e466b9bb53
Fixed RUF005 (collection-literal-concatenation)
2024-03-10 07:56:49 -04:00
c719fce40a
Fixed UP032 (f-string): Use f-string instead of `format` call
2024-03-10 07:56:49 -04:00
6508d47da1
Fixed C405 (unnecessary-literal-set): Unnecessary `list` literal (rewrite as a `set` literal)
2024-03-10 07:56:49 -04:00
9b961b7ba0
Fixed UP024 (os-error-alias): Replace aliased errors with `OSError`
2024-03-10 07:56:49 -04:00
b13cef9b1d
Fixed PIE790 (unnecessary-placeholder): Unnecessary `pass` statement
2024-03-10 07:56:49 -04:00
4999ed7b1c
Fixed Q003 (avoidable-escaped-quote): Change outer quotes to avoid escaping inner quotes
2024-03-10 07:54:51 -04:00
3d72c32b1d
Fixed W605 (invalid-escape-sequence)
2024-03-10 07:54:51 -04:00
14a5613dc8
Fixed UP031 (printf-string-formatting): Use format specifiers instead of percent format
2024-03-10 07:54:51 -04:00
51dc7615f7
Fixed RSE102 (unnecessary-paren-on-raise-exception): Unnecessary parentheses on raised exception
2024-03-10 07:54:51 -04:00
13b38cc04d
Fixed F841 (unused-variable)
2024-03-10 07:54:51 -04:00
2b426851f9
Fixed UP032 (f-string): Use f-string instead of `format` call
2024-03-10 07:54:51 -04:00
dd61844ced
Fixed EM101 (raw-string-in-exception): Exception must not use a string literal, assign to variable first
2024-03-10 07:54:51 -04:00
0ee64f2fe8
Fixed F401 (unused-import)
2024-03-10 07:54:21 -04:00
ddf8e857fd
Support Ubuntu 22.04 Jammy Jellyfish ( #2083 )
2022-10-11 21:18:34 -04:00
d7244ed920
Fixes #2149 Append ; in policy strings for DMARC settings ( #2151 )
...
Signed-off-by: Sudheesh Singanamalla <sudheesh@cloudflare.com>
2022-08-19 13:23:42 -04:00
78569e9a88
Fix DeprecationWarning in dnspython query vs resolve method
...
The resolve method disables resolving relative names by default. This change probably makes a7710e90
2022-07-28 14:02:46 -04:00
e884c4774f
Replace HMAC-based session API keys with tokens stored in memory in the daemon process
...
Since the session cache clears keys after a period of time, this fixes #1821 .
Based on https://github.com/mail-in-a-box/mailinabox/pull/2012 , and so:
Co-Authored-By: NewbieOrange <NewbieOrange@users.noreply.github.com>
Also fixes #2029 by not revealing through the login failure error message whether a user exists or not.
2021-09-06 09:23:58 -04:00
d510c8ae2a
Enable and recommend port 465 for mail submission instead of port 587 ( fixes #1849 )
...
Port 465 with "implicit" (i.e. always-on) TLS is a more secure approach than port 587 with explicit (i.e. optional and only on with STARTTLS). Although we reject credentials on port 587 without STARTTLS, by that point credentials have already been sent.
2021-05-15 16:42:14 -04:00
5aeced5c2e
add a test for fail2ban monitoring managesieve
2019-08-31 09:15:41 -04:00
8e0d9b9f21
update list of tls ciphers supported
2019-01-09 08:52:51 -05:00
870b82637a
fix some wrong variable names, fixes #1353
2018-11-30 10:46:54 -05:00
e924459140
revert f25801e/#1233 - use Mozilla intermediate ciphers for IMAP/POP not modern ciphers
...
fixes #1300
2017-12-24 14:41:41 -05:00
5efdd72f41
update TLS test to record changes in the ciphers we offer on the open ports
2017-10-03 12:01:10 -04:00
2151d81453
update to ownCloud 9.1.1 (with intermediate upgrades) ( #894 )
...
[this is a squashed merge from-]
* Install owncoud 9.1 and provide an upgrade path from 8.2. This also disables memcached and goes with apc. The upgrade fails with memcached.
* Remove php apc setting
* Add dav migrations for each user
* Add some comments to the code
* When upgrading owncloud from 8.2.3 to 9.1.0 the backup of 8.2.3 was overwritten when going from 9.0 to 9.1
* Add upgrade path from 8.1.1. Only do an upgrade check if owncloud was previously installed.
