From 1aca6fe08fadd40f878824f61361abef60251088 Mon Sep 17 00:00:00 2001 From: Joshua Tauberer Date: Mon, 8 Aug 2016 07:28:10 -0400 Subject: [PATCH 01/10] some minor tweaks to the new users/aliases API documentation --- management/templates/aliases.html | 29 +++++++++---------- management/templates/custom-dns.html | 4 +-- management/templates/ssl.html | 6 ++-- management/templates/system-backup.html | 2 +- management/templates/users.html | 37 +++++++++++++------------ 5 files changed, 40 insertions(+), 38 deletions(-) diff --git a/management/templates/aliases.html b/management/templates/aliases.html index d5a123ff..bf8e63cd 100644 --- a/management/templates/aliases.html +++ b/management/templates/aliases.html @@ -106,37 +106,38 @@ -

Mail alias API

+

Mail aliases API (advanced)

-

Use your box’s Mail alias API to add/remove aliases.

+

Use your box’s mail aliases API to add and remove mail aliases from the command-line or custom services you build.

Usage:

-
curl -X VERB [-d "value"] --user {email}:{password} https://{{hostname}}/admin/mail/aliases[action]
+
curl -X VERB [-d "parameters"] --user {email}:{password} https://{{hostname}}/admin/mail/aliases[action]
-

(Brackets denote an optional argument.)

-

(Adding ?format=json will give json encoded results)

+

Brackets denote an optional argument. Please note that the POST body parameters must be URL-encoded.

-

Verbs

+

The email and password given to the --user option must be an administrative user on this system.

- +

Verbs

+ +
- - - + + +
Verb Action
GET Returns a list of existing mail aliases.
POST/add Adds a new mail alias. Required parameters are address and forward_to.
POST/remove Removes a mail alias. Required parameter is address.
GET(none) Returns a list of existing mail aliases. Adding ?format=json to the URL will give JSON-encoded results.
POST/add Adds a new mail alias. Required POST-body parameters are address and forward_to.
POST/remove Removes a mail alias. Required POST-body parameter is address.

Examples:

Try these examples. For simplicity the examples omit the --user me@mydomain.com:yourpassword command line argument which you must fill in with your email address and password.

-
# Gives a json encoded list of all mail users
-curl -X GET https://{{hostname}}/admin/mail/users?format=json
+
# Gives a JSON-encoded list of all mail aliases
+curl -X GET https://{{hostname}}/admin/mail/aliases?format=json
 
-# adds a new email alias
+# Adds a new alias
 curl -X POST -d "address=new_alias@mydomail.com" -d "forward_to=my_email@mydomain.com" https://{{hostname}}/admin/mail/aliases/add
 
-# removes a email alias
+# Removes an alias
 curl -X POST -d "address=new_alias@mydomail.com" https://{{hostname}}/admin/mail/aliases/remove
 

 
diff --git a/management/templates/custom-dns.html b/management/templates/custom-dns.html
index bd5643c3..df3d82e5 100644
--- a/management/templates/custom-dns.html
+++ b/management/templates/custom-dns.html
@@ -10,7 +10,7 @@
 
 
It is possible to set custom DNS records on domains hosted here.

 
-
Set Custom DNS Records

+
Set custom DNS records

 
 
You can set additional DNS records, such as if you have a website running on another server, to add DKIM records for external mail providers, or for various confirmation-of-ownership tests.

 
@@ -66,7 +66,7 @@
   
 
 
-
Using a Secondary Nameserver

+
Using a secondary nameserver

 
 
If your TLD requires you to have two separate nameservers, you can either set up external DNS and ignore the DNS server on this box entirely, or use the DNS server on this box but add a secondary (aka “slave”) nameserver.

 
If you choose to use a seconday nameserver, you must find a seconday nameserver service provider. Your domain name registrar or virtual cloud provider may provide this service for you. Once you set up the seconday nameserver service, enter the hostname (not the IP address) of their secondary nameserver in the box below.

diff --git a/management/templates/ssl.html b/management/templates/ssl.html
index d7e656c7..cefc82fd 100644
--- a/management/templates/ssl.html
+++ b/management/templates/ssl.html
@@ -8,7 +8,7 @@
 
You need a TLS certificate for this box’s hostname ({{hostname}}) and every other domain name and subdomain that this box is hosting a website for (see the list below).

