Teal Dulcet 
							
						 
					 
					
						
						
						
						
							
						
						
							4999ed7b1c 
							
						 
					 
					
						
						
							
							Fixed Q003 (avoidable-escaped-quote): Change outer quotes to avoid escaping inner quotes  
						
						
						
					 
					
						2024-03-10 07:54:51 -04:00 
						 
				 
			
				
					
						
							
							
								Teal Dulcet 
							
						 
					 
					
						
						
						
						
							
						
						
							3d72c32b1d 
							
						 
					 
					
						
						
							
							Fixed W605 (invalid-escape-sequence)  
						
						
						
					 
					
						2024-03-10 07:54:51 -04:00 
						 
				 
			
				
					
						
							
							
								Teal Dulcet 
							
						 
					 
					
						
						
						
						
							
						
						
							14a5613dc8 
							
						 
					 
					
						
						
							
							Fixed UP031 (printf-string-formatting): Use format specifiers instead of percent format  
						
						
						
					 
					
						2024-03-10 07:54:51 -04:00 
						 
				 
			
				
					
						
							
							
								Teal Dulcet 
							
						 
					 
					
						
						
						
						
							
						
						
							51dc7615f7 
							
						 
					 
					
						
						
							
							Fixed RSE102 (unnecessary-paren-on-raise-exception): Unnecessary parentheses on raised exception  
						
						
						
					 
					
						2024-03-10 07:54:51 -04:00 
						 
				 
			
				
					
						
							
							
								Teal Dulcet 
							
						 
					 
					
						
						
						
						
							
						
						
							13b38cc04d 
							
						 
					 
					
						
						
							
							Fixed F841 (unused-variable)  
						
						
						
					 
					
						2024-03-10 07:54:51 -04:00 
						 
				 
			
				
					
						
							
							
								Teal Dulcet 
							
						 
					 
					
						
						
						
						
							
						
						
							2b426851f9 
							
						 
					 
					
						
						
							
							Fixed UP032 (f-string): Use f-string instead of format call  
						
						
						
					 
					
						2024-03-10 07:54:51 -04:00 
						 
				 
			
				
					
						
							
							
								Teal Dulcet 
							
						 
					 
					
						
						
						
						
							
						
						
							dd61844ced 
							
						 
					 
					
						
						
							
							Fixed EM101 (raw-string-in-exception): Exception must not use a string literal, assign to variable first  
						
						
						
					 
					
						2024-03-10 07:54:51 -04:00 
						 
				 
			
				
					
						
							
							
								Teal Dulcet 
							
						 
					 
					
						
						
						
						
							
						
						
							0ee64f2fe8 
							
						 
					 
					
						
						
							
							Fixed F401 (unused-import)  
						
						
						
					 
					
						2024-03-10 07:54:21 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							ddf8e857fd 
							
						 
					 
					
						
						
							
							Support Ubuntu 22.04 Jammy Jellyfish ( #2083 )  
						
						
						
					 
					
						2022-10-11 21:18:34 -04:00 
						 
				 
			
				
					
						
							
							
								Sudheesh Singanamalla 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							d7244ed920 
							
						 
					 
					
						
						
							
							Fixes   #2149  Append ; in policy strings for DMARC settings ( #2151 )  
						
						... 
						
						
						
						Signed-off-by: Sudheesh Singanamalla <sudheesh@cloudflare.com> 
						
					 
					
						2022-08-19 13:23:42 -04:00 
						 
				 
			
				
					
						
							
							
								Rauno Moisto 
							
						 
					 
					
						
						
						
						
							
						
						
							78569e9a88 
							
						 
					 
					
						
						
							
							Fix DeprecationWarning in dnspython query vs resolve method  
						
						... 
						
						
						
						The resolve method disables resolving relative names by default. This change probably makes a7710e90 
						
					 
					
						2022-07-28 14:02:46 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							e884c4774f 
							
						 
					 
					
						
						
							
							Replace HMAC-based session API keys with tokens stored in memory in the daemon process  
						
						... 
						
						
						
						Since the session cache clears keys after a period of time, this fixes  #1821 .
Based on https://github.com/mail-in-a-box/mailinabox/pull/2012 , and so:
Co-Authored-By: NewbieOrange <NewbieOrange@users.noreply.github.com>
Also fixes  #2029  by not revealing through the login failure error message whether a user exists or not. 
						
					 
					
						2021-09-06 09:23:58 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							d510c8ae2a 
							
						 
					 
					
						
						
							
							Enable and recommend port 465 for mail submission instead of port 587 ( fixes   #1849 )  
						
						... 
						
						
						
						Port 465 with "implicit" (i.e. always-on) TLS is a more secure approach than port 587 with explicit (i.e. optional and only on with STARTTLS). Although we reject credentials on port 587 without STARTTLS, by that point credentials have already been sent. 
						
