ChiefGyk
3a1313144b
moved blocklist script locally within installation
2016-06-27 09:38:14 -04:00
ChiefGyk
406f991be3
fixed error in my script copying nginx-badbots
2016-06-27 09:30:01 -04:00
ChiefGyk
20bf710b28
removed some more clutter from jail.local
2016-06-27 09:21:29 -04:00
ChiefGyk
7f89d7cb82
added line for rkhunter to first update when installed.
2016-06-27 04:32:06 -04:00
ChiefGyk
b76c9330c5
some fixes to fail2ban filters and jail.local
2016-06-27 04:13:56 -04:00
ChiefGyk
5265839681
made rkhunter create a local file per suggestions
2016-06-27 04:10:39 -04:00
ChiefGyk
3701676304
fixed miab-munin.conf
2016-06-27 04:01:51 -04:00
ChiefGyk
187b28dc51
committed a fix for owncloud filter. Lack of caffeine caused me to enter a wrong part of my script
2016-06-27 03:58:30 -04:00
ChiefGyk
cb35e6dd96
extended owncloud filter find time
2016-06-26 20:06:53 -04:00
ChiefGyk
fd457e187c
fixed some issues with warnings due to there not being a variable set for PKGMG=DPKG
2016-06-26 19:53:30 -04:00
ChiefGyk
ab3fbad0b8
a couple minor changes to Fail2Ban #870 fixed a couple variables, copied owncloud.conf fail2ban from my own owncloud 9 server for my own business. Though it is commented out
2016-06-26 13:37:21 -04:00
ChiefGyk
933668f156
had rkhunter --propupd run before configs were changed. Fixed for #869 , also added a crontab for RKHunter to automatically run daily at 4:15AM
2016-06-26 12:57:54 -04:00
ChiefGyk
e0b333843a
had rkhunter --propupd run before configs were changed. Fixed for #869
2016-06-26 12:48:26 -04:00
ChiefGyk
4f4ec5436a
added RKHunter to system.sh on lines 122-134 per #869 and made it run everytime apt launches to install or update. This should help prevent rootkits. I also added a config to whitelist certain things
2016-06-26 12:44:39 -04:00
ChiefGyk
994727d2cd
added script which automatically adds IP addresses which have been reported to be attacking other servers. It will update the IPTables automatically everyday, as well as perform the initial run the first day. As mentioned in #864 on the origin
2016-06-26 11:06:40 -04:00
ChiefGyk
6f1315f93a
added missing log location for jail.local
2016-06-26 11:03:30 -04:00
ChiefGyk
3b1b70ed16
added Fail2ban filters from #866 , #767 , and #798 on main branch
2016-06-26 10:57:59 -04:00
Joshua Tauberer
5f5f00af4a
for DANE, the smtp_tls_mandatory_protocols setting seems like it also needs to be set (unlike the cipher settings, this isn't documented to be in addition to the non-mandatory setting)
2016-06-12 09:11:55 -04:00
Joshua Tauberer
6b73bb5d80
outbound SMTP connections should use the same TLS settings as inbound: drop SSLv2, SSLv3, anonymous ciphers, RC4
2016-06-12 09:11:54 -04:00
Joshua Tauberer
3055f9a79c
drop SSLv3, RC4 ciphers from SMTP port 25
...
Per http://googleappsupdates.blogspot.ro/2016/05/disabling-support-for-sslv3-and-rc4-for.html , Google is about to do the same.
fixes #611
2016-06-12 09:11:50 -04:00
Chris Blankenship
fac8477ba1
Configured Dovecot to log into its own logfile
2016-06-06 08:21:44 -04:00
aspdye
61744095a8
Update Roundcube to 1.2.0
...
closes #840
2016-06-06 07:32:54 -04:00
Joshua Tauberer
d5b38a27e6
run roundcube's database migration script on every update
...
There hasn't been a sqlite migration yet, since Mail-in-a-Box's creation, but with Roundcube 1.2 there will be.
2016-06-06 07:28:12 -04:00
Joshua Tauberer
6666d28c44
v0.18c
2016-06-02 15:47:45 -04:00
Joshua Tauberer
66675ff2e9
Dovecot LMTP accepted all mail regardless of whether destination was a user, broken by ae8cd4ef
, fixes #852
...
In the earlier commit, I added a Dovecot userdb lookup. Without a userdb lookup, Dovecot would use the password db for user lookups. With a userdb lookup we can support iterating over users.