 
 

-
Provision a Certificate

+
Provision a certificate

 
 
 

 
-
Certificate Status

+
Certificate status

 
 
Certificates expire after a period of time. All certificates will be automatically renewed through Let’s Encrypt 14 days prior to expiration.

 
@@ -53,7 +53,7 @@
 
 
 
-
Install Certificate

+
Install certificate

 
 
There are many other places where you can get a free or cheap certificate. If you don't want to use our automatic Let's Encrypt integration, you can give Namecheap’s $9 certificate, StartSSL’s free express lane, WoSign’s free TLS or any other certificate provider a try.

 
diff --git a/management/templates/system-backup.html b/management/templates/system-backup.html
index dc925916..8fceafe6 100644
--- a/management/templates/system-backup.html
+++ b/management/templates/system-backup.html
@@ -74,7 +74,7 @@
   
 
 
-
Available Backups

+
Available backups

 
 
The backup location currently contains the backups listed below. The total size of the backups is currently .

 
diff --git a/management/templates/users.html b/management/templates/users.html
index 793f0ff0..2cda327c 100644
--- a/management/templates/users.html
+++ b/management/templates/users.html
@@ -84,45 +84,46 @@
   
 
 
-
Mail user API

+
Mail user API (advanced)

 
-
Use your box’s Mail user API to add/change/remove users.

+
Use your box’s mail user API to add/change/remove users from the command-line or custom services you build.

 
 
Usage:

 
-
curl -X VERB [-d "value"] --user {email}:{password} https://{{hostname}}/admin/mail/users[action]

+
curl -X VERB [-d "parameters"] --user {email}:{password} https://{{hostname}}/admin/mail/users[action]

 
-
(Brackets denote an optional argument.)

-
(Adding ?format=json will give json encoded results)

+
Brackets denote an optional argument. Please note that the POST body parameters must be URL-encoded.

 
-
Verbs

+
The email and password given to the --user option must be an administrative user on this system.

 
-
+
Verbs

+
+

-
-
-
-
-
+
+
+
+
+

 
Verb Action
GET Returns a list of existing mail users.
POST/add Adds a new mail user. Required parameters are email and password.
POST/remove Removes a mail user. Required parameter is email.
POST/privileges/add Used to make a mail user an admin. Required parameters are email and privilege=admin.
POST/privileges/remove Used to remove the admin privilege from a mail user. Required parameter is email.
GET(none) Returns a list of existing mail users. Adding ?format=json to the URL will give JSON-encoded results.
POST/add Adds a new mail user. Required POST-body parameters are email and password.
POST/remove Removes a mail user. Required POST-by parameter is email.
POST/privileges/add Used to make a mail user an admin. Required POST-body parameters are email and privilege=admin.
POST/privileges/remove Used to remove the admin privilege from a mail user. Required POST-body parameter is email.

 

 
 
Examples:

 
-
Try these examples. For simplicity the examples omit the --user me@mydomain.com:yourpassword command line argument which you must fill in with your email address and password.

+
Try these examples. For simplicity the examples omit the --user me@mydomain.com:yourpassword command line argument which you must fill in with your administrative email address and password.

 
-
# Gives a json encoded list of all mail users
+
# Gives a JSON-encoded list of all mail users
 curl -X GET https://{{hostname}}/admin/mail/users?format=json
 
-# adds a new email user
+# Adds a new email user
 curl -X POST -d "email=new_user@mydomail.com" -d "password=s3curE_pa5Sw0rD" https://{{hostname}}/admin/mail/users/add
 
-# removes a email user
+# Removes a email user
 curl -X POST -d "email=new_user@mydomail.com" https://{{hostname}}/admin/mail/users/remove
 
-# adds admin privilege to an email user
+# Adds admin privilege to an email user
 curl -X POST -d "email=new_user@mydomail.com" -d "privilege=admin" https://{{hostname}}/admin/mail/users/privileges/add
 
-# removes admin privilege from an email user
+# Removes admin privilege from an email user
 curl -X POST -d "email=new_user@mydomail.com" https://{{hostname}}/admin/mail/users/privileges/remove
 

 

From fc5cc9753b40c95cb9323d5d3e95a2326af8df9d Mon Sep 17 00:00:00 2001
From: Joshua Tauberer 
Date: Mon, 8 Aug 2016 07:32:02 -0400
Subject: [PATCH 02/10] roundcube 1.2.1

---
 CHANGELOG.md     | 2 +-
 setup/webmail.sh | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 929f2913..040966e0 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,7 +6,7 @@ In Development
 
 Mail:
 
-* Roundcube is updated to version 1.2.0.
+* Roundcube is updated to version 1.2.1.
 * SSLv3 and RC4 are now no longer supported in incoming and outgoing mail (SMTP port 25).
 