					 
					
						2021-05-15 16:42:14 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							5aeced5c2e 
							
						 
					 
					
						
						
							
							add a test for fail2ban monitoring managesieve  
						
						
						
					 
					
						2019-08-31 09:15:41 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							8e0d9b9f21 
							
						 
					 
					
						
						
							
							update list of tls ciphers supported  
						
						
						
					 
					
						2019-01-09 08:52:51 -05:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							870b82637a 
							
						 
					 
					
						
						
							
							fix some wrong variable names,  fixes   #1353  
						
						
						
					 
					
						2018-11-30 10:46:54 -05:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							e924459140 
							
						 
					 
					
						
						
							
							revert f25801e/#1233 - use Mozilla intermediate ciphers for IMAP/POP not modern ciphers  
						
						... 
						
						
						
						fixes  #1300  
					
						2017-12-24 14:41:41 -05:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							5efdd72f41 
							
						 
					 
					
						
						
							
							update TLS test to record changes in the ciphers we offer on the open ports  
						
						
						
					 
					
						2017-10-03 12:01:10 -04:00 
						 
				 
			
				
					
						
							
							
								Michael Kroes 
							
						 
					 
					
						
						
						
						
							
						
						
							2151d81453 
							
						 
					 
					
						
						
							
							update to ownCloud 9.1.1 (with intermediate upgrades) ( #894 )  
						
						... 
						
						
						
						[this is a squashed merge from-]
* Install owncoud 9.1 and provide an upgrade path from 8.2. This also disables memcached and goes with apc. The upgrade fails with memcached.
* Remove php apc setting
* Add dav migrations for each user
* Add some comments to the code
* When upgrading owncloud from 8.2.3 to 9.1.0 the backup of 8.2.3 was overwritten when going from 9.0 to 9.1
* Add upgrade path from 8.1.1. Only do an upgrade check if owncloud was previously installed.
* Stop php5-fpm before owncloud upgrade to prevent database locks
* Fix fail2ban tests for owncloud 9
* When upgrading owncloud copy the database to the user-data/owncloud-backup directory
* Remove not need unzip directives during owncloud extraction. Directory is removed beforehand so a normal extraction is fine
* Improve backup of owncloud installation and provide a post installation restore script. Update the owncloud version number to 9.1.1. Update the calendar and contacts apps to the latest versions
* Separate the ownCloud upgrades visually in the console output. 
						
					 
					
						2016-10-18 06:04:13 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							fc0abd5b4d 
							
						 
					 
					
						
						
							
							confirm that fail2ban is protecting pop3s,  closes   #629  
						
						
						
					 
					
						2016-08-22 19:18:23 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							83d8dbca3e 
							
						 
					 
					
						
						
							
							fail2ban won't start until the roundcube log file is created  
						
						... 
						
						
						
						fixes  #911  
					
						2016-08-18 08:32:14 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							8844a9185f 
							
						 
					 
					
						
						
							
							Merge pull request  #798  from mail-in-a-box/fail2banjails  
						
						... 
						
						
						
						add fail2ban jails for ownCloud, postfix submission, roundcube, and the Mail-in-a-Box management daemon 
						
					 
					
						2016-07-29 08:52:44 -04:00 
						 
				 
			
				
					
						
							
							
								Michael Kroes 
							
						 
					 
					
						
						
						
						
							
						
						
							d9ac321f25 
							
						 
					 
					
						
						
							
							Owncloud needs more time to detect blocks. It doesn't respond as fast as the other services. Also owncloud logs UTC (since latest update) even though the timezone is not UTC. Also to detect a block, we get a timeout instead of a refused)  
						
						
						
					 
					
						2016-06-27 06:03:19 -04:00 
						 
				 
			
				
					
						
							
							
								Michael Kroes 
							
						 
					 
					
						
						
						
						
							
						
						
							bf5e9200f8 
							
						 
					 
					
						
						
							
							Update owncloud url to use webdav and increase http timeout  
						
						
						
					 
					
						2016-06-27 06:03:14 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							3055f9a79c 
							
						 
					 
					
						
						
							
							drop SSLv3, RC4 ciphers from SMTP port 25  
						
						... 
						
						
						
						Per http://googleappsupdates.blogspot.ro/2016/05/disabling-support-for-sslv3-and-rc4-for.html , Google is about to do the same.
fixes  #611  
						
					 
					
						2016-06-12 09:11:50 -04:00 
						 
				 
			
				
					
						
							
							
								Michael Kroes 
							
						 
					 
					
						
						
						
						
							
						
						
							01fa8cf72c 
							
						 
					 
					
						
						
							
							add fail2ban jails for ownCloud, postfix submission, roundcube, and the Mail-in-a-Box management daemon  
						
						... 
						
