Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							092c842a87 
							
						 
					 
					
						
						
							
							split external/custom dns into separate pages in the admin  
						
						
						
					 
					
						2014-10-05 13:38:23 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							d9ecc50119 
							
						 
					 
					
						
						
							
							since the management server binds to 127.0.0.1, must use that and not 'localhost' to connect to it because 'localhost' resolves to the IPv6 ::1 when it is available, see  #224  
						
						
						
					 
					
						2014-10-05 09:01:26 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							7c2092d48f 
							
						 
					 
					
						
						
							
							remove apache before installing nginx, see  #224  
						
						
						
					 
					
						2014-10-05 09:01:20 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							5fd107cae5 
							
						 
					 
					
						
						
							
							more work on making the bash scripts readable  
						
						
						
					 
					
						2014-10-04 17:57:26 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							db0967446b 
							
						 
					 
					
						
						
							
							remove unnecessary sudos  
						
						
						
					 
					
						2014-10-04 14:06:08 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							2ff5038c84 
							
						 
					 
					
						
						
							
							replace '.' with 'source'  
						
						
						
					 
					
						2014-10-04 14:05:06 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							4ae76aa2dd 
							
						 
					 
					
						
						
							
							dnssec: use RSASHA256 keys for .email domains  
						
						
						
					 
					
						2014-10-04 17:29:42 +00:00 
						 
				 
			
				
					
						
							
							
								h8h 
							
						 
					 
					
						
						
						
						
							
						
						
							ba33669a62 
							
						 
					 
					
						
						
							
							generate the locales before change to it.  
						
						... 
						
						
						
						For my german box changing the locale failed:
´´´´/bin/sh: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
/bin/sh: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
/bin/sh: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
/bin/sh: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
setup/functions.sh: line 6: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)´´´´
see #206  and 4e6d572de9closes  #220 
commit modified by joshdata 
						
					 
					
						2014-10-02 11:05:42 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							779d921410 
							
						 
					 
					
						
						
							
							status checks: put DNSSEC tests in a better order w.r.t. other tests  
						
						... 
						
						
						
						* If the PRIMARY_HOSTNAME is in a zone with a DS record set at the registrar, show any DNSSEC failure (but only a failure) immediately since it is probably the cause of other DNS errors displayed later.
* For zones, if a DS record is set at the register, do the DNSSEC test first because even the NS test will fail if DNSSEC is improperly configure.
* But if a DS record is not set, the this is just a suggestion to configure DNSSEC so offer the suggestion last --- after mail and web checks.
see https://discourse.mailinabox.email/t/dns-nameserver-gandi-glue-records-issues/105/3  
						
					 
					
						2014-10-01 12:13:11 +00:00 
						 
				 
			
				
					
						
							
							
								jkaberg 
							
						 
					 
					
						
						
						
						
							
						
						
							68efef1164 
							
						 
					 
					
						
						
							
							dont log robots.txt and favicon.ico. we should REALLY consider creating seperate include files for *all* of our "apps", this is getting messy..  
						
						
						
					 
					
						2014-09-27 17:04:05 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							6ecada7eed 
							
						 
					 
					
						
						
							
							Merge commit '93a722f'  
						
						
						
					 
					
						2014-09-27 16:56:38 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							94c4352f45 
							
						 
					 
					
						
						
							
							Merge branch 'jmar71n-master' - site-wide bayesean spam filtering  
						
						
						
					 
					
						2014-09-27 16:18:55 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							6dd6353d41 
							
						 
					 
					
						
						
							
							move sa-learn-pipe.sh from /usr to /usr/local  
						
						
						
					 
					
						2014-09-27 16:18:40 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							d06bfa6c1b 
							
						 
					 
					
						
						
							
							tweak the site-wide bayesian spam filtering config  
						
						
						
					 
					
						2014-09-27 16:18:36 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							5c7ba2a4c7 
							
						 
					 
					
						
						
							
							preliminary work on a mail.log scanner to report things in the control panel  
						
						
						
					 
					
						2014-09-27 13:33:13 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							e9cc3fdaab 
							
						 
					 
					
						
						
							
							make mail instructions clearer and describe greylisting, DMARC policy  
						
						
						
					 
					
						2014-09-27 13:32:22 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							8bd37ea53c 
							
						 
					 
					
						
						
							
							add catch-alls to the admin again with nicer instructions  
						
						
						
					 
					
						2014-09-27 13:32:22 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							698ae03505 
							
						 
					 
					
						
						
							
							catch-all addresses should not have precedence over mail users  
						
						... 
						