 Control panel:
diff --git a/setup/webmail.sh b/setup/webmail.sh
index bf29c6ab..8307149b 100755
--- a/setup/webmail.sh
+++ b/setup/webmail.sh
@@ -34,8 +34,8 @@ apt-get purge -qq -y roundcube* #NODOC
 # Install Roundcube from source if it is not already present or if it is out of date.
 # Combine the Roundcube version number with the commit hash of vacation_sieve to track
 # whether we have the latest version.
-VERSION=1.2.0
-HASH=2088985fb613b4e4e3373933ca44b26fce0489fb
+VERSION=1.2.1
+HASH=81fbfba4683522f6e54006d0300a48e6da3f3bbd
 VACATION_SIEVE_VERSION=91ea6f52216390073d1f5b70b5f6bea0bfaee7e5
 PERSISTENT_LOGIN_VERSION=1e9d724476a370ce917a2fcd5b3217b0c306c24e
 HTML5_NOTIFIER_VERSION=4b370e3cd60dabd2f428a26f45b677ad1b7118d5

From 81b5af6b64bc9797b3a018565779466d27c3bad0 Mon Sep 17 00:00:00 2001
From: Joshua Tauberer 
Date: Mon, 8 Aug 2016 07:55:46 -0400
Subject: [PATCH 03/10] document fail2ban filters in security.md

---
 security.md | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/security.md b/security.md
index a56df082..e89eeeb9 100644
--- a/security.md
+++ b/security.md
@@ -69,6 +69,16 @@ The [setup guide video](https://mailinabox.email/) explains how to verify the ho
 
 If DNSSEC is enabled at the box's domain name's registrar, the SSHFP record that the box automatically puts into DNS can also be used to verify the host key fingerprint by setting `VerifyHostKeyDNS yes` in your `ssh/.config` file or by logging in with `ssh -o VerifyHostKeyDNS=yes`. ([source](management/dns_update.py))
 
+### Brute-force attack mitigation
+
+`fail2ban` provides some protection from brute-force login attacks (repeated logins that guess account passwords) by blocking offending IP addresses at the network level.
+
+The following services are protected: SSH, IMAP (dovecot), SMTP submission (postfix), webmail (roundcube), ownCloud/CalDAV/CardDAV (over HTTP), and the Mail-in-a-Box control panel & munin (over HTTP).
+
+Some other services running on the box may be missing fail2ban filters.
+
+`fail2ban` only blocks IPv4 addresses, however. If the box has a public IPv6 address, it is not protected from these attacks.
+
 Outbound Mail
 -------------
 

From d38b732b0a38639207ce5b102faa4f8c943411b0 Mon Sep 17 00:00:00 2001
From: Joshua Tauberer 
Date: Mon, 8 Aug 2016 08:19:42 -0400
Subject: [PATCH 04/10] add a Code of Conduct

---
 CODE_OF_CONDUCT.md | 48 ++++++++++++++++++++++++++++++++++++++++++++++
 CONTRIBUTING.md    |  4 ++++
 README.md          |  4 ++--
 3 files changed, 54 insertions(+), 2 deletions(-)
 create mode 100644 CODE_OF_CONDUCT.md

diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md
new file mode 100644
index 00000000..f71659ad
--- /dev/null
+++ b/CODE_OF_CONDUCT.md
@@ -0,0 +1,48 @@
+# Mail-in-a-Box Code of Conduct
+
+Mail-in-a-Box is an open source community project about working, as a group, to empower ourselves and others to have control over our own digital communications. Just as we hope to increase technological diversity on the Internet through decentralization, we also believe that diverse viewpoints and voices among our community members foster innovation and creative solutions to the challenges we face.
+
+We are committed to providing a safe, welcoming, and harrassment-free space for collaboration, for everyone, without regard to age, disability, economic situation, ethnicity, gender identity and expression, language fluency, level of knowledge or experience, nationality, personal appearance, race, religion, sexual identity and orientation, or any other attribute. Community comes first. This policy supersedes all other project goals.
+
+The maintainers of Mail-in-a-Box share the dual responsibility of leading by example and enforcing these policies as necessary to maintain an open and welcoming environment.
+
+## Scope
+
+This Code of Conduct applies to all places where Mail-in-a-Box community activity is ocurring, including in on Github, in discussion forums, on Slack, on social media, and in real life. The Code of Conduct applies not only on websites/at events run by the Mail-in-a-Box community (e.g. our Github organization, our Slack team) but also at any other location where the Mail-in-a-Box community is present (e.g. in issues of other Github organizations where Mail-in-a-Box community members are discussing problems related to Mail-in-a-Box, or real-life professional conferences), or whenever a Mail-in-a-Box community member is representing Mail-in-a-Box to the public at large or acting on behalf of Mail-in-a-Box.
+
+This code does not apply to activity on a server running Mail-in-a-Box software, unless your server is hosting a service for the Mail-in-a-Box community at large.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Showing empathy towards other community members
+* Making room for new and quieter voices
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or advances
+* Trolling, insulting/derogatory/unwelcome comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic address, without explicit permission
+* Aggressive and micro-aggressive behavior, such as unconstructive criticism, providing corrections that do not improve the conversation (sometimes referred to as "well actually"s), repeatedly interrupting or talking over someone else, feigning surprise at someone's lack of knowledge or awareness about a topic, or subtle prejudice (for example, comments like "That's so easy my grandmother could do it.", which is prejudicial toward grandmothers).
+* Other conduct which could reasonably be considered inappropriate in a professional setting
+* Retaliating against anyone who reports a violation of this code.
+
+We will not tolerate harassment. Harassment is any unwelcome or hostile behavior towards another person for any reason. This includes, but is not limited to, offensive verbal comments related to personal characteristics or choices, sexual images or comments, deliberate intimidation, bullying, stalking, following, harassing photography or recording, sustained disruption of discussion or events, nonconsensual publication of private comments, inappropriate physical contact, or unwelcome sexual attention. Conduct need not be intentional to be harassment.
+
+## Enforcement
+
+We will remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not consistent with this Code of Conduct. We may ban, temporarily or permanently, any contributor for violating this code, when appropriate.
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project lead, [Joshua Tauberer](https://razor.occams.info/). All reports will be treated confidentially, impartially, consistently, and swiftly.
+
+Because the need for confidentiality for all parties involved in an enforcement action outweighs the goals of openness, limited information will be shared with the Mail-in-a-Box community regarding enforcement actions that have taken place.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant, version 1.4](http://contributor-covenant.org/version/1/4) and the code of conduct of [Code for DC](http://codefordc.org/resources/codeofconduct.html).
+
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index a0b40f9c..8e8614a3 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -5,3 +5,7 @@ This project is in the public domain. Copyright and related rights in the work w
 All contributions to this project must be released under the same CC0 wavier. By submitting a pull request or patch, you are agreeing to comply with this waiver of copyright interest.
 
 [CC0]: http://creativecommons.org/publicdomain/zero/1.0/
+
+## Code of Conduct
+
+This project has a [Code of Conduct](CODE_OF_CONDUCT.md). Please review it when joining our community.
diff --git a/README.md b/README.md
index ad912a28..9b1af52a 100644
--- a/README.md
+++ b/README.md
@@ -9,7 +9,7 @@ Mail-in-a-Box helps individuals take back control of their email by defining a o
 
 * * *
 
-I am trying to:
+Our goals are to:
 
 * Make deploying a good mail server easy.
 * Promote [decentralization](http://redecentralize.org/), innovation, and privacy on the web.
@@ -17,7 +17,7 @@ I am trying to:
 * **Not** make a totally unhackable, NSA-proof server.
 * **Not** make something customizable by power users.
 
