Commit Graph

346 Commits (cf34be967cf45b06d1d98387ce3c80547671c5fb)

Author SHA1 Message Date
Michael Wyraz a907fe4cac Split HOST_ANTISPAM in HOST_ANTISPAM_MILTER and HOST_ANTISPAM_WEBUI
bors[bot] 9c956a04ca
Merge
1183: Fix rspamd-learn when moving mail from/to junk folder r=mergify[bot] a=Nebukadneza

Before, the ham/spam scripts got the rspamd-ip/port from the environment.
However, when checking the environment of these processes now, it seems
cleared. Maybe the new dovecot version now clears environment? — I couldn’t
find a hint.

In any case, using the common mechanism of injecting the ip/port from where
it’s definately known by the already-used jinja2-mechanism seems reasonably
safe.

## What type of PR?
bug-fix

## What does this PR do?
Instead of relying on dovecot passing our environment cleanly to sieve-called scripts, this explicitly injects the antispam ip/port into the spam/ham scripts used when moving files from/to the spam-folder. This required some management of the files, such as setting proper permissions after the jinja-run.

### Related issue(s)
fixes  

## Prerequistes
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Dario Ernst <dario@kanojo.de>
Co-authored-by: Dario Ernst <dario.ernst@rommelag.com>
U-COREI3-3120M\市川ゆり子 82b5e7d805 Add news fragments 1207.feature
Michael Wyraz 61045c1d2c Changelog
Michael Wyraz d689a8eeb3 Enable access log of admin service only for log levels of INFO and finer
hoellen d3dd4802f4 Change default password scheme to PBKDF2 ()
bors[bot] 20e00ac0c4
Merge
1158: Use nginx for kubernetes ingress r=kaiyou a=micw

## What type of PR?

enhancement

## What does this PR do?

Currently, kubernetes uses a complex ingress setting which is not portable across different ingress controllers. This PR simplifies the ingress and delegates everythins special to Mailu to the front container,

### Related issue(s)
- closes 
- closes 
- closes 
- closes 

## Prerequistes

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog]

Co-authored-by: Michael Wyraz <michael@wyraz.de>
Dario Ernst 88bfb0d17f Fix rspamd-learn when moving mail from/to junk folder
Before, the ham/spam scripts got the rspamd-ip/port from the environment.
However, when checking the environment of these processes now, it seems
cleared. Maybe the new dovecot version now clears environment? — I couldn’t
find a hint.

In any case, using the common mechanism of injecting the ip/port from where
it’s definately known by the already-used jinja2-mechanism seems reasonably
safe.
bors[bot] e46153c0b1
Merge
1114: Resolve HOST to ADDRESS only if ADDRESS is not already set r=mergify[bot] a=micw

## What type of PR?

bug-fix

## What does this PR do?

~Makes the rsolving from hosts to ips at startup configurable~

I rewrote the pull request after  was merged. Now it resolves HOSTs to ADDRESSes only of ADDRESSes are not already set. So on kubernetes we can jsut set the address and have working service discovery.

### Related issue(s)
- closes 

## Prerequistes

~Minor change, backward compatible~
Changelog will be added

Co-authored-by: Michael Wyraz <michael@wyraz.de>
Thomas Sänger 3245fb5112
changelog for capability-advertisement
Michael Wyraz 92645bcd4a Use nginx for kubernetes ingress
Michael Wyraz de2f166bd1 Resolve HOST_* to *_ADDRESS only if *_ADDRESS is not already set
kaiyou 089ca7a003 Prepare release notes for 1.7
Tim Möhlmann 5b07da7f7c
Changelog to towncrier
Tim Möhlmann 9058f357f2
Move from changlog to towncrier
Aurélien Bondis 7684eda5d5 add changelog
bors[bot] 47a40d17b7 Merge
1088: Support domain literals (fix ) r=mergify[bot] a=hoellen