						
						
						Aliases have precedence over mail users. A catch-all address would grab mail intended for a mail user and send it elsewhere. This adds some SQL hackery to create dummy aliases for all mail users.
fixes  #200 
closes  #214  another way 
						
					 
					
						2014-09-27 13:32:10 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							a4c70f7a92 
							
						 
					 
					
						
						
							
							revert dovecot part of  39bca053ed because dovecot started behaving weird and I don't have time to debug it  
						
						
						
					 
					
						2014-09-26 22:41:59 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							39bca053ed 
							
						 
					 
					
						
						
							
							add 2048 bits of DH params for nginx, postfix, dovecot  
						
						... 
						
						
						
						nginx/postfix use a new pre-generated dh2048.pem file. dovecot generates the bits on its own.
ssllabs.com reports that TLS_DHE ciphers went from 1024 to 2048 bits as expected. The ECDHE ciphers remain at 256 bits --- no idea what that really means. (This tests nginx only. I haven't tested postfix/dovecot.)
see https://discourse.mailinabox.email/t/fips-ready-for-ssl-dhec-key-exchange/76/3  
						
					 
					
						2014-09-26 22:09:22 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							c2eb8e5330 
							
						 
					 
					
						
						
							
							typo in roundcube download URL  
						
						... 
						
						
						
						see 8e0967dd8e (commitcomment-7940724) 
						
					 
					
						2014-09-26 14:26:45 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							ab47144ae3 
							
						 
					 
					
						
						
							
							add strict SPF and DMARC records to any subdomains (including custom records) that do not have SPF/DMARC set  
						
						... 
						
						
						
						closes  #208  
					
						2014-09-26 14:01:03 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							9b6f9859d1 
							
						 
					 
					
						
						
							
							dns_update: assume DKIM is present  
						
						
						
					 
					
						2014-09-26 14:01:03 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							4e6d572de9 
							
						 
					 
					
						
						
							
							ensure Python operates in UTF-8 with a consistent locale for all users  
						
						... 
						
						
						
						fixes  #206  (hopefully) 
					
						2014-09-26 08:26:09 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							145186a6b6 
							
						 
					 
					
						
						
							
							link to Modoboa in README  
						
						
						
					 
					
						2014-09-26 08:20:13 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							5714b3c6b7 
							
						 
					 
					
						
						
							
							bump bootstrap.sh to incoming 0.03 tag  
						
						
						
					 
					
						2014-09-24 12:48:15 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							8e0967dd8e 
							
						 
					 
					
						
						
							
							if an earlier version of roundcube had already been installed, update to our target version  
						
						... 
						
						
						
						fixes  #195  
					
						2014-09-24 12:46:51 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							5a89f3c633 
							
						 
					 
					
						
						
							
							don't allow catch-all addresses in the admin because they take precedence over mail users and that's counter-intuitive  
						
						... 
						
						
						
						For now use the command-line tools/mail.py if you need it.
see #200 
Revert "Changed incomming-email-input to type text"
This reverts commit 9631fab7b2 
						
					 
					
						2014-09-24 12:36:47 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							ed8fb2d06d 
							
						 
					 
					
						
						
							
							the latest z-push introduces a new/second USE_FULLEMAIL_FOR_LOGIN parameter  
						
						... 
						
						
						
						see http://discourse.mailinabox.email/t/activesync-z-push-not-working/94/3  
						
					 
					
						2014-09-24 12:24:35 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							8c8d9304ac 
							
						 
					 
					
						
						
							
							lock z-push to a particular upstream version by fmbiete/Z-Push-contrib commit hash  
						
						
						
					 
					
						2014-09-24 12:20:10 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							c1ccd22531 
							
						 
					 
					
						
						
							
							put a start script at /usr/local/bin/mailinabox  
						
						
						
					 
					
						2014-09-22 16:37:12 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							01c964bfe3 
							
						 
					 
					
						
						
							
							update bootstrap.sh for next tag  
						
						
						
					 
					
						2014-09-22 16:35:07 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							6c59294e7b 
							
						 
					 
					
						
						
							
							more readable bash  
						
						
						
					 
					
