1708 Commits (e1739befc0bfacd3de05fe42bcbca3802b6308f6)

Author SHA1 Message Date
Florent Daigniere e1739befc0 Make it work for /admin/antispam too 2 years ago
Florent Daigniere f44cd24bf8 doh 2 years ago
Florent Daigniere 925c753f40 Merge branch 'master' of https://github.com/Mailu/Mailu into guess-target 2 years ago
Florent Daigniere b607375603 Fix 2692: make the external auth proxy usable 2 years ago
Florent Daigniere dd912169fb Make the login page guess where to redirect 2 years ago
Florent Daigniere 1b045b4a94 Introduce AUTH_PROXY_LOGOUT_URL 2 years ago
S474N 92be819053
Update messages.po 2 years ago
S474N d6757514af
Czech translation
Czech translation
2 years ago
bors[bot] 0de2430868
Merge #2664
2664: Fix the bug reported by fastlorenzo r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Fix the bug reported by fastlorenzo: when using proxy-auth, if the user doesn't exist you have to hit the URL twice.

### Related issue(s)


## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2 years ago
Florent Daigniere fed5ab1564 Alpine 3.17.2 2 years ago
Florent Daigniere 6a4d8603fc Create the user before logging it in 2 years ago
Florent Daigniere f125420400 Fix the bug reported by fastlorenzo 2 years ago
Florent Daigniere 66b7c76836 Doh. Without this email delivery from RELAYNET is broken 2 years ago
bors[bot] aea7407044
Merge #2646
2646: Smarter ratelimit r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Only account for **distinct** usernames in the IP rate-limiter.

This enables to have a much tighter default as a user with a misconfigured device will now only account for a single attempt.

The goal here is to make the rate-limiter more acceptable and to avoid people disabling it altogether.

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2 years ago
bors[bot] 46429ab247
Merge #2640
2640: Add env variable to set sieve_vacation_to_header_ignore_envelope r=mergify[bot] a=nwinkelstraeter

When used with SRS the vacation plugin creates a reply with SRS in the To: header which does not look nice for the recipient. Setting sieve_vacation_to_header_ignore_envelope will use the headers from the original source message instead of potentially rewritten ones.

Without this option auto-replies are sent with a To header with SRS, e.g `SRS0=uetG=43=sender.com=user@autoresponder.com`
With this option they are sent with just `user@sender.com`

This option is for whatever reason not part of the [pigeonhole docs](https://doc.dovecot.org/configuration_manual/sieve/extensions/vacation/) but it is documented here: 34431d7a67/NEWS (L338)

## What type of PR?

enhancement

## What does this PR do?
This PR adds an environment variable to the set the `sieve_vacation_to_header_ignore_envelope` configuration

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly



Co-authored-by: Nico Winkelsträter <nico.winkelstraeter@initos.com>
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2 years ago
Nico Winkelsträter 9cb2ef7632 Let vacation plugin ignore envelope sender to avoid SRS recipient
This is done by setting sieve_vacation_to_header_ignore_envelope to yes
The envelope is rewritten by recipent_canonical_maps to reverse SRS after the plugin checks it
so we need the plugin to ignore it at this point.
2 years ago
Florent Daigniere 085bac6e08 Change AUTH_RATELIMIT_IP_V6_MASK from /56 to /48 2 years ago
Alexander Graf fa084d7b1c
Styling only 2 years ago
Florent Daigniere caa8412d82 close #1236: Allow + in localpart of addresses 2 years ago
Florent Daigniere 294ac4adb2 Revert "Clarify"
This reverts commit 35e9bfb8ab.
2 years ago
Florent Daigniere 35e9bfb8ab Clarify 2 years ago
Florent Daigniere d30f71234d Apply the mask on the IP too 2 years ago
Florent Daigniere a60159a0db update defaults, rephrase doc 2 years ago
Florent Daigniere e2a25c79fc only account attempts for distinct usernames in ratelimits 2 years ago
Dimitri Huisman 44ad14811d
Missed some IF statements that must be modified for normalized config. 2 years ago
Dimitri Huisman d9a6777d9d
Forgot to adapt some IF statements. All config is normalized now for front.
So true/false now matches the boolean value True/False.
Instead if {% IF X == 'true' %} we should now use {% IF X %}
2 years ago
bors[bot] 4a24bd9e24
Merge #2638
2638: further finishing touches for restful api r=mergify[bot] a=Diman0

- Fix setup utility setting correct value to env var API. It now also sets `false` when the API is disabled in the setup utility.
- Fix IF statement for enabling API in nginx.conf. Setting a different value than `API=true` in mailu.env now disabled the API endpoint in nginx.
- Use safer command for regenerating example API token. It uses crypto.getRandomValues() (as suggested by nextgens) which should be more random than the previously used method. 

## What type of PR?

bug-fix

## What does this PR do?

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2 years ago
Dimitri Huisman 7bcac3bbaa
Get the value from the correct dict (args) 2 years ago
Alexander Graf ab5caac6f7
Remove webmail cookies on logout. 2 years ago
Dimitri Huisman 75afe1092d
Use server-side password generator for generating token.
Fix setup correctly writing the value for API to mailu.env
Normalize env vars for front container.
Update reverse proxy with API information.
2 years ago
Dimitri Huisman 0673d32306
Fix setup utility setting correct value to env var API
Fix IF statement for enabling API in nginx.conf
Use safer command for regenerating example API token.
2 years ago
Alexander Graf 50fc1cb8b3
Move version style to app.css 2 years ago
Alexander Graf 8f425ce081
Move unit to data-attr and fix defaulting to 1 2 years ago
Alexander Graf f00059d10c
Show mailu version in web interface after logging in 2 years ago
Alexander Graf 8b0b87984d
Duh. Fix macros call 2 years ago
Alexander Graf 2fa0461803
Fix sliders 2 years ago
Alexander Graf 31e974f829
Add edit button to admin and manager lists 2 years ago
Alexander Graf 3af3aa9395
Show quota in domain list 2 years ago
Alexander Graf 65595d139a
Set default sort order for all lists 2 years ago
bors[bot] 3a1cecbe21
Merge #2636
2636: Fix out of office replies r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Fix sieve/out of office replies by adding SUBNET to rspamd's local_networks.

Webmails are now on a different subnet.

### Related issue(s)


## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2 years ago
Florent Daigniere ae7061c561 Doh 2 years ago
Florent Daigniere 802ab533d2 Upgrade to alpine 3.17.1
New openssl, new dovecot
2 years ago
Florent Daigniere e326393f03 fix ooo 2 years ago
Alexander Graf 21ac230cce
Make olefy.py listen on all interfaces 2 years ago
Alexander Graf 842be9b7c3
Skip listen to v6 when SUBNET6 is not set 2 years ago
Alexander Graf 1ad1d8d95d
Rewrite generation of gunicorn cmdline 2 years ago
Chris Schäpers 35331a4295
Make gunicorn IPv6 conditional
Only listen on [::]:80 in case SUBNET6 is defined, otherwise do the normal :80
2 years ago
Chris 9f6848110a
Make gunicorn listen on ipv6 2 years ago
bors[bot] db2a490256
Merge #2633
2633: Don't apply antispoof rules on locally generated emails r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Don't apply antispoof rules on locally generated emails; This was breaking the auto-responder and sieve rules.

### Related issue(s)


## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2 years ago
Florent Daigniere 46f05cb651 Merge branch 'master' of https://github.com/Mailu/Mailu into reduce-logging 2 years ago