1
0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2024-12-25 07:47:05 +00:00
Commit Graph

2280 Commits

Author SHA1 Message Date
github@kiekerjan.isdronken.nl
4aaee13c1c Add solr full text search based on https://github.com/jvolkenant/mailinabox/tree/solr-jetty 2021-04-17 23:00:14 +02:00
github@kiekerjan.isdronken.nl
05eca610df Check munin plugins existence and add fail2ban 2021-04-13 22:31:20 +02:00
github@kiekerjan.isdronken.nl
f5a59d8bb1 add bind9 configuration 2021-04-13 21:28:17 +02:00
github@kiekerjan.isdronken.nl
bd2605221a Synchronize with upstream 2021-04-13 09:58:56 +02:00
github@kiekerjan.isdronken.nl
c24ca5abd4 include changes from v0.53. Remove some POWER modifications to closer follow original mialinabox 2021-04-13 09:50:23 +02:00
Joshua Tauberer
8cda58fb22 Speed up status checks a bit by removing a redundant check if the PRIMARY_HOSTNAME certificate is signed and valid 2021-04-12 19:42:12 -04:00
Joshua Tauberer
178c587654 Migrate to the ECDSAP256SHA256 (13) DNSSEC algorithm
* Stop generating RSASHA1-NSEC3-SHA1 keys on new installs since it is no longer recommended, but preserve the key on existing installs so that we continue to sign zones with existing keys to retain the chain of trust with existing DS records.
* Start generating ECDSAP256SHA256 keys during setup, the current best practice (in addition to RSASHA256 which is also ok). See https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml#dns-sec-alg-numbers-1 and https://www.cloudflare.com/dns/dnssec/ecdsa-and-dnssec/.
* Sign zones using all available keys rather than choosing just one based on the TLD to enable rotation/migration to the new key and to give the user some options since not every registrar/TLD supports every algorithm.
* Allow a user to drop a key from signing specific domains using DOMAINS= in our key configuration file. Signing the zones with extraneous keys may increase the size of DNS responses, which isn't ideal, although I don't know if this is a problem in practice. (Although a user can delete the RSASHA1-NSEC3-SHA1 key file, the other keys will be re-generated on upgrade.)
* When generating zonefiles, add a hash of all of the DNSSEC signing keys so that when the keys change the zone is definitely regenerated and re-signed.
* In status checks, if DNSSEC is not active (or not valid), offer to use all of the keys that have been generated (for RSASHA1-NSEC3-SHA1 on existing installs, RSASHA256, and now ECDSAP256SHA256) with all digest types, since not all registers support everything, but list them in an order that guides users to the best practice.
* In status checks, if the deployed DS record doesn't use a ECDSAP256SHA256 key, prompt the user to update their DS record.
* In status checks, if multiple DS records are set, only fail if none are valid. If some use ECDSAP256SHA256 and some don't, remind the user to delete the DS records that don't.
* Don't fail if the DS record uses the SHA384 digest (by pre-generating a DS record with that digest type) but don't recommend it because it is not in the IANA mandatory list yet (https://www.iana.org/assignments/ds-rr-types/ds-rr-types.xhtml).

See #1953
2021-04-12 19:42:12 -04:00
github@kiekerjan.isdronken.nl
40adef2261 Fix carddav url and file handling 2021-04-12 22:04:06 +02:00
Jan van de Wijdeven
01ec2ab436 fix webupdate 2021-04-11 23:17:42 +02:00
Jan van de Wijdeven
d9629caab7 Fixes for 20.04 version 2021-04-11 23:09:41 +02:00
github@kiekerjan.isdronken.nl
daf5a62e83 Merge changes from kiekerjan special 2021-04-11 20:45:24 +02:00
Joshua Tauberer
34569d24a9 v0.53 2021-04-11 12:45:37 -04:00
github@kiekerjan.isdronken.nl
12d0aee27a Add own changes 2021-04-11 12:14:41 +02:00
kiekerjan
1ba239a328
Update carddav url towards nextcloud 2021-03-20 16:54:41 +01:00
kiekerjan
c667c5c036
Merge pull request #1 from mail-in-a-box/master
merge upstream
2021-03-20 16:51:11 +01:00
github@kiekerjan.isdronken.nl
98c6bdbf27 Move editconf.py 2021-03-11 23:25:58 +01:00
Jan van de Wijdeven
c063c1c50e merge powermiab 2021-03-11 23:02:58 +01:00
Jan van de Wijdeven
7b82b3023c Merge remote-tracking branch 'powermiab/master' into 20.04 2021-03-11 22:57:17 +01:00
Joshua Tauberer
6653dbb2e2 Sort the Custom DNS by zone and qname, and add an option to go back to the old sort order (creation order)
Update the zone grouping style on the users and aliases page to match.

Fixes #1927
2021-02-28 09:40:32 -05:00
Joshua Tauberer
5fc1162355 Other CHANGELOG entries 2021-02-28 08:22:30 -05:00
Paul
a839602cba
Enable sending DMARC failure reports (#1929)
Configures opendmarc to send failure reports for domains that request them, including when p=none.

