Joshua Tauberer
779d921410
status checks: put DNSSEC tests in a better order w.r.t. other tests
...
* If the PRIMARY_HOSTNAME is in a zone with a DS record set at the registrar, show any DNSSEC failure (but only a failure) immediately since it is probably the cause of other DNS errors displayed later.
* For zones, if a DS record is set at the register, do the DNSSEC test first because even the NS test will fail if DNSSEC is improperly configure.
* But if a DS record is not set, the this is just a suggestion to configure DNSSEC so offer the suggestion last --- after mail and web checks.
see https://discourse.mailinabox.email/t/dns-nameserver-gandi-glue-records-issues/105/3
2014-10-01 12:13:11 +00:00
jkaberg
68efef1164
dont log robots.txt and favicon.ico. we should REALLY consider creating seperate include files for *all* of our "apps", this is getting messy..
2014-09-27 17:04:05 +00:00
Joshua Tauberer
6ecada7eed
Merge commit '93a722f'
2014-09-27 16:56:38 +00:00
Joshua Tauberer
94c4352f45
Merge branch 'jmar71n-master' - site-wide bayesean spam filtering
2014-09-27 16:18:55 +00:00
Joshua Tauberer
6dd6353d41
move sa-learn-pipe.sh from /usr to /usr/local
2014-09-27 16:18:40 +00:00
Joshua Tauberer
d06bfa6c1b
tweak the site-wide bayesian spam filtering config
2014-09-27 16:18:36 +00:00
Joshua Tauberer
5c7ba2a4c7
preliminary work on a mail.log scanner to report things in the control panel
2014-09-27 13:33:13 +00:00
Joshua Tauberer
e9cc3fdaab
make mail instructions clearer and describe greylisting, DMARC policy
2014-09-27 13:32:22 +00:00
Joshua Tauberer
8bd37ea53c
add catch-alls to the admin again with nicer instructions
2014-09-27 13:32:22 +00:00
Joshua Tauberer
698ae03505
catch-all addresses should not have precedence over mail users
...
Aliases have precedence over mail users. A catch-all address would grab mail intended for a mail user and send it elsewhere. This adds some SQL hackery to create dummy aliases for all mail users.
fixes #200
closes #214 another way
2014-09-27 13:32:10 +00:00
Joshua Tauberer
a4c70f7a92
revert dovecot part of 39bca053ed
because dovecot started behaving weird and I don't have time to debug it
2014-09-26 22:41:59 +00:00
Joshua Tauberer
39bca053ed
add 2048 bits of DH params for nginx, postfix, dovecot
...
nginx/postfix use a new pre-generated dh2048.pem file. dovecot generates the bits on its own.
ssllabs.com reports that TLS_DHE ciphers went from 1024 to 2048 bits as expected. The ECDHE ciphers remain at 256 bits --- no idea what that really means. (This tests nginx only. I haven't tested postfix/dovecot.)
see https://discourse.mailinabox.email/t/fips-ready-for-ssl-dhec-key-exchange/76/3
2014-09-26 22:09:22 +00:00
Joshua Tauberer
c2eb8e5330
typo in roundcube download URL
...
see 8e0967dd8e (commitcomment-7940724)
2014-09-26 14:26:45 +00:00
Joshua Tauberer
ab47144ae3
add strict SPF and DMARC records to any subdomains (including custom records) that do not have SPF/DMARC set
...
closes #208
2014-09-26 14:01:03 +00:00
Joshua Tauberer
9b6f9859d1
dns_update: assume DKIM is present
2014-09-26 14:01:03 +00:00
Joshua Tauberer
4e6d572de9
ensure Python operates in UTF-8 with a consistent locale for all users
...
fixes #206 (hopefully)
2014-09-26 08:26:09 -04:00
Joshua Tauberer
145186a6b6
link to Modoboa in README
2014-09-26 08:20:13 -04:00
Joshua Tauberer
5714b3c6b7
bump bootstrap.sh to incoming 0.03 tag
2014-09-24 12:48:15 +00:00
Joshua Tauberer
8e0967dd8e
if an earlier version of roundcube had already been installed, update to our target version
...
fixes #195
2014-09-24 12:46:51 +00:00
Joshua Tauberer
5a89f3c633
don't allow catch-all addresses in the admin because they take precedence over mail users and that's counter-intuitive
...
For now use the command-line tools/mail.py if you need it.
see #200
Revert "Changed incomming-email-input to type text"
This reverts commit 9631fab7b2
.