But I forgot the WHERE clause in the query, resulting in every incoming message being accepted if the user database contained any users at all. Since the mailbox path template is the same for all users, mail was delivered correctly except that mail that should have been rejected was delivered too.
2016-06-02 08:05:34 -04:00
Joshua Tauberer
9ee2d946b7
Merge pull request #821 from m4rcs/before-backup
...
Added a pre-backup script to complement post-backup script.
2016-05-17 19:48:14 -04:00
Arnaud
ff7d4196a6
target to blank for munin link in tempalte ( #822 )
...
adding :
target="_blank"
to
<li><a href="/admin/munin">Munin Monitoring</a></li> on line 96
Why ?
Because when you click on munin link, and follow links, you lose your index, or click back many times...
So i propose my pull request.
Et voilà ^^
2016-05-17 19:46:45 -04:00
aspdye
490b36d86c
Fix #819 ( #823 )
2016-05-17 19:46:10 -04:00
Joshua Tauberer
867d9c4669
v0.18b
2016-05-16 07:17:20 -04:00
Joshua Tauberer
1ad5892acd
can't change roundcube's default_host setting, partially reverts 6d259a6e12
...
The default_host setting is a part of the internal username key. We can't change that without causing Roundcube to create new internal user accounts.
2016-05-16 07:14:45 -04:00
Joshua Tauberer
94b7c80792
v0.18
2016-05-15 20:41:31 -04:00
Marc Schiller
69bd137b4e
Added a pre-backup script to complement post-backup script.
2016-05-11 10:11:16 +02:00
Joshua Tauberer
ae8cd4efdf
support 'dovecot -A' iteration of all users
2016-05-06 09:16:48 -04:00
Joshua Tauberer
6d259a6e12
use "127.0.0.1" throughout rather than mixing use of an IP address and "localhost"
...
On some machines localhost is defined as something other than 127.0.0.1, and if we mix "127.0.0.1" and "localhost" then some connections won't be to to the address a service is actually running on.
This was the case with DKIM: It was running on "localhost" but Postfix was connecting to it at 127.0.0.1. (https://discourse.mailinabox.email/t/opendkim-is-not-running-port-8891/1188/12 .)
I suppose "localhost" could be an alias to an IPv6 address? We don't really want local services binding on IPv6, so use "127.0.0.1" to be explicit and don't use "localhost" to be sure we get an IPv4 address.
Fixes #797
2016-05-06 09:10:38 -04:00
Joshua Tauberer
e7fffc66c7
changelog tweaks, fixes #805
2016-05-06 08:51:53 -04:00
aspdye
8548ede638
Merge pull #806 - Update Roundcube to 1.1.5
2016-04-24 06:31:28 -04:00
Joshua Tauberer
6eeb107ee3
Merge #795 - Upgrade Bootstrap 3.3.5 to 3.3.6
2016-04-24 06:27:50 -04:00
Joshua Tauberer
31eefa18da
Merge #793 - Hostname as Roundcube Name
2016-04-23 13:45:09 -04:00
Joshua Tauberer
20adbb51cb
Merge #804 - Make clear that Let's Encrypt is reccomended!
2016-04-23 09:51:44 -04:00
aspdye
79a39d86f9
reseller -> provider
2016-04-23 15:18:21 +02:00
aspdye
0ebf33e9df
Make clear that Let's Encrypt is reccomended!
2016-04-23 11:35:02 +02:00
Joshua Tauberer
d3818d1db6
changelog entries
2016-04-13 18:42:53 -04:00
aspdye
f65d9d3196
Upgrade Bootstrap 3.3.5 to 3.3.6
2016-04-09 13:27:27 +02:00
aspdye
74fea6b93e
Hostname as Roundcube Name
2016-04-09 10:23:20 +02:00
Joshua Tauberer
7a935d8385
Merge #791 - Add ownCloud 8.2.3 update to changelog
2016-04-08 08:20:06 -04:00
aspdye
7e0f534aea
Add ownCloud update to changelog
2016-04-08 14:04:15 +02:00
Joshua Tauberer
5628f8eecb
Merge #773 - Set the hostname of the box during the setup
2016-04-07 09:44:39 -04:00
Joshua Tauberer
9cc5160c38
Merge #789 - Update to ownCloud v8.2.3
2016-04-07 09:32:24 -04:00
Michael Kroes
bc40134b7b
Remove comment about loopback interface
2016-04-07 10:55:20 +02:00
Michael Kroes
3649ba1ce9
Merge branch 'master' into hostname
2016-04-07 10:54:53 +02:00