The emails are sent as the package default of package name and user@hostname: OpenDMARC Filter <opendmarc@box.example.com>

Note I have been running this for several months with a configuration I did not include in the PR to have reports BCC'd to me (FailureReportsBcc postmaster@example.com). Very low load for my personal server of rarely more than a dozen emails sent out per day.

I am not familiar with editing scripts, so apologies in advance and please feel free to correct me.
2021-02-28 08:21:15 -05:00
Joshua Tauberer
f21a41dc84 Merge #1932, with some edits 2021-02-28 08:16:50 -05:00
davDevOps
055ac07663 Update roundcube to 1.4.11
roundcube Bug Fixes:

Fix for Cross-Site Scripting (XSS) via HTML messages with malicious CSS content
General Improvements from roundcube's Issue Tracker
2021-02-28 08:14:17 -05:00
davDevOps
c7b295f403 Update zpush to 2.6.2 2021-02-28 08:05:40 -05:00
Joshua Tauberer
d36a2cc938 Enable Backblaze B2 backups
This reverts commit b1d703a5e7 and adds python3-setuptools per the first version of #1899 which fixes an installation error for the b2sdk Python package.
2021-02-28 08:04:14 -05:00
jeremitu
82ca54df96
Fixed #1894 log date over year change, START_DATE < END_DATE now. (#1905)
* Fixed #1894 log date over year change, START_DATE < END_DATE now.

* Corrected mail_log.py argument help and message.

Co-authored-by: Jarek <jarek@box.jurasz.de>
2021-02-28 07:59:26 -05:00
jvolkenant
af62e7a99b
Fixes unbound variable when upgrading from Nextcloud 13 (#1913) 2021-02-06 16:49:43 -05:00
David Duque
f41eeb37c1
Release v0.52.POWER.0 2021-02-01 02:22:15 +00:00
David Duque
ba68bd9941
Automatically import existing local CA cerificates 2021-02-01 02:20:38 +00:00
David Duque
e6f22c53e5
Update admin panel dependencies 2021-02-01 01:57:38 +00:00
David Duque
18d36831dc
Update NextCloud components 2021-02-01 01:49:05 +00:00
David Duque
f47cdbaee1
External DNS: Add some margin between dropdown and buttons 2021-02-01 01:29:23 +00:00
David Duque
4829e687ff
Merge changes from master 2021-01-31 16:20:15 +00:00
Joshua Tauberer
90d63fd208 v0.52 2021-01-31 08:48:14 -05:00
Joshua Tauberer
e81963e585 Remove the instructions for checking that release tags are signed by me since I am not going to do that anymore 2021-01-31 08:47:59 -05:00
Joshua Tauberer
b1d703a5e7 Disable Backblaze B2 backups until #1899 is resolved 2021-01-31 08:33:56 -05:00
Felix Spöttel
e3d98b781e
Warn when connection to Spamhaus times out (#1817) 2021-01-28 18:22:43 -05:00
jvolkenant
50d50ba653
Update zpush to 2.6.1 (#1908) 2021-01-28 18:20:19 -05:00
Josh Brown
879467d358
Fix typo in users.html (#1895)
lettters -> letters
fixes #1888
2021-01-05 21:12:01 -05:00
Nicolas North
8025c41ee4
Bump TTL for NS records to 1800 (30 min) to 86400 (1 day) as some registries require this (#1892)
Co-authored-by: Nicolas North [norðurljósahviða] <nz@tillverka.xyz>
2021-01-03 17:57:54 -05:00
Josh Brown
7a5d729a53
Fix misspelling (#1893)
Change Blackblaze to Backblaze. Include B2 as the integration name.
2021-01-03 17:54:31 -05:00
jcm-shove-it
e2f9cd845a
Update roundcube to 1.4.10 (#1891) 2020-12-28 08:11:33 -05:00
Joshua Tauberer
e26cf4512c Update CHANGELOG 2020-12-25 17:28:34 -05:00
jvolkenant
c7280055a8
Implement SPF/DMARC checks, add spam weight to those mails (#1836) 2020-12-25 17:22:24 -05:00
Hilko
003e8b7bb1
Adjust max-recursion-queries to fix alternating rdns status (#1876) 2020-12-25 17:19:16 -05:00
Hilko
3422cc61ce
Include en_US.UTF-8 locale in daemon startup (#1883)
Fixes #1881.
2020-12-19 19:11:58 -05:00
Hilko
8664afa997
Implement Backblaze for Backup (#1812)
* Installing b2sdk for b2 support
* Added Duplicity PPA so the most recent version is used
* Implemented list_target_files for b2
* Implemented b2 in frontend
* removed python2 boto package
2020-11-26 07:13:31 -05:00
Joshua Tauberer
82229ce04b Document how to start the control panel from the command line and in debugging use a stable API key 2020-11-26 07:11:49 -05:00
Richard Willis
f66e609d3f
Api spec cleanup (#1869)
* Fix indentation

* Add parameter definition and remove unused model

* Update version

* Quote example string
2020-11-26 06:56:04 -05:00
David Duque
ef282fc7d0
Version bump - v0.51.POWER.1 2020-11-21 02:42:26 +00:00