## What type of PR?
bug-fix

## What does this PR do?
This PR adds error handling for idna enocding. With telnet you now get a "Bad sender address syntax"  message.

```
> telnet mail.example.com 25

Connected to example.com.
Escape character is '^]'.
220 mail.example.com ESMTP ready
EHLO dummy.example.com
250-mail.example.com
250 STARTTLS
MAIL FROM: does-not-exist@[116.203.165.200]
250 2.0.0 OK
RCPT TO: some-user@example.com
501 5.1.7 Bad sender address syntax
Connection closed by foreign host.
```


### Related issue(s)
fix 

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: hoellen <dev@hoellen.eu>
hoellen b720bedf72 Support domain literals for receiving emails
hoellen bed2c6ea09 Revert "Error handling for idna encoding"
This reverts commit 10034526a1.
bors[bot] 1f2ae521d7 Merge
1084: Allow subnet with host bit set in setup r=mergify[bot] a=hoellen

## What type of PR?
bug-fix

## What does this PR do?
This allows to set the host bit in the subnet while using the [setup](https://setup.mailu.io/1.6/). The host bits are now masked out to determine the appropriate network address. This means that e.g. `172.17.0.1/12` is now considered as `172.17.0.0/12`.
So new users are not confused by error messages while setup a new Mailu instance (as you can see the multiple requests in the Matrix chat).

ref: https://docs.python.org/3/library/ipaddress.html#ipaddress.IPv4Network

### Related issue(s)
closes  

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: hoellen <dev@hoellen.eu>
bors[bot] f9ed1b74d9 Merge
1082: Use socrate instead of Mailustart r=mergify[bot] a=hoellen

## What type of PR?

enhancement

## What does this PR do?
This PR updates the `Dockerfile`, `setup.py` and `config.py` of each image to support the new [Mailu/socrate](https://github.com/Mailu/socrate) python package. So [MailuStart](https://github.com/Mailu/MailuStart) is not used anymore for resolving DNS and configuration processing. 

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: hoellen <dev@hoellen.eu>
hoellen 10034526a1 Error handling for idna encoding
hoellen 0e8bb507bf move changelog to the right directory
hoellen 463bbda302 Allow subnet with host bit set in setup
hoellen 8c2b136feb Update changelog
bors[bot] 2788909a13 Merge
1052: Upgrade alpine to 3.10 r=mergify[bot] a=Nebukadneza

## What type of PR?
enhancement / bug-fix

## What does this PR do?
Upgrade the alpine base image to 3.10 and clean up ensuing problems. Also directly uses postfix foreground-running with stdout logging.

### Related issue(s)
closes 
closes 

Note: This is a duplicate effort of   …

## Prerequistes
- [X] In case of feature or enhancement: documentation updated accordingly
- [X] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.

With these images, I have tested manually:
- Email receive to user
  - on main domain
  - on additional domain
  - via an alias on main-domain
  - via an alias on additional domain
  - via catchall
- Email reject
  - of eicar testfiles
- Email sending
- Fetchmail from legacy POP
- Front LE certificates
- Simple overriding for postfix (only postfix.cf), nginx, dovecot, rspamd
- Creating a CalDAV calendar and CardDAV entry using davx5

I have not (yet) tested:
- certdumper
- databases other than sqlite

Todo:
- [x] Get rid of podop at `git+https://github.com/Nebukadneza/Podop.git@fix_py37` once https://github.com/Mailu/Podop/pull/6 is merged
- [x] Bend Mailustart back to original repository
- [x] Test more (? also help wanted ?)