* Stop php5-fpm before owncloud upgrade to prevent database locks
* Fix fail2ban tests for owncloud 9
* When upgrading owncloud copy the database to the user-data/owncloud-backup directory
* Remove not need unzip directives during owncloud extraction. Directory is removed beforehand so a normal extraction is fine
* Improve backup of owncloud installation and provide a post installation restore script. Update the owncloud version number to 9.1.1. Update the calendar and contacts apps to the latest versions
* Separate the ownCloud upgrades visually in the console output.
2016-10-18 06:04:13 -04:00
fc0abd5b4d
confirm that fail2ban is protecting pop3s, closes #629
2016-08-22 19:18:23 -04:00
83d8dbca3e
fail2ban won't start until the roundcube log file is created
...
fixes #911
2016-08-18 08:32:14 -04:00
8844a9185f
Merge pull request #798 from mail-in-a-box/fail2banjails
...
add fail2ban jails for ownCloud, postfix submission, roundcube, and the Mail-in-a-Box management daemon
2016-07-29 08:52:44 -04:00
d9ac321f25
Owncloud needs more time to detect blocks. It doesn't respond as fast as the other services. Also owncloud logs UTC (since latest update) even though the timezone is not UTC. Also to detect a block, we get a timeout instead of a refused)
2016-06-27 06:03:19 -04:00
bf5e9200f8
Update owncloud url to use webdav and increase http timeout
2016-06-27 06:03:14 -04:00
3055f9a79c
drop SSLv3, RC4 ciphers from SMTP port 25
...
Per http://googleappsupdates.blogspot.ro/2016/05/disabling-support-for-sslv3-and-rc4-for.html , Google is about to do the same.
fixes #611
2016-06-12 09:11:50 -04:00
01fa8cf72c
add fail2ban jails for ownCloud, postfix submission, roundcube, and the Mail-in-a-Box management daemon
...
(tests squashed into this commit by josh)
2016-06-06 09:13:10 -04:00
a0c7e63d78
best guess at what clients are supported by the tls settings used
2015-05-22 17:36:55 -04:00
2c44333679
compare tls ciphers against Mozilla's recommendations
2015-05-20 19:41:04 -04:00
610be9cf17
record current TLS settings from my box
2015-05-20 18:31:46 -04:00
d3cacd4a11
update test_dns
...
Don't check NS records for now because they will only appear on zones.
If a hostname is a subdomain on a zone and not itself a zone, it will
lack NS records.
Also stop testing for ADSP, which we dropped in 126ea94ccf
2014-06-21 12:32:20 -04:00
87b0608f15
test_dns: DNSSEC signing inserts empty text string components
2014-06-21 12:32:20 -04:00
5b72e5419d
fix shebang lines in the tests to take advantage of any activated python environment
2014-06-08 17:31:12 -04:00
3961e1aec3
test_dns: more error handling
2014-06-04 19:31:55 -04:00
d6e6cfd3c9
mail test: catch typical connecting errors and display nicer output
2014-06-04 17:13:06 -04:00
fff06f7d71
improve DNS test output
2014-06-04 17:01:49 -04:00
19aba091d7
test_mail: if EHLO test fails continue testing the rest, since user may be waiting on DNS propagation
2014-05-17 08:32:40 -04:00
c722625041
test_dns: add ADSP and DMARC tests, see #14
2014-05-10 08:03:18 -04:00
c403895f95
test_dns: properly test the non-primary domain of a box (for email addresses on domains besides PUBLIC_HOSTNAME)
2014-05-10 08:03:13 -04:00
bdadf3017d
test_dns: handle case where a DNS record is missing (vs incorrect)
2014-05-10 08:03:07 -04:00
80b367ab07
test_mail: gracefully handled when the server has no reverse DNS available
2014-05-06 10:02:29 -04:00
0be47c414d
in the DNS test, use dnspython3 rather than dig
2014-04-23 18:27:50 -04:00
1b4dd98270
test that the SMTP server's EHLO name matches its reverse DNS name
2014-04-23 18:02:30 -04:00
22ad668699
rename test modules to not conflict with global package names (e.g. dns)
2014-04-23 17:43:38 -04:00
ccbbc930e2
in the mail test script, forgot to remove the dkim import
2014-04-23 17:32:41 -04:00
ec11241a7a
also test reverse DNS
2014-04-23 14:10:04 -04:00
Teal Dulcet
Joshua Tauberer
Sudheesh Singanamalla
Rauno Moisto
Michael Kroes