Pierre Jaury
d60ef1991c
Add a rainloop Webmail image, fixes #58
8 years ago
Pierre Jaury
f5b9f569ca
Add a link to the demo server documentation
8 years ago
kaiyou
cbc6bb5dd6
Merge pull request #55 from kaiyou/feat-refactor-permissions
...
Refactor the access control code
8 years ago
Pierre Jaury
40b9883c8c
Filter outgoing email headers, fixes #52
8 years ago
Pierre Jaury
92bbfde195
Add a PNG logo for rendering
8 years ago
Pierre Jaury
56e6c7565e
Add a draft logo
8 years ago
Pierre Jaury
e24da96e58
Add some documentation to access decorators
8 years ago
Pierre Jaury
09bec055fd
Fix domain deletion permissions
8 years ago
Pierre Jaury
c1f9b61dac
Add a simple permission audit script
8 years ago
Pierre Jaury
f8dcef22ef
Fix the manager deletion behaviour
8 years ago
Pierre Jaury
f541a951de
Remove obsolete utils module
8 years ago
Pierre Jaury
713318f097
Clean imports and remove calls to the utils module
8 years ago
Pierre Jaury
ee9a416696
Implement the decorator-based access control for all views
8 years ago
Pierre Jaury
4e4f2b8037
First shot at improving access control, related to #42
...
A couple of things are important to note for this commit:
- it only implements the new access control for alias and admin management
- the access control code is located in access.py
The idea behind simpler access control is auditability. There have been a
couple of bugs related to functions not checking permissions properly. If
checking permissions is as simple as decorating a function, exporting the
permission scheme for an audit should be simple.
Also, this still does not address the information leakage related to 404 errors
when an object does not exist, independently of permissions the user has over
the domain.
8 years ago
Pierre Jaury
3ea3bc1d8e
Enforce permission checks for admin management
8 years ago
kaiyou
ee6e9b2690
Add a reference to the Freenode IRC channel.
8 years ago
Pierre Jaury
6dc9131b97
Fix the wildcard migration script, fixes #53
8 years ago
Pierre Jaury
26f7f5a73b
Change the env file name in the README file
8 years ago
Pierre Jaury
bac20081ee
Split the environment file into sections
8 years ago
Pierre Jaury
d2d84acd5f
Comment all 'build' directives
8 years ago
Pierre Jaury
e3197f9156
Have the admin interface listen on localhost
8 years ago
Pierre Jaury
1b6c514dc5
Disable the frontend Web server by default
8 years ago
Pierre Jaury
a8eafc508a
Default listen on localhost only
8 years ago
Pierre Jaury
7ac44eabeb
Add a VERSION variable to avoid modifying the docker-compose file
8 years ago
Pierre Jaury
14ec783ef7
Add a dynamic Webmail option with a 'none' container
8 years ago
Pierre Jaury
cf84b82c57
Move the configuration file to .env to support global variables
8 years ago
Pierre Jaury
581a0882af
Pull images from Docker Hub by default
8 years ago
Pierre Jaury
8fc95a96d2
Disable debug and set an explicit default secret key
8 years ago
Pierre Jaury
ef5d3a77c6
Pull images from Docker Hub by default
8 years ago
Pierre Jaury
8601d5b8db
Fix #49 when deleting a global admin
8 years ago
Pierre Jaury
1273571299
Add a changelog
8 years ago
Pierre Jaury
0d3c75aa89
Fix a migration issue with wildcard aliases
8 years ago
Pierre Jaury
bfe9ededbc
Fix spam filtering when the score is negative
8 years ago
Pierre Jaury
2602ef2883
Add a feature item about freedom
8 years ago
Pierre Jaury
e916998bb2
Apply the BetterCrypto nginx configuration, related to #45
8 years ago
Pierre Jaury
3d1e5523d4
Use a non-starttls configuration for SMTPS port, related to #45
8 years ago
Pierre Jaury
a6ab917aea
Do not enforce TLS on the default SMTP port, related to #45
8 years ago
Pierre Jaury
e3e9012183
Add a link to the BetterCrypto reference
8 years ago
Pierre Jaury
c0f6a3e387
Apply the BetterCrypto Dovecot configuration, related to #45
8 years ago
Pierre Jaury
8909033c26
Apply the BetterCrypto Postfix configuration, related to #45
8 years ago
Pierre Jaury
5a3242d9d3
Apply the BetterCrypto Postfix configuration, related to #45
8 years ago
Pierre Jaury
5bc0948248
Add some documentation to the Postfix configuration
8 years ago
kaiyou
207e351276
Merge pull request #43 from d-fens/patch-2
...
Update postfix SSL/TLS configuration
8 years ago
kaiyou
2f9319e454
Merge pull request #44 from d-fens/patch-1
...
Update dovecot SSL/TLS configuration
8 years ago
d-fens
a3d8daa585
Update postfix SSL/TLS configuration
...
Ensure that RC4 and SSLv3 is not used. This is based off mailinabox project settings, while not the most ideal settings this improves the configuration from what it is currently.
8 years ago
d-fens
62b1df04a0
Update dovecot SSL/TLS configuration
...
Ensure that RC4 and SSLv3 is not used. This is based off mailinabox project settings, while not the most ideal settings this improves the configuration from what it is currently.
8 years ago
Pierre Jaury
84769cab3e
Switch to form-based confirmations, fixes #20
8 years ago
Pierre Jaury
5a69ada041
Add an action confirmation form, related to #20
8 years ago
Pierre Jaury
6bfdabe8c1
Format the authors file properly
8 years ago
Angedestenebres
acf4dae72e
Update AUTHORS.md
8 years ago