuration file to .env to support global variables  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								581a0882af 
								
							
								 
							
						 
						
							
							
								
								Pull images from Docker Hub by default  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								8fc95a96d2 
								
							
								 
							
						 
						
							
							
								
								Disable debug and set an explicit default secret key  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								ef5d3a77c6 
								
							
								 
							
						 
						
							
							
								
								Pull images from Docker Hub by default  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								8601d5b8db 
								
							
								 
							
						 
						
							
							
								
								Fix   #49  when deleting a global admin  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								1273571299 
								
							
								 
							
						 
						
							
							
								
								Add a changelog  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								0d3c75aa89 
								
							
								 
							
						 
						
							
							
								
								Fix a migration issue with wildcard aliases  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								bfe9ededbc 
								
							
								 
							
						 
						
							
							
								
								Fix spam filtering when the score is negative  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								2602ef2883 
								
							
								 
							
						 
						
							
							
								
								Add a feature item about freedom  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								e916998bb2 
								
							
								 
							
						 
						
							
							
								
								Apply the BetterCrypto nginx configuration, related to  #45  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								3d1e5523d4 
								
							
								 
							
						 
						
							
							
								
								Use a non-starttls configuration for SMTPS port, related to  #45  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								a6ab917aea 
								
							
								 
							
						 
						
							
							
								
								Do not enforce TLS on the default SMTP port, related to  #45  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								e3e9012183 
								
							
								 
							
						 
						
							
							
								
								Add a link to the BetterCrypto reference  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								c0f6a3e387 
								
							
								 
							
						 
						
							
							
								
								Apply the BetterCrypto Dovecot configuration, related to  #45  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								8909033c26 
								
							
								 
							
						 
						
							
							
								
								Apply the BetterCrypto Postfix configuration, related to  #45  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								5a3242d9d3 
								
							
								 
							
						 
						
							
							
								
								Apply the BetterCrypto Postfix configuration, related to  #45  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								5bc0948248 
								
							
								 
							
						 
						
							
							
								
								Add some documentation to the Postfix configuration  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								207e351276 
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #43  from d-fens/patch-2  
							
							... 
							
							
							
							Update postfix SSL/TLS configuration 
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								2f9319e454 
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #44  from d-fens/patch-1  
							
							... 
							
							
							
							Update dovecot SSL/TLS configuration 
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								a3d8daa585 
								
							
								 
							
						 
						
							
							
								
								Update postfix SSL/TLS configuration  
							
							... 
							
							
							
							Ensure that RC4 and SSLv3 is not used. This is based off mailinabox project settings, while not the most ideal settings this improves the configuration from what it is currently. 
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								62b1df04a0 
								
							
								 
							
						 
						
							
							
								
								Update dovecot SSL/TLS configuration  
							
							... 
							
							
							
							Ensure that RC4 and SSLv3 is not used. This is based off mailinabox project settings, while not the most ideal settings this improves the configuration from what it is currently. 
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								84769cab3e 
								
							
								 
							
						 
						
							
							
								
								Switch to form-based confirmations,  fixes   #20  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								5a69ada041 
								
							
								 
							
						 
						
							
							
								
								Add an action confirmation form, related to  #20  
							
							
							
						 
						
							9 years ago  
				
					
						
							
							
								 
						
							
							
								6bfdabe8c1 
								
							
								 
							
						 
						
							
							
								
								Format the authors file properly  
							
							
							
						 
						
							9 years ago