external/mailinabox
1
0
Fork 0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2025-04-05 00:27:25 +00:00
Code Issues Releases Wiki Activity
2,106 Commits 6 Branches 85 Tags 43 MiB
c855133c41
Commit Graph

2106 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Joshua Tauberer
545e7a52e4 Add MFA list/disable to the management CLI so admins can restore access if MFA device is lost 2020-10-31 10:23:43 -04:00
David Duque
48c233ebe5
Update Roundcube to version 1.4.9 (#1830) 2020-10-31 10:01:14 -04:00
Michael Kroes
9a588de754
Upgrade Nextcloud to version 20.0.1 (#1848) 2020-10-31 09:58:26 -04:00
downtownallday
a7370beae0 Merge remote-tracking branch 'fspoettel/admin-panel-2fa' into totp 
# Conflicts:
#	management/daemon.py
#	management/mfa.py
 2020-10-29 16:56:36 -04:00
Joshua Tauberer
601c23d91b Add MFA list/disable to the management CLI so admins can restore access if MFA device is lost 2020-10-29 15:42:00 -04:00
Joshua Tauberer
ac9ecc3bd3 Rename tools/mail.py to management/cli.py 2020-10-29 15:41:54 -04:00
downtownallday
521b72653c Fix #4 2020-10-26 15:46:19 -04:00
downtownallday
9057c12c38 Merge branch 'master' of https://github.com/mail-in-a-box/mailinabox 2020-10-16 21:07:36 -04:00
David Duque
8b166f3041
Display certificate expiry dates in ISO format (#1841) 2020-10-16 16:22:36 -04:00
Joshua Tauberer
5509420637 s/Days/Retention Days/ on the backup settings page 2020-10-15 14:11:43 -04:00
downtownallday
6589a31883 Merge branch 'master' of https://github.com/mail-in-a-box/mailinabox 2020-10-13 20:22:18 -04:00
Jeff Volkenant
840f84da1a Custom spamassassin rules for bad SPF/DMARC headers 2020-10-07 11:29:19 -07:00
Jeff Volkenant
3a59fe834f OpenDKIM/OpenDMARC header checks 2020-10-07 11:05:52 -07:00
Felix Spöttel
7d6c7b6610
Increase mta-sts max_age to one week (#1829) 
This aligns the policy with the example policy found in the  spec
see https://tools.ietf.org/html/rfc8461#section-3.2
 2020-10-02 21:27:21 -04:00
downtownallday
a78e6eb3fa Speed up vm creation 2020-09-30 13:33:40 -04:00
downtownallday
f6b04b314f Add totpMruTokenTime to upgrade 2020-09-30 11:50:49 -04:00
downtownallday
100acb119b Add a totpMruTokenTime value to record the time when the mru token was used 
Use the totpMruTokenTime as the id to uniquely identify a totp entry
 2020-09-30 11:00:58 -04:00
downtownallday
a5ebd07549 Merge remote-tracking branch 'fspoettel/admin-panel-2fa' into totp 
# Conflicts:
#	management/auth.py
#	management/mfa.py
 2020-09-30 09:05:03 -04:00
Felix Spöttel
1f0e493b8c Exclude mru_token in user key hash 2020-09-30 12:34:26 +02:00
downtownallday
5deb88ab60 Merge remote-tracking branch 'fspoettel/admin-panel-2fa' into totp 
# Conflicts:
#	management/daemon.py
#	management/mfa.py
#	setup/mail-users.sh
 2020-09-29 22:20:15 -04:00
Felix Spöttel
ada2167d08 Only update mru_token for matched mfa row 2020-09-29 20:05:58 +02:00
Felix Spöttel
be5032ffbe Don't expose mru_token and secret for enabled mfas over HTTP 2020-09-29 19:46:02 +02:00
Felix Spöttel
00b3a3b0a9 Remove unique key constraint on foreign key user_id in mfa table 2020-09-29 19:39:40 +02:00
downtownallday
60771b7615 Merge branch 'master' of https://github.com/mail-in-a-box/mailinabox 2020-09-29 09:12:25 -04:00
downtownallday
e2dea39e5b Advance the x-ordered counter 2020-09-29 08:55:32 -04:00
downtownallday
75fb6d2a5d Rename a function 2020-09-29 08:55:04 -04:00
downtownallday
18d9cd99ea Restart management daemon in case it was already started 2020-09-29 08:54:16 -04:00
downtownallday
2bdcbc9b6c Run upgrade tests before default ones 2020-09-29 08:52:33 -04:00
downtownallday
37777ae904 Add a vagrant vanilla install with port forwarding 2020-09-29 08:33:57 -04:00
downtownallday
042e8b4a56 Merge remote-tracking branch 'fspoettel/admin-panel-2fa' into totp 2020-09-28 23:25:29 -04:00
downtownallday
00fc94d3c1 Merge remote-tracking branch 'fspoettel/admin-panel-2fa' into totp 
# Conflicts:
#	management/auth.py
#	management/daemon.py
#	management/mailconfig.py
#	setup/mail-users.sh
 2020-09-28 23:25:16 -04:00
Felix Spöttel
6d82c0035a Update openAPI docs 2020-09-28 21:27:24 +02:00
Felix Spöttel
4dced10a3f Fix handling of bad input when enabling mfa 2020-09-28 21:06:59 +02:00
Joshua Tauberer
b80f225691 Reorganize MFA front-end and add label column 2020-09-27 08:31:23 -04:00
0pis
7f0f28f8e3
Use tabs instead of spaces in nginx conf (#1827) 
* conf/nginx-primaryonly.conf: Use tabs instead of spaces
* management/web_update.py: Includes the tabs so they display with the correct indentation when added to the local.conf