						
						
						(tests squashed into this commit by josh) 
						
					 
					
						2016-06-06 09:13:10 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							a0c7e63d78 
							
						 
					 
					
						
						
							
							best guess at what clients are supported by the tls settings used  
						
						
						
					 
					
						2015-05-22 17:36:55 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							2c44333679 
							
						 
					 
					
						
						
							
							compare tls ciphers against Mozilla's recommendations  
						
						
						
					 
					
						2015-05-20 19:41:04 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							610be9cf17 
							
						 
					 
					
						
						
							
							record current TLS settings from my box  
						
						
						
					 
					
						2015-05-20 18:31:46 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							d3cacd4a11 
							
						 
					 
					
						
						
							
							update test_dns  
						
						... 
						
						
						
						Don't check NS records for now because they will only appear on zones.
If a hostname is a subdomain on a zone and not itself a zone, it will
lack NS records.
Also stop testing for ADSP, which we dropped in 126ea94ccf 
						
					 
					
						2014-06-21 12:32:20 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							87b0608f15 
							
						 
					 
					
						
						
							
							test_dns: DNSSEC signing inserts empty text string components  
						
						
						
					 
					
						2014-06-21 12:32:20 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							5b72e5419d 
							
						 
					 
					
						
						
							
							fix shebang lines in the tests to take advantage of any activated python environment  
						
						
						
					 
					
						2014-06-08 17:31:12 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							3961e1aec3 
							
						 
					 
					
						
						
							
							test_dns: more error handling  
						
						
						
					 
					
						2014-06-04 19:31:55 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							d6e6cfd3c9 
							
						 
					 
					
						
						
							
							mail test: catch typical connecting errors and display nicer output  
						
						
						
					 
					
						2014-06-04 17:13:06 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							fff06f7d71 
							
						 
					 
					
						
						
							
							improve DNS test output  
						
						
						
					 
					
						2014-06-04 17:01:49 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							19aba091d7 
							
						 
					 
					
						
						
							
							test_mail: if EHLO test fails continue testing the rest, since user may be waiting on DNS propagation  
						
						
						
					 
					
						2014-05-17 08:32:40 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							c722625041 
							
						 
					 
					
						
						
							
							test_dns: add ADSP and DMARC tests, see  #14  
						
						
						
					 
					
						2014-05-10 08:03:18 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							c403895f95 
							
						 
					 
					
						
						
							
							test_dns: properly test the non-primary domain of a box (for email addresses on domains besides PUBLIC_HOSTNAME)  
						
						
						
					 
					
						2014-05-10 08:03:13 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							bdadf3017d 
							
						 
					 
					
						
						
							
							test_dns: handle case where a DNS record is missing (vs incorrect)  
						
						
						
					 
					
						2014-05-10 08:03:07 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							80b367ab07 
							
						 
					 
					
						
						
							
							test_mail: gracefully handled when the server has no reverse DNS available  
						
						
						
					 
					
						2014-05-06 10:02:29 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							0be47c414d 
							
						 
					 
					
						
						
							
							in the DNS test, use dnspython3 rather than dig  
						
						
						
					 
					
						2014-04-23 18:27:50 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							1b4dd98270 
							
						 
					 
					
						
						
							
							test that the SMTP server's EHLO name matches its reverse DNS name  
						
						
						
					 
					
						2014-04-23 18:02:30 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							22ad668699 
							
						 
					 
					
						
						
							
							rename test modules to not conflict with global package names (e.g. dns)  
						
						
						
					 
					
						2014-04-23 17:43:38 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							ccbbc930e2 
							
						 
					 
					
						
						
							
							in the mail test script, forgot to remove the dkim import  
						
						
						
					 
					
						2014-04-23 17:32:41 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							ec11241a7a 
							
						 
					 
					
						
						
							
							also test reverse DNS  
						
						
						
					 
					
						2014-04-23 14:10:04 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							95a17a00c0 
							
						 
					 
					
						
						
							
							DNS test: also check a public nameserver to verify that the registrar (or up-host) configuration is correct too  
						
						
						
					 
					
						2014-04-20 12:26:35 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							04d97a11e9 
							
						 
					 
					
						
						
							
							new tests for DNS and IMAP/SMTP  
						
						
						
					 
					
						2014-04-17 20:18:10 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							a50f30c411 
							
						 
					 
					
						
						
							
							smtp server test  
						
						
						
					 
					
						2013-09-01 10:40:12 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							a1260b75fb 
							
						 
					 
					
						
						
							
							various fixes; rewrote test scripts  
						
						
						
					 
					
						2013-08-31 10:50:27 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							97b2105a1f 
							
						 
					 
					
						
						
							
							spamassassin  
						
						
						
					 
					
						2013-08-23 11:59:28 -04:00