Co-authored-by: Thomas Sänger <thomas@gecko.space>
Co-authored-by: Dario Ernst <dario@kanojo.de>
Co-authored-by: Reto Glauser <git@blinkeye.ch>
Bambie07 282830c8aa
Create 1075.bugfix
Dario Ernst 8c2e22f666 Merge branch 'master' into HorayNarea-feat-upgrade-alpine
bors[bot] f77e1bdd0e Merge
1048: Refactor admin using webpack r=mergify[bot] a=kaiyou

## What type of PR?

Refactoring

## What does this PR do?

This PR brings some refactoring to the admin container :
- remove the dependency to mailustart and replace it with socrate
- remove static assets from the repo and use Webpack for building them


Co-authored-by: hoellen <dev@hoellen.eu>
Co-authored-by: kaiyou <pierre@jaury.eu>
Dario Ernst ce0c24e076 Merge branch 'master' into HorayNarea-feat-upgrade-alpine
bors[bot] 22c326a9df Merge
1070: use HTTP/1.1 for proxyied connections r=mergify[bot] a=HorayNarea

## What type of PR?
Feature/Enhancement

## What does this PR do?
[by default nginx uses HTTP/1.0 when proxying connections](https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_http_version), this PR changes that to HTTP/1.1 so keep-alive and other efficiency-improvements are available

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Thomas Sänger <thomas@gecko.space>
hoellen 37d4db514f update changelog
Thomas Sänger c064f58f4d
update changelog
bors[bot] ad8f547357 Merge
1067: Update password in commandline r=hoellen a=hoellen

## What type of PR?

Feature

## What does this PR do?
Adds the ability to set/reset a user's password from the Mailu command line. Similar to the user command:
```
docker-compose exec admin flask mailu password myuser example.net 'password123'
```
With this we can reset the demo server password every few minutes ()

### Related issue(s)
closes 

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: hoellen <dev@hoellen.eu>
hoellen 589f524a58 fix destination of changelog file ()
hoellen 616d40d225 Update password in commandline
Daniel Huber 515e95076a
Merge branch 'master' into feat-relay-auth
Dario Ernst f97b3fc827 Add towncrier newsfragments
bors[bot] 829441def5 Merge
891: Update fetchmail to selfbuilt 7.0.0-alpha r=mergify[bot] a=Nebukadneza

## What type of PR?
enhancement

## What does this PR do?
Fetchmail in alpine is ~5 years old — and doesn’t support current SSL/TLS
variants anymore. This especially leads to our own fetchmail not being able to
pull mail from mailu itself. Since no new fetchmail release is on the horizon,
let’s build the lastest distribution artifact — which strangely is not
6.4.0-snapshot, but 7.0.0-alpha — ourselves.

### Related issue(s)
closes  

## Prerequistes
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: place entry in the [changelog](CHANGELOG.md), under the latest un-released version.


Co-authored-by: Dario Ernst <dario@kanojo.de>
Co-authored-by: Nebukadneza <github@kanojo.de>
kaiyou c147a371d7 Merge branch 'fix-sidebar-toggle' of https://github.com/hoellen/Mailu into hoellen-fix-sidebar-toggle
kaiyou eaa20ffbe3
Merge pull request from Nebukadneza/better_certdumper
Use ldez/traefik-certs-dumper in certificate dumper, and make more robust
Dario Ernst e22324adcd Make aliases case-insensitive (too)
Even though RFC5321 2.4 explains that local-parts are to be case-sensitive,
this does not seem to be how EMail is used today. Thus, instead of reverting
user-emails back to being case sensitive, let’s make aliases case-insensitive
too. Not only more consistent, this also allows users to enjoy receiving EMails
from large airlines or car-rental agencies onto their already existing aliases.

For the rare case of case sensitive aliases existing, let’s query for the
forced-lowercase alias only in the event that the preserved-case one isn’t
found …

closes 
hoellen 167e5a87e1 add sidebar toggle button
Dario Ernst 1acd629e6f Use ldez/traefik-certs-dumper in certificate dumper, and make more robust
closes 
Dario Ernst 5f4a6cf16b Update fetchmail to selfbuilt 7.0.0-alpha
Fetchmail in alpine is ~5 years old — and doesn’t support current SSL/TLS
variants anymore. This especially leads to our own fetchmail not being able to
pull mail from mailu itself. Since no new fetchmail release is on the horizon,
let’s build the lastest distribution artifact — which strangely is not
6.4.0-snapshot, but 7.0.0-alpha — ourselves.
Daniel Huber 7dcb2eb006
Add authentication for email relays