1
0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2025-04-05 00:27:25 +00:00
Commit Graph

2185 Commits

Author SHA1 Message Date
downtownallday
bdeb27c3f3 Merge branch 'main' of https://github.com/mail-in-a-box/mailinabox
# Conflicts:
#	README.md
2022-01-20 06:58:40 -05:00
Joshua Tauberer
3a7de051ee Version 56 (January 19, 2022) 2022-01-19 16:59:34 -05:00
downtownallday
d6cd4e826c Ensure pip3 is installed before installing email_validator 2022-01-11 09:53:07 -05:00
downtownallday
f5c92d936d Merge branch 'main' of https://github.com/mail-in-a-box/mailinabox
# Conflicts:
#	setup/webmail.sh
2022-01-11 09:52:34 -05:00
Darek Kowalski
f11cb04a72
Update Vagrant private IP address, fix issue #2062 (#2064) 2022-01-08 18:29:23 -05:00
Joshua Tauberer
cb564a130a Fix DNS secondary nameserver refesh failure retry period
Fixes #1979
2022-01-08 09:38:41 -05:00
Joshua Tauberer
d1d6318862 Set systemd journald log retention to 10 days (from no limit) to reduce disk usage 2022-01-08 09:11:48 -05:00
Joshua Tauberer
34b7a02f4f Update Roundcube to 1.5.2 2022-01-08 09:00:12 -05:00
Joshua Tauberer
a312acc3bc Update to Nextcloud 20.0.8 and update apps 2022-01-08 09:00:12 -05:00
Joshua Tauberer
aab1ec691c CHANGELOG entries 2022-01-08 07:46:24 -05:00
Erik Hennig
520caf6557
fix: typo in system backup template (#2081) 2022-01-02 08:11:41 -05:00
downtownallday
8392eacd94 Merge branch 'main' of https://github.com/mail-in-a-box/mailinabox 2021-12-28 08:59:09 -05:00
jvolkenant
c92fd02262
Don't die if column already exists on Nextcloud 18 upgrade (#2078) 2021-12-25 10:17:34 -05:00
Arno Hautala
a85c429a85
regex change to exclude comma from sasl_username (#2074)
as proposed in #2071 by @jvolkenant
2021-12-19 08:33:59 -05:00
downtownallday
d9cd7d2002 Add a setup mod to configure unattended-upgrades to email root on failures 2021-12-15 09:03:58 -05:00
downtownallday
177fd19b9b Increase session lifetime from 10 minutes to 1 hour 2021-12-05 16:22:12 -05:00
downtownallday
6c24a130b9 Display common name in the directory 2021-12-05 16:11:48 -05:00
downtownallday
d2c4be41e0 Merge branch 'main' of https://github.com/mail-in-a-box/mailinabox 2021-12-02 06:10:01 -05:00
Ilnahro
50a5cb90bc
Include rsync to the installed basic packages (#2067)
Some VPS providers strip this package from their Ubuntu 18.04 VM images. This will help avoid errors.
2021-11-30 19:50:01 -05:00
downtownallday
250a53c025 Merge branch 'main' of https://github.com/mail-in-a-box/mailinabox 2021-11-27 14:22:13 -05:00
steadfasterX
aac878dce5
fix: key flag id for KSK, fix format (#2063)
as mentioned (https://github.com/mail-in-a-box/mailinabox/pull/2033#issuecomment-976365087) KSK is 257, not 256
2021-11-23 11:06:17 -05:00
downtownallday
1828538646 Refresh script for latest roundcube carddav plugin
Belongs with last commit...
2021-11-15 16:08:43 -05:00
downtownallday
06216876a2 Update roundcube carddav plugin to support roundcube 1.5 and close a security hole 2021-11-15 16:07:54 -05:00
downtownallday
334c7f71b5 Merge branch 'main' of https://github.com/mail-in-a-box/mailinabox 2021-11-13 19:36:00 -05:00
jvolkenant
58b0323b36
Update persistent_login for Roundcube 1.5 (#2055) 2021-11-04 18:59:10 -04:00
kiekerjan
646f971d8b
Update mailinabox.yml (#2054)
The examples for login and logout use GET instead of POST. GET gives me an error when using it, while POST seems to work.
2021-10-31 12:49:26 -04:00
downtownallday
229a9c6d95 Merge branch 'main' of https://github.com/mail-in-a-box/mailinabox 2021-10-28 21:40:05 -04:00
Felix Spöttel
86067be142
fix(docs): set a schema for /logout responses (#2051)
* this remedies an OpenAPI syntax violation resulting in a redoc-cli crash
2021-10-27 12:27:54 -04:00
downtownallday
3bb6f021a7 Fix tests that were broken by commit bb54370 2021-10-27 08:20:07 -04:00
downtownallday
db8e0fdf66 Remove /etc/ldap/ldap.conf creation as it's now created by the Nextcloud docker image 2021-10-27 08:19:32 -04:00
downtownallday
4767afe8de Merge branch 'main' of https://github.com/mail-in-a-box/mailinabox 2021-10-26 23:05:35 -04:00
Joshua Tauberer
c67ff241c4
Updates to security.md 2021-10-23 08:57:05 -04:00
Joshua Tauberer
7b4cd443bf
How to report security issues 2021-10-22 18:49:16 -04:00
Joshua Tauberer
34017548d5 Don't crash if a custom DNS entry is not under a zone managed by the box, fixes #1961 2021-10-22 18:39:53 -04:00
downtownallday
bb543700f5 Fix smart host alias (alias with no forward to's). Postfix recently started rejecting these mails with "Sender address rejected: domain not found". This ensures the special case is handled properly. 2021-10-19 08:15:28 -04:00
downtownallday
00805cb52c Merge branch 'main' of https://github.com/mail-in-a-box/mailinabox
# Conflicts:
#	README.md
2021-10-19 07:11:33 -04:00
Joshua Tauberer
65861c68b7 Version 55 2021-10-18 20:40:51 -04:00
Joshua Tauberer
71a7a3e201 Upgrade to Roundcube 1.5 2021-10-18 20:40:51 -04:00
Richard Willis
1c3bca53bb
Fix broken link in external-dns.html (#2045) 2021-10-18 07:36:48 -04:00
downtownallday
e3bc8b1a41 Merge branch 'main' of https://github.com/mail-in-a-box/mailinabox 2021-10-15 18:49:48 -04:00
ukfhVp0zms
b643cb3478
Update calendar/contacts android app info (#2044)
DAVdroid has been renamed to DAVx⁵ and price increased from $3.69 to $5.99.
CardDAV-Sync free is no longer in beta.
CalDAV-Sync price increased from $2.89 to $2.99.
2021-10-13 19:09:05 -04:00
downtownallday
31dc96757c Add help text 2021-10-02 10:10:06 -04:00
downtownallday
66ac35871e Merge branch 'main' of https://github.com/mail-in-a-box/mailinabox
Upstream is adding handling for utf8 domains by creating a domain alias @utf8 -> @idna. I'm deviating from this approach by setting multiple email address (idna and utf8) per user and alias where a domain contains non-ascii characters. The maildrop (mailbox) remains the same - all mail goes to the user's mailbox regardless of which email address was used. This is more in line with how other systems (eg. active directory), handle multiple email addresses for a single user.