						2014-09-21 16:05:11 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							9d40a12f44 
							
						 
					 
					
						
						
							
							first pass at making readable documentation by parsing the bash scripts  
						
						
						
					 
					
						2014-09-21 13:43:31 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							c2ddabe683 
							
						 
					 
					
						
						
							
							fix ajax loading indicator positioning  
						
						
						
					 
					
						2014-09-21 17:41:46 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							846768efcb 
							
						 
					 
					
						
						
							
							admin: update user's password from the admin  
						
						
						
					 
					
						2014-09-21 17:24:01 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							8dfbb90f3a 
							
						 
					 
					
						
						
							
							admin: simplify the users table a bit  
						
						
						
					 
					
						2014-09-21 17:10:23 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							c7c3bd33cf 
							
						 
					 
					
						
						
							
							DNS API should reject qnames that aren't in a zone managed by the box  
						
						... 
						
						
						
						see https://discourse.mailinabox.email/t/set-www-a-and-other-dns-records-after-install/63/10  
						
					 
					
						2014-09-21 13:37:30 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							1637153566 
							
						 
					 
					
						
						
							
							make the DNS API a little clearer  
						
						
						
					 
					
						2014-09-21 13:37:30 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							05510f25a5 
							
						 
					 
					
						
						
							
							warn if a SSL cert is expiring in 30 days  
						
						
						
					 
					
						2014-09-21 13:37:30 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							b8ea7282b0 
							
						 
					 
					
						
						
							
							don't run apt-get update when generating the status checks output because it is so slow and should be update daily by cron anyway  
						
						
						
					 
					
						2014-09-21 13:37:30 +00:00 
						 
				 
			
				
					
						
							
							
								jmar71n 
							
						 
					 
					
						
						
						
						
							
						
						
							b5bb12d0d2 
							
						 
					 
					
						
						
							
							enable site-wide bayesian filtering  
						
						... 
						
						
						
						Create directory in $STORAGE_ROOT for bayes database.
Added --username arg to sa-learn as the user mail does not have permission to edit files in $STORAGE_ROOT. There is probably a better solution to this... 
						
					 
					
						2014-09-20 16:07:30 +01:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							dd91553689 
							
						 
					 
					
						
						
							
							open the firewall to an alternative SSH port if set  
						
						... 
						
						
						
						https://discourse.mailinabox.email/t/opening-up-a-custom-port-for-ssh-after-install/55/2  
					
						2014-09-20 08:26:10 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							98651deea4 
							
						 
					 
					
						
						
							
							python3-dev is a dependency for many pip packages, including pyyaml,  fixes   #196  
						
						
						
					 
					
						2014-09-17 21:56:09 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							ff0c85615b 
							
						 
					 
					
						
						
							
							correct typo in comment  
						
						
						
					 
					
						2014-09-15 10:02:25 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							16e2350fef 
							
						 
					 
					
						
						
							
							revise the description of A records on domains: the A record must be present for good deliverability so that the envelope domain resolves, but it doesn't have to resolve to this machine  
						
						
						
					 
					
						2014-09-15 06:00:50 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							52b2e27451 
							
						 
					 
					
						
						
							
							Merge pull request  #193  from waldyrious/patch-1  
						
						... 
						
						
						
						add link to contributors, remove duplicate "to"s 
						
					 
					
						2014-09-13 20:54:26 -04:00 
						 
				 
			
				
					
						
							
							
								Waldir Pimenta 
							
						 
					 
					
						
						
						
						
							
						
						
							48bb8a90d2 
							
						 
					 
					
						
						
							
							add link to contributors, remove duplicate "to"s  
						
						
						
					 
					
						2014-09-14 01:45:10 +01:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							941684f4d9 
							
						 
					 
					
						
						
							
							Merge pull request  #192  from ch000/patch-1  
						
						... 
						
						
						
						Changed incomming-email-input to type text 
						
					 
					
						2014-09-12 12:15:24 -04:00 
						 
				 
			
				
					
						
							
							
								Christian 
							
						 
					 
					
						
						
						
						
							
						
						
							9631fab7b2 
							
						 
					 
					
						
						
							
							Changed incomming-email-input to type text  
						
						... 
						
						
						
						The input type="email" validation won't allow "@example.com", which is needed for catch-all-aliases. 
						
					 
					
						2014-09-12 18:08:33 +02:00