Because basically every MTA out there uses opportunistic TLS _in
the best case_, it's actually counter productive to use such strict
settings.
The alternative to a handshake error is often an unencrypted submission,
which is basically the opposite of what strict ssl_protocols and
ssl_ciphers tries to achieve.
Even big and established providers like Amazon SES are incompatible with the current
settings.
This reverts commit 2ddf46ad2b.
this enables usage of e.g. docker swarm secrets instead of exposing the
passwords directly via environment variables
just use DB_PW_FILE and SECRET_KEY_FILE instead of DB_PW and SECRET_KEY
1601: Fixing documentation minor typo r=mergify[bot] a=akevinieron
## What type of PR?
Documentation
## What does this PR do?
Fixing minor typo on certificate section
## Related issue(s)
N/A
Co-authored-by: Kevin Jimenez <kevinjimenezlorenzo@gmail.com>
- stabilized CommaSeparatedList by sorting values
- CommaSeparatedList can now handle list and set input
- from_dict now handles mapped keys
- from_dict now handles null values
- class Domain: handle dkim-key None correctly
- class User: delete obsolete keys after converting
- class Alias: now uses Email._dict_input
1603: fixed workflow example in documentation r=mergify[bot] a=ghostwheel42
## What type of PR?
documentation
## What does this PR do?
fix error in workflow example. use "git remote add" to add upstream as remote.
### Related issue(s)
-/-
Co-authored-by: Alexander Graf <agraf@kevag-telekom.de>
1599: Fix hardcoded reference to admin container. r=mergify[bot] a=Nebukadneza
Superseding #1330
## What type of PR?
big-fix
## What does this PR do?
Fixes a hardcoded reference to ``admin`` container which may or may not be called ``admin`` in reality, since the user may eventually to name the container otherwise.
### Related issue(s)
- closes#1323
- subsumes #1324
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- Minor bug-fix, no additional documentation needed.
Co-authored-by: Richard Gomes <rgomes.info@gmail.com>
1600: Force setup-file download scheme to HTTPS r=mergify[bot] a=Nebukadneza
## What type of PR?
bug-fix
## What does this PR do?
Up until now HTTPS was only offered by redirect, making MitM possible
before server redirect hit the client.
Add scheme-force to HTTPS to the url-generation.
### Related issue(s)
- fixes#963
## Prerequistes
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.
Co-authored-by: Dario Ernst <dario.ernst@rommelag.com>
1553: Added FAQ about SMTP Banner r=mergify[bot] a=arother
## What type of PR?
documentation
## What does this PR do?
Adding FAQ about SMTP Banner
### Related issue(s)
- closes#1368
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
Co-authored-by: Andreas Rother <andreas@rother.org>
Co-authored-by: Dario Ernst <github@kanojo.de>
Up until now HTTPS was only offered by redirect, making MitM possible
before server redirect hit the client.
Add scheme-force to HTTPS to the url-generation.
fixes#963
Changing Hostname in the .env and in the banner might lead to various breakages of the setup — so don’t advise it to users in the FAQ.
Co-authored-by: Thomas Sänger <thomas@gecko.space>
1596: Fix ANTIVIRUS line in mailu.env file r=mergify[bot] a=Diman0
The ANTIVIRUS line is commented in mailu.env file. Each mailu.env file generated by setup.mailu.io will have the antivirus line commented. Removed the # so that antivirus works again for new deployments.
## What type of PR?
bug fix
## What does this PR do?
### Related issue(s)
- #1595
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [N/A ] In case of feature or enhancement: documentation updated accordingly
- [ N/A minor change] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.
Co-authored-by: Dimitri Huisman <52963853+Diman0@users.noreply.github.com>
The ANTIVIRUS line is commented in mailu.env file. Each mailu.env file generated by setup.mailu.io will have the antivirus line commented. Removed the # so that antivirus works again for new deployments.
1586: Add documentation in regard to the spam filter in Mailu. Added all su… r=mergify[bot] a=Diman0
…ggestions from Liquidat and Nebukadneza..
I have added the suggestions mentioned in pull request #1575
## What type of PR?
Adds FAQ section 'Spam filtering' that describes how spam filtering works. It also describes how you can create your own local black list. This enables the user to set up a map that can be live-updated via Rspamd webgui for blocking emails from listed sender domains.
