66 Commits (e3fa74768ab94881e99187b0eb5c87d9d6add332)

Author SHA1 Message Date
Alexander Graf 05c79b0e3c copy (and not parse) mta sts override config 3 years ago
Alexander Graf b02ceab72f handle DEFER_ON_TLS_ERROR as bool
use /conf/mta-sts-daemon.yml when override is missing
3 years ago
Florent Daigniere 7aa403573d no with here 3 years ago
Florent Daigniere 9888efe55d Document as suggested on #mailu-dev 3 years ago
Florent Daigniere 4abf49edf4 indent 3 years ago
Florent Daigniere 489520f067 forgot about alpine/lmdb 3 years ago
Florent Daigniere a1da4daa4c Implement the DANE-only lookup policyd
https://github.com/Snawoot/postfix-mta-sts-resolver/issues/67 for
context
3 years ago
Florent Daigniere 05b57c972e remove the static policy as it will override MTA-STS and DANE 3 years ago
Florent Daigniere a8142dabbe Introduce DEFER_ON_TLS_ERROR
This will default to True and defer emails that fail even "loose"
validation of DANE or MTA-STS

It should work most of the time but if it doesn't and you would rather
see your emails delivered, you can turn it off.
3 years ago
Florent Daigniere 52d3a33875 Remove the domains that have a valid MTA-STS policy
gmail.com
comcast.net
mail.ru
googlemail.com
wp.pl
3 years ago
Florent Daigniere 4f96e99144 MTA-STS (use rather than publish policies) 3 years ago
Florent Daigniere fb8d52ceb2 Merge branch 'master' of https://github.com/Mailu/Mailu into tls_policy_map 3 years ago
bors[bot] b57df78dac
Merge #1916
1916: Ratelimit outgoing emails per user r=mergify[bot] a=nextgens

## What type of PR?

Feature

## What does this PR do?

A conflict-free version of #1360 implementing per-user sender limits

### Related issue(s)
- close #1360 
- close #1031
- close #1774 

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
3 years ago
Florent Daigniere 0b16291153 doh 3 years ago
Florent Daigniere 1db08018da Ensure that we get certificate validation on top90
I have found a list of the top100 email destinations online and ran them
through a script to ensure that all of their MX servers had valid
configuration... this is the result
3 years ago
Florent Daigniere b066a5e2ac add a default tls_policy_map 3 years ago
Florent Daigniere ecadf46ac6 fix PFS 3 years ago
Florent Daigniere 1438253a06 Ratelimit outgoing emails per user 3 years ago
bors[bot] bf65a1248f
Merge #1885
1885: fix 1884: always lookup a FQDN r=mergify[bot] a=nextgens

## What type of PR?

bugfix

## What does this PR do?

Fix bug #1884. Ensure that we avoid the musl resolver bug by always looking up a FQDN

### Related issue(s)
- closes #1884

Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
3 years ago
Florent Daigniere fa915d7862 Fix 1294 ensure podop's socket is owned by postfix 3 years ago
Florent Daigniere 9d2629a04e fix 1884: always lookup a FQDN 3 years ago
Florent Daigniere 1d65529c94 The lookup could fail; ensure we set something 3 years ago
Florent Daigniere 8bc1d6c08b Replace PUBLIC_HOSTNAME/IP in Received headers
This will ensure that we don't get spam points for not respecting the
RFC
3 years ago
ofthesun9 381bf747cc Check permissions using postfix set-permissions 5 years ago
ofthesun9 3a9c9d0436 Fixed typo 5 years ago
ofthesun9 67caf0c8cf Check /queue permissions before postfix start
postfix and posdrop id might have changed after base image change
5 years ago
Dario Ernst dbcab06587 Ignore newlines and comment-lines in postfix overrides
To make postfix override files understandable and readable, users may
want to insert empty newlines and #-commented lines in their postfix
override files too. This will now ignore such bogus-lines and not send
them to `postconf`, which produced ugly errors in the past.

closes #1098
5 years ago
kaiyou bd69b7a491 Add support for SRS, related to #328 5 years ago
Michael Wyraz a907fe4cac Split HOST_ANTISPAM in HOST_ANTISPAM_MILTER and HOST_ANTISPAM_WEBUI 5 years ago
Michael Wyraz de2f166bd1 Resolve HOST_* to *_ADDRESS only if *_ADDRESS is not already set 5 years ago
Ionut Filip 075417bf90 Merged master and fixed conflicts 5 years ago
hoellen 9de5dc2592 Use python package socrate instead of Mailustart 5 years ago
Dario Ernst a8c3530bfa Remove accidentally reintroduced rsyslogd config 5 years ago
Dario Ernst ce0c24e076 Merge branch 'master' into HorayNarea-feat-upgrade-alpine 5 years ago
Daniel Huber ae290482c0
Format relay credentials file with jinja 6 years ago
Dario Ernst ea851e77d4 Remove reference to rsyslogd 6 years ago
Dario Ernst d155b2c533 Start postfix directly with stdout logging 6 years ago
Dario Ernst 96fbaecc2f Correct executables moved by alpine 6 years ago
Daniel Huber 7dcb2eb006
Add authentication for email relays 6 years ago
Ionut Filip 4c25c83419 HOST_* and *_ADDRESS variables cleanup 6 years ago
Ionut Filip f9e3cd3c5d Use corret host_* variables 6 years ago
Ionut Filip 004a431e97
Change to mailustart functions 6 years ago
Ionut Filip 9684ebf33f Use mailustart package from git 6 years ago
Tim Möhlmann 7a9685bcb9
Resolve admin during start to work around Docker DNS flaky-ness 6 years ago
Tim Möhlmann 049ca9941f
Cleanup syntax and fix typo 6 years ago
Tim Möhlmann 7d01bb2a4d
LOG_LEVEL docs and changelog entry 6 years ago
Tim Möhlmann b04a9d1c28
Implement debug logging for template rendering 6 years ago
Tim Möhlmann b9313488dd
Add logging for tenacity.retry
In the process we found that the previous way of tenacity syntax caused it not to honor any args.
In this commit we've refactored to use the @decorator syntax, in which tenacity seems to behave better.
6 years ago
mergify[bot] 37027cfce7
Merge pull request #633 from kaiyou/fix-sender-checks
Improve sender checks
6 years ago
Ionut Filip 1187cac5e1 Finished up switching from .sh to .py 6 years ago