-This setup is what has been powering my own personal email since September 2013.
+Additionally, this project has a [Code of Conduct](CODE_OF_CONDUCT.md), which supersedes the goals above. Please review it when joining our community.
 
 The Box
 -------

From 6c22c0533eb021d3d06e31bf118a7d68353cbf8d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marius=20Blu=CC=88m?= 
Date: Tue, 9 Aug 2016 00:53:15 +0200
Subject: [PATCH 05/10] Upgrade ownCloud from 8.2.3 to 8.2.7
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Marius Blüm 
---
 setup/owncloud.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/setup/owncloud.sh b/setup/owncloud.sh
index 79045242..2e590b00 100755
--- a/setup/owncloud.sh
+++ b/setup/owncloud.sh
@@ -17,8 +17,8 @@ apt_install \
 apt-get purge -qq -y owncloud*
 
 # Install ownCloud from source of this version:
-owncloud_ver=8.2.3
-owncloud_hash=bfdf6166fbf6fc5438dc358600e7239d1c970613
+owncloud_ver=8.2.7
+owncloud_hash=723ba3f46dad219109cdf28dcc016fcd8a6bc434
 
 # Migrate <= v0.10 setups that stored the ownCloud config.php in /usr/local rather than
 # in STORAGE_ROOT. Move the file to STORAGE_ROOT.

From 6f165d0aeb2c3178a32b69b898f2d37f410a2524 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marius=20Blu=CC=88m?= 
Date: Tue, 9 Aug 2016 00:58:10 +0200
Subject: [PATCH 06/10] Update Changelog
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Marius Blüm 
---
 CHANGELOG.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 929f2913..a90557a5 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,10 @@ CHANGELOG
 In Development
 --------------
 
+ownCloud:
+
+* Updated to ownCloud to 8.2.7
+
 Mail:
 
 * Roundcube is updated to version 1.2.0.

From cdd0a821eb9b694a426da99c152817de209ada01 Mon Sep 17 00:00:00 2001
From: Joshua Tauberer 
Date: Sat, 13 Aug 2016 17:27:10 -0400
Subject: [PATCH 07/10] v0.19

closes #898
---
 CHANGELOG.md       | 4 ++--
 README.md          | 4 ++--
 setup/bootstrap.sh | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 040966e0..ebed0675 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,8 +1,8 @@
 CHANGELOG
 =========
 
-In Development
---------------
+v0.19 (August 13, 2016)
+-----------------------
 
 Mail:
 
diff --git a/README.md b/README.md
index ad912a28..6f6937fa 100644
--- a/README.md
+++ b/README.md
@@ -59,7 +59,7 @@ by me:
 	$ curl -s https://keybase.io/joshdata/key.asc | gpg --import
 	gpg: key C10BDD81: public key "Joshua Tauberer " imported
 
-	$ git verify-tag v0.18c
+	$ git verify-tag v0.19
 	gpg: Signature made ..... using RSA key ID C10BDD81
 	gpg: Good signature from "Joshua Tauberer "
 	gpg: WARNING: This key is not certified with a trusted signature!
@@ -72,7 +72,7 @@ and on my [personal homepage](https://razor.occams.info/). (Of course, if this r
 
 Checkout the tag corresponding to the most recent release:
 
-	$ git checkout v0.18c
+	$ git checkout v0.19
 
 Begin the installation.
 
diff --git a/setup/bootstrap.sh b/setup/bootstrap.sh
index 8061329b..47fbb6ec 100644
--- a/setup/bootstrap.sh
+++ b/setup/bootstrap.sh
@@ -7,7 +7,7 @@
 #########################################################
 
 if [ -z "$TAG" ]; then
-	TAG=v0.18c
+	TAG=v0.19
 fi
 
 # Are we running as root?

From 4f2d16a31de0b63606709949a91ff44e594f2611 Mon Sep 17 00:00:00 2001
From: ReadmeCritic 
Date: Mon, 15 Aug 2016 08:07:09 -0700
Subject: [PATCH 08/10] Update README URLs based on HTTP redirects (#908)

---
 README.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index 6f6937fa..579786ab 100644
--- a/README.md
+++ b/README.md
@@ -13,7 +13,7 @@ I am trying to:
 
 * Make deploying a good mail server easy.
 * Promote [decentralization](http://redecentralize.org/), innovation, and privacy on the web.
-* Have automated, auditable, and [idempotent](http://sharknet.us/2014/02/01/automated-configuration-management-challenges-with-idempotency/) configuration.
+* Have automated, auditable, and [idempotent](https://sharknet.us/2014/02/01/automated-configuration-management-challenges-with-idempotency/) configuration.
 * **Not** make a totally unhackable, NSA-proof server.
 * **Not** make something customizable by power users.
 