Co-authored-by: 0pis <0pis>
 2020-09-27 07:13:33 -04:00
Joshua Tauberer
a8ea456b49 Reorganize the MFA backend methods 2020-09-26 09:58:25 -04:00
downtownallday
a79c7fce91 Merge branch 'master' of https://github.com/mail-in-a-box/mailinabox 
# Conflicts:
#	README.md
 2020-09-26 08:03:12 -04:00
Joshua Tauberer
03bff5292b v0.50 
v0.50 (September 25, 2020)
--------------------------

Setup:

* When upgrading from versions before v0.40, setup will now warn that ownCloud/Nextcloud data cannot be migrated rather than failing the installation.

Mail:

* An MTA-STS policy for incoming mail is now published (in DNS and over HTTPS) when the primary hostname and email address domain both have a signed TLS certificate installed, allowing senders to know that an encrypted connection should be enforced.
* The per-IP connection limit to the IMAP server has been doubled to allow more devices to connect at once, especially with multiple users behind a NAT.

DNS:

* autoconfig and autodiscover subdomains and CalDAV/CardDAV SRV records are no longer generated for domains that don't have user accounts since they are unnecessary.
* IPv6 addresses can now be specified for secondary DNS nameservers in the control panel.

TLS:

* TLS certificates are now provisioned in groups by parent domain to limit easy domain enumeration and make provisioning more resilient to errors for particular domains.

Control Panel:

* The control panel API is now fully documented at https://mailinabox.email/api-docs.html.
* User passwords can now have spaces.
* Status checks for automatic subdomains have been moved into the section for the parent domain.
* Typo fixed.

Web:

* The default web page served on fresh installations now adds the `noindex` meta tag.
* The HSTS header is revised to also be sent on non-success responses.
 2020-09-25 07:43:30 -04:00
Joshua Tauberer
e891a9a3f3 Update CHANGELOG 2020-09-21 15:59:38 -04:00
Joshua Tauberer
51aedcf6c3 Drop the MTA-STS TLSRPT record unless set explicitly 2020-09-21 15:57:17 -04:00
b-k
853008ddcc
Be more forgiving of people who missed the train on upgrading NextCloud (#1813) 
Co-authored-by: B <ben@klemens.org>
 2020-09-21 15:45:58 -04:00
downtownallday
cf888d3f30 Set miab-ldap migration version during first-time setup 2020-09-16 09:39:49 -04:00
downtownallday
7c29628530 Separate miab and miab-ldap migrations 
Add tests for migrating from miab w/totp (migration 13) to miab-ldap
 2020-09-16 09:00:27 -04:00
downtownallday
b3e789a4e2 Migrate TOTP secrets 2020-09-15 07:51:27 -04:00
downtownallday
b6ba3a054c Fix regexp: \d => [0-9] 2020-09-12 20:07:50 -04:00
downtownallday
d68a89af61 Merge remote-tracking branch 'fspoettel/admin-panel-2fa' into totp 
# Conflicts:
#	management/auth.py
#	management/mailconfig.py
 2020-09-12 19:44:22 -04:00
Felix Spöttel
7d6427904f Typo 2020-09-12 16:38:44 +02:00
Felix Spöttel
dcb93d071c Add TOTP secret to user_key hash 
thanks @downtownallday
* this invalidates all user_keys after TOTP status is changed for user
* after changing TOTP state, a login is required
* due to the forced login, we can't and don't need to store the code used for setup in `mru_code`
 2020-09-12 16:34:06 +02:00
downtownallday
14b6ab4262 Add a simple command-line "authenticator app" for testing 2020-09-10 18:20:31 -04:00
downtownallday
752da93a37 Refactor: move code for obtaining totp tokens to tests/lib/totp.sh 2020-09-10 18:19:29 -04:00