# Conflicts:
#	README.md
#	management/mailconfig.py
#	management/templates/index.html
#	setup/dns.sh
#	setup/mail-users.sh
2021-10-01 17:43:48 -04:00
Joshua Tauberer
113b7bd827 Disable SMTPUTF8 in Postfix because Dovecot LMTP doesn't support it and bounces messages that require SMTPUTF8
By not advertising SMTPUTF8 support at the start, senders may opt to transmit recipient internationalized domain names in IDNA form instead, which will be deliverable.

Incoming mail with internationalized domains was probably working prior to our move to Ubuntu 18.04 when postfix's SMTPUTF8 support became enabled by default.

The previous commit is retained because Mail-in-a-Box users might prefer to keep SMTPUTF8 on for outbound mail, if they are not using internationalized domains for email, in which case the previous commit fixes the 'relay access denied' error even if the emails aren't deliverable.
2021-09-24 08:11:36 -04:00
Joshua Tauberer
3e19f85fad Add domain maps from Unicode forms of internationalized domains to their ASCII forms
When an email is received by Postfix using SMTPUTF8 and the recipient domain is a Unicode internationalized domain, it was failing to be delivered (bouncing with 'relay access denied') because our users and aliases tables only store ASCII (IDNA) forms of internationalized domains. In this commit, domain maps are added to the auto_aliases table from the Unicode form of each mail domain to its IDNA form, if those forms are different. The Postfix domains query is updated to look at the auto_aliases table now as well, since it is the only table with Unicode forms of the mail domains.

However, mail delivery is still not working since the Dovecot LMTP server does not support SMTPUTF8, and mail still bounces but with an error that SMTPUTF8 is not supported.
2021-09-24 08:11:36 -04:00
Joshua Tauberer
11e84d0d40 Move automatically generated aliases to a separate database table
They really should never have been conflated with the user-provided aliases.

Update the postfix alias map to query the automatically generated aliases with lowest priority.
2021-09-24 08:11:36 -04:00
Joshua Tauberer
79966e36e3 Set a cookie for /admin/munin pages to grant access to Munin reports
The /admin/munin routes used the same Authorization: header logic as the other API routes, but they are browsed directly in the browser because they are handled as static pages or as a proxy to a CGI script.

This required users to enter their email username/password for HTTP basic authentication in the standard browser auth prompt, which wasn't ideal (and may leak the password in browser storage). It also stopped working when MFA was enabled for user accounts.

A token is now set in a cookie when visiting /admin/munin which is then checked in the routes that proxy the Munin pages. The cookie's lifetime is kept limited to limit the opportunity for any unknown CSRF attacks via the Munin CGI script.
2021-09-24 08:11:36 -04:00
Joshua Tauberer
66b15d42a5 CHANGELOG entries 2021-09-24 08:11:36 -04:00
drpixie
df46e1311b
Include NSD config files from /etc/nsd/nsd.conf.d/*.conf (#2035)
And write MIAB dns zone config into /etc/nsd/nsd.conf.d/zones.conf. Delete lingering old zones.conf file.

Co-authored-by: Joshua Tauberer <jt@occams.info>
2021-09-24 08:07:40 -04:00
downtownallday
4403e65053 Merge branch 'main' of https://github.com/mail-in-a-box/mailinabox 2021-09-23 17:11:53 -04:00