Scott Bronson
f389603f01
consolidate SPF/DMARC and DKIM/*DAV messages
2016-10-05 15:31:39 -07:00
Scott Bronson
7ac0323b8b
Merge branches 'check_dkim', 'check_dav' and 'check_custom' into check_spf
2016-10-05 14:59:28 -07:00
Scott Bronson
3375ede034
factor out retrieve_dkim_record to reduce code duplication
2016-09-30 21:18:49 -07:00
Scott Bronson
00a3709b11
add custom DNS records to DNS status checks
2016-09-30 20:29:32 -07:00
Scott Bronson
1cab5a6d4b
add caldav and carddav records to DNS status checks
2016-09-30 18:51:09 -07:00
Scott Bronson
424122e495
lack of SPF and DMARC only merits a warning
2016-09-30 18:21:10 -07:00
Scott Bronson
6150f91461
Ensure DKIM records are set properly
2016-09-30 18:11:34 -07:00
Scott Bronson
435a1552a9
verify DMARC in addtion to SPF in DNS status checks
2016-09-30 17:14:01 -07:00
Scott Bronson
d4301bd424
add SPF records to the DNS status checks
2016-09-30 17:01:39 -07:00
yodax
da5497cd1c
Update changelog entries
2016-09-28 08:37:24 +02:00
Michael Kroes
a27ec68467
Merge pull request #951 from MariusBluem/remove-certificate-providers
...
Remove Certificate Providers / Fix #950
2016-09-28 08:33:11 +02:00
Marius Blüm
3ac4b8aca8
Remove Certificate Providers / Fix #950
...
Signed-off-by: Marius Blüm <marius@lineone.io>
2016-09-27 15:06:50 +02:00
Michael Kroes
02feeafe6a
change bayes_file_mode to world writable (merges #931 )
...
fixes #534 , again, hopefully
2016-09-23 15:14:21 -04:00
Marius Blüm
5f0376bfbf
Fix typo in alias-page, fixes #943 (merges #949 )
...
Signed-off-by: Marius Blüm <marius@lineone.io>
2016-09-23 15:11:37 -04:00
Joshua Tauberer
4e4fe90fc7
v0.20
2016-09-23 07:49:13 -04:00
Joshua Tauberer
3cd5a6eee7
changelog entries
2016-09-23 07:46:01 -04:00
Joshua Tauberer
c26bc841a2
more for dnspython exception with IPv6 addresses
...
fixes #945 , corrects prev commit (#947 ) in case of multiple AAAA records, adds changelog
2016-09-23 07:41:24 -04:00
Mathis Hoffmann
163daea41c
dnspython exception with IPv6 addresses
...
see #945 , merges #947
2016-09-23 07:35:53 -04:00
Scott Bronson
102b2d46ab
typo fix: seconday -> secondary ( #939 )
2016-09-18 08:10:49 -04:00
Joshua Tauberer
58541c467f
merge #936 - fix wonky free disk space messages - from cmsirbu/master
...
fix status_checks.py free disk space reporting, fixes #932
2016-09-16 07:31:57 -04:00
cs@twoflower
00bd23eb04
fix status_checks.py free disk space reporting #932
2016-09-15 17:01:21 +01:00
Joshua Tauberer
d73d1c6900
changelog typos
2016-08-24 07:47:55 -04:00
Joshua Tauberer
fc0abd5b4d
confirm that fail2ban is protecting pop3s, closes #629
2016-08-22 19:18:23 -04:00
Joshua Tauberer
27b4edfc76
v0.19b
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAABAgAGBQJXuHvJAAoJELkgQfTBC92B2IsIAJl+tQkkVp5cu4zuSLOpHj73
LFGGCrGTSMwuyNbnklkLmLIfRxlmNfHNfQqHYhxJQq7JVLuDRJS2rTJnSWGg4PuE
vyrjOEFNNqFp9cy00j6NMUUcJa4kte4cvMg3Sonz7JkVwS3fxp7hSgZknYOjlLvh
R/FmrqVhpDtTZRtMjcQaCtCTWUEETYFLsJZ2iZkIlpGhoxPGEhKZquNrT0s3qrNv
Rwf6O3i9RIS/bOu2lWI+ymdStPVJnn+deRTBWPpsxXdNC/NG9+gWiqGgRnjTBbMO
uzH1hYct+J6TWeNpesECfMMjTOZ+T7yrRJc1s9ThuLokyAlo9yf4E5YFziZ0hi4=
=JxNp
-----END PGP SIGNATURE-----
merge v0.19b hot fix release
2016-08-20 11:50:26 -04:00
Joshua Tauberer
ba75ff7820
v0.19b
2016-08-20 11:48:08 -04:00
Joshua Tauberer
a14b17794b
simplify how munin-cgi-graph is called to reduce the attack surface area
...
Seems like if REQUEST_METHOD is set to GET, then we can drop two redundant ways the query string is given. munin-cgi-graph itself reads the environment variables only, but its calls to Perl's CGI::param will look at the command line if REQUEST_METHOD is not used, otherwise it uses environment variables like CGI used to work.