## What does this PR do?
### Related issue(s)
#1167#1566
Closes issue #1167
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
[ N/A] In case of feature or enhancement: documentation updated accordingly
[ Done] Unless it's docs or a minor change: add changelog entry file.
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
1587: Pin test/build pip-dependencies to their last known versions r=mergify[bot] a=Nebukadneza
## What type of PR?
bug-fix
## What does this PR do?
Fix current travis docker API-version mismatches … in a crude, but safe
way.
### Related issue(s)
None
## Prerequistes
- [x] no docs
- [x] minor change
Co-authored-by: Dario Ernst <dario@kanojo.de>
1541: alpine 3.12 as base image r=mergify[bot] a=ofthesun9
## What type of PR?
Keep in sync with alpine devel
alpine 3.12 was [released](https://alpinelinux.org/posts/Alpine-3.12.0-released.html) on 29 May 2020.
Update for the main services:
nginx 1.18 (vs 1.16)
dovecot 2.3.10 (unchanged)
postfix 3.5.2 (vs 3.4.7)
rspamd 2.5 (vs 1.9.4)
clamav 0.102/3 (vs 0.101.5)
fetchmail 6.4.5
## What does this PR do?
Mostly Dockerfile modification
Co-authored-by: ofthesun9 <olivier@ofthesun.net>
1570: Update webmail.yaml r=mergify[bot] a=DerH4NNES
Duplicated "ports:"
## What type of PR?
bug-fix
## What does this PR do?
fixes service specs
### Related issue(s)
/
Co-authored-by: Sascha Hannes <saschahannes@web.de>
1511: Setup, compose: add note about reverse DNS r=mergify[bot] a=liquidat
## What type of PR?
documentation
## What does this PR do?
If the [mailu setup utility](https://setup.mailu.io/master/) is used with the Compose flavor, in step 4 a list of public host names needs to be provided:
The [first entry in this list is configured as hostname by postfix](ddac2672fc/core/postfix/conf/main.cf (L10)). That is crucial: if the reverse DNS entry for that host is not the same as this first entry in this list, it will be a mismatch between rDNS and HELO, which will lead to bad scoring in many spam filters.
This commit clarifies that point.
It also fixes a missing parenthesis.
### Related issue(s)
- (none)
## Prerequistes
- (none applicable)
Co-authored-by: liquidat <liquidat@bayz.de>
1526: Use Radicale 3.x for webdav service r=mergify[bot] a=ofthesun9
- remove -f flag in Dockerfile CMD
- remove deprecated daemon and dns_lookup settings from radicale.conf
- move realm setting from [server] to [auth] in radicale.conf
- add newsfragment
## What type of PR?
Miscellaneous
## What does this PR do?
Modifications in Dockerfile and radicale.conf to get Radicale 3.0 service building properly.
Functional tests would be needed before merge.
### Related issue(s)
- closes#1512
## Prerequistes
- [X] In case of feature or enhancement: documentation updated accordingly
Co-authored-by: ofthesun9 <olivier@ofthesun.net>
1557: Explicitly define ProxyFix options r=mergify[bot] a=brian-maloney
## What type of PR?
bug-fix
## What does this PR do?
This PR explicitly defines the options for the ProxyFix module, which fixes a regression in admin behind a reverse proxy.
### Related issue(s)
- #1309
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [X] In case of feature or enhancement: documentation updated accordingly
- [X] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.
This is a bugfix, so not doc changes, and it's an extremely minor change.
Co-authored-by: Brian Maloney <3286425+brian-maloney@users.noreply.github.com>
1538: Introduce environment variable to control dovecot full-text-search r=mergify[bot] a=tremlin
## What type of PR?
Enhancement
## What does this PR do?
In #1320 a full-text-search feature was enabled in Dovecot by default. Since this can have a big impact on performance, I think it's preferable to offer an option to disable the feature if it is not needed. This PR doesn't change the default behavior (FTS on).
### Related issue(s)
- #1320
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [ ] In case of feature or enhancement: documentation updated accordinagly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.
Co-authored-by: Thomas Rehn <thomas.rehn@initos.com>
lub
Wolfgang Jung