@@ -28,10 +28,10 @@ It is a one-click email appliance. There are no user-configurable setup options.
 
 The components installed are:
 
-* SMTP ([postfix](http://www.postfix.org/)), IMAP ([dovecot](http://dovecot.org/)), CardDAV/CalDAV ([ownCloud](http://owncloud.org/)), Exchange ActiveSync ([z-push](https://github.com/fmbiete/Z-Push-contrib))
+* SMTP ([postfix](http://www.postfix.org/)), IMAP ([dovecot](http://dovecot.org/)), CardDAV/CalDAV ([ownCloud](https://owncloud.org/)), Exchange ActiveSync ([z-push](https://github.com/fmbiete/Z-Push-contrib))
 * Webmail ([Roundcube](http://roundcube.net/)), static website hosting ([nginx](http://nginx.org/))
 * Spam filtering ([spamassassin](https://spamassassin.apache.org/)), greylisting ([postgrey](http://postgrey.schweikert.ch/))
-* DNS ([nsd4](http://www.nlnetlabs.nl/projects/nsd/)) with [SPF](https://en.wikipedia.org/wiki/Sender_Policy_Framework), DKIM ([OpenDKIM](http://www.opendkim.org/)), [DMARC](https://en.wikipedia.org/wiki/DMARC), [DNSSEC](https://en.wikipedia.org/wiki/DNSSEC), [DANE TLSA](https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities), and [SSHFP](https://tools.ietf.org/html/rfc4255) records automatically set
+* DNS ([nsd4](https://www.nlnetlabs.nl/projects/nsd/)) with [SPF](https://en.wikipedia.org/wiki/Sender_Policy_Framework), DKIM ([OpenDKIM](http://www.opendkim.org/)), [DMARC](https://en.wikipedia.org/wiki/DMARC), [DNSSEC](https://en.wikipedia.org/wiki/DNSSEC), [DANE TLSA](https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities), and [SSHFP](https://tools.ietf.org/html/rfc4255) records automatically set
 * Backups ([duplicity](http://duplicity.nongnu.org/)), firewall ([ufw](https://launchpad.net/ufw)), intrusion protection ([fail2ban](http://www.fail2ban.org/wiki/index.php/Main_Page)), system monitoring ([munin](http://munin-monitoring.org/))
 
 It also includes:
@@ -85,7 +85,7 @@ Post your question on the [discussion forum](https://discourse.mailinabox.email/
 The Acknowledgements
 --------------------
 
-This project was inspired in part by the ["NSA-proof your email in 2 hours"](http://sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/) blog post by Drew Crawford, [Sovereign](https://github.com/al3x/sovereign) by Alex Payne, and conversations with @shevski, @konklone, and @GregElin.
+This project was inspired in part by the ["NSA-proof your email in 2 hours"](http://sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/) blog post by Drew Crawford, [Sovereign](https://github.com/sovereign/sovereign) by Alex Payne, and conversations with @shevski, @konklone, and @GregElin.
 
 Mail-in-a-Box is similar to [iRedMail](http://www.iredmail.org/) and [Modoboa](https://github.com/tonioo/modoboa).
 

From 942bcfc7c5ef75c9f0d71ad924f1a162537c2f4d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marius=20Bl=C3=BCm?= 
Date: Tue, 16 Aug 2016 00:06:12 +0200
Subject: [PATCH 09/10] Update Bootstrap to 3.3.7 (#909)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Marius Blüm 
---
 management/templates/index.html | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/management/templates/index.html b/management/templates/index.html
index 09684774..6dc4f07d 100644
--- a/management/templates/index.html
+++ b/management/templates/index.html
@@ -9,7 +9,7 @@
 
         
 
-        
+        
         
-        
+        
     
     
 
@@ -192,7 +192,7 @@
         
 
         
-        
+