Since this is all behind admin auth anyway, there isn't a public vulnerability. #914 was opened without comment which lead me to notice the redundancy and worry about a vulnerability, before I realized this is admin-only anyway.
The vulnerability was created by 6d6f3ea391
.
See #914 .
This is the v0.19b hotfix commit.
2016-08-20 11:47:44 -04:00
Joshua Tauberer
35a360ef0b
simplify how munin-cgi-graph is called to reduce the attack surface area
...
Seems like if REQUEST_METHOD is set to GET, then we can drop two redundant ways the query string is given. munin-cgi-graph itself reads the environment variables only, but its calls to Perl's CGI::param will look at the command line if REQUEST_METHOD is not used, otherwise it uses environment variables like CGI used to work.
Since this is all behind admin auth anyway, there isn't a public vulnerability. #914 was opened without comment which lead me to notice the redundancy and worry about a vulnerability, before I realized this is admin-only anyway.
2016-08-19 12:42:43 -04:00
Joshua Tauberer
86457e5bc4
merge: fail2ban broke, released v0.19a
2016-08-18 08:39:31 -04:00
Joshua Tauberer
7c9f3e0b23
v0.19a
2016-08-18 08:36:28 -04:00
Joshua Tauberer
83d8dbca3e
fail2ban won't start until the roundcube log file is created
...
fixes #911
2016-08-18 08:32:14 -04:00
Joshua Tauberer
8cf2e468bd
[merge #900 ] Adding a Code of Conduct
...
Merge pull request #900 from mail-in-a-box/code_of_conduct
2016-08-15 20:10:37 -04:00
Joshua Tauberer
440a545010
some improvements suggested by the community
2016-08-15 20:09:05 -04:00
Marius Blüm
942bcfc7c5
Update Bootstrap to 3.3.7 ( #909 )
...
Signed-off-by: Marius Blüm <marius@lineone.io>
2016-08-15 18:06:12 -04:00
ReadmeCritic
4f2d16a31d
Update README URLs based on HTTP redirects ( #908 )
2016-08-15 11:07:09 -04:00
Joshua Tauberer
e9368de462
[merge #902 ] Upgrade ownCloud from 8.2.3 to 8.2.7
...
Merge https://github.com/mar1u5/mailinabox
fixes #901
2016-08-13 17:36:08 -04:00
Joshua Tauberer
cdd0a821eb
v0.19
...
closes #898
2016-08-13 17:27:10 -04:00
Marius Blüm
6f165d0aeb
Update Changelog
...
Signed-off-by: Marius Blüm <marius@lineone.io>
2016-08-09 00:58:10 +02:00
Marius Blüm
6c22c0533e
Upgrade ownCloud from 8.2.3 to 8.2.7
...
Signed-off-by: Marius Blüm <marius@lineone.io>
2016-08-09 00:53:15 +02:00
Joshua Tauberer
d38b732b0a
add a Code of Conduct
2016-08-08 08:19:42 -04:00
Joshua Tauberer
81b5af6b64
document fail2ban filters in security.md
2016-08-08 07:55:46 -04:00
Joshua Tauberer
fc5cc9753b
roundcube 1.2.1
2016-08-08 07:32:02 -04:00
Joshua Tauberer
1aca6fe08f
some minor tweaks to the new users/aliases API documentation
2016-08-08 07:28:10 -04:00
Joshua Tauberer
cf3e1cd595
add SRV records for CardDAV/CalDAV
...
DavDroid's latest version's account configuration no longer just asked for a hostname. Its email address & password configuration mode did not work without a SRV record.
2016-07-31 20:53:57 -04:00
Joshua Tauberer
b044dda28f
put the ufw status checks in the network section, add a punctuation mark, add changelog entry
2016-07-29 09:23:36 -04:00
Joshua Tauberer
f66f39b61d
Merge branch 'ufw_status_check' of https://github.com/yodax/mailinabox
2016-07-29 09:16:22 -04:00
Joshua Tauberer
6de7d59f14
changelog entries
2016-07-29 09:12:01 -04:00
Michael Kroes
9c8f2e75fc
allow i686 as a supported architecture
...
This is checked during preflight. See https://github.com/mail-in-a-box/mailinabox/issues/885 (#889 )
2016-07-29 09:07:16 -04:00
Joshua Tauberer
cbc4bf553d
Merge pull request #880 from schlypel/master
...
Added information about API endpoints
2016-07-29 09:04:27 -04:00
Michael Kroes
4e3cfead46
Add HSTS to the control panel headers ( #879 )
2016-07-29 09:01:40 -04:00
Joshua Tauberer
8844a9185f
Merge pull request #798 from mail-in-a-box/fail2banjails
...
add fail2ban jails for ownCloud, postfix submission, roundcube, and the Mail-in-a-Box management daemon
2016-07-29 08:52:44 -04:00