2014-09-24 12:36:47 +00:00
Joshua Tauberer
ed8fb2d06d
the latest z-push introduces a new/second USE_FULLEMAIL_FOR_LOGIN parameter
...
see http://discourse.mailinabox.email/t/activesync-z-push-not-working/94/3
2014-09-24 12:24:35 +00:00
Joshua Tauberer
8c8d9304ac
lock z-push to a particular upstream version by fmbiete/Z-Push-contrib commit hash
2014-09-24 12:20:10 +00:00
Joshua Tauberer
c1ccd22531
put a start script at /usr/local/bin/mailinabox
2014-09-22 16:37:12 -04:00
Joshua Tauberer
01c964bfe3
update bootstrap.sh for next tag
2014-09-22 16:35:07 -04:00
Joshua Tauberer
6c59294e7b
more readable bash
2014-09-21 16:05:11 -04:00
Joshua Tauberer
9d40a12f44
first pass at making readable documentation by parsing the bash scripts
2014-09-21 13:43:31 -04:00
Joshua Tauberer
c2ddabe683
fix ajax loading indicator positioning
2014-09-21 17:41:46 +00:00
Joshua Tauberer
846768efcb
admin: update user's password from the admin
2014-09-21 17:24:01 +00:00
Joshua Tauberer
8dfbb90f3a
admin: simplify the users table a bit
2014-09-21 17:10:23 +00:00
Joshua Tauberer
c7c3bd33cf
DNS API should reject qnames that aren't in a zone managed by the box
...
see https://discourse.mailinabox.email/t/set-www-a-and-other-dns-records-after-install/63/10
2014-09-21 13:37:30 +00:00
Joshua Tauberer
1637153566
make the DNS API a little clearer
2014-09-21 13:37:30 +00:00
Joshua Tauberer
05510f25a5
warn if a SSL cert is expiring in 30 days
2014-09-21 13:37:30 +00:00
Joshua Tauberer
b8ea7282b0
don't run `apt-get update` when generating the status checks output because it is so slow and should be update daily by cron anyway
2014-09-21 13:37:30 +00:00
jmar71n
b5bb12d0d2
enable site-wide bayesian filtering
...
Create directory in $STORAGE_ROOT for bayes database.
Added --username arg to sa-learn as the user mail does not have permission to edit files in $STORAGE_ROOT. There is probably a better solution to this...
2014-09-20 16:07:30 +01:00
Joshua Tauberer
dd91553689
open the firewall to an alternative SSH port if set
...
https://discourse.mailinabox.email/t/opening-up-a-custom-port-for-ssh-after-install/55/2
2014-09-20 08:26:10 -04:00
Joshua Tauberer
98651deea4
python3-dev is a dependency for many pip packages, including pyyaml, fixes #196
2014-09-17 21:56:09 +00:00
Joshua Tauberer
ff0c85615b
correct typo in comment
2014-09-15 10:02:25 +00:00
Joshua Tauberer
16e2350fef
revise the description of A records on domains: the A record must be present for good deliverability so that the envelope domain resolves, but it doesn't have to resolve to this machine
2014-09-15 06:00:50 -04:00
Joshua Tauberer
52b2e27451
Merge pull request #193 from waldyrious/patch-1
...
add link to contributors, remove duplicate "to"s
2014-09-13 20:54:26 -04:00
Waldir Pimenta
48bb8a90d2
add link to contributors, remove duplicate "to"s
2014-09-14 01:45:10 +01:00
Joshua Tauberer
941684f4d9
Merge pull request #192 from ch000/patch-1
...
Changed incomming-email-input to type text
2014-09-12 12:15:24 -04:00
Christian
9631fab7b2
Changed incomming-email-input to type text
...
The input type="email" validation won't allow "@example.com", which is needed for catch-all-aliases.
2014-09-12 18:08:33 +02:00
jkaberg
93a722f85b
ownCloud (witch is based on SabreDAV) supports sync
2014-09-10 21:22:56 +02:00
Joshua Tauberer
4f4a8faa00
Merge pull request #188 from Bretos/master
...
update roundcube version
2014-09-10 09:04:27 -04:00
Bretos
467f04facb
update roundcube version
2014-09-10 12:32:32 +02:00
Joshua Tauberer
196e42e8b5
don't automatically create an alias if a user account already exists by that name
...
In the event the first user is an address that we'd normally create as an alias,
we'd generate a loop from the alias to the administrative alias to the first user
account (which was the alias again).
hopefully fixes #186
2014-09-09 11:41:47 +00:00
Joshua Tauberer
f09da719f7
show the response from spamhaus.org in the status checks output
2014-09-08 20:27:26 +00:00
Joshua Tauberer
e9e95cbed5
tweak backup explanatory text
2014-09-08 20:12:31 +00:00
Joshua Tauberer
98fc449b49
only hold onto backups for 14 days (not 31) and show when the backups will be deleted in the control panel
2014-09-08 20:09:18 +00:00
Joshua Tauberer
bab8b515ea
new logic for determining when to take a full backup
2014-09-08 19:42:54 +00:00