1
0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2024-12-27 08:07:04 +00:00
Commit Graph

907 Commits

Author SHA1 Message Date
KiekerJan
fa9bcbe8d2 move command to web.sh setup 2021-12-06 23:25:31 +01:00
KiekerJan
9850ae5420 upgrade nextcloud to 21 2021-12-06 23:22:11 +01:00
KiekerJan
53c6c0fcc4 update nextcloud to 2.0.14 2021-11-17 00:25:05 +01:00
KiekerJan
2e397aea62 postgrey remembers 2021-11-14 16:12:06 +01:00
KiekerJan
5da3803697 password needs to be editable in case totp is enabled in nextcloud, an application specific password is to be used to access nextcloud address book 2021-11-07 22:55:48 +01:00
KiekerJan
daff60ee13 add totp two factor auth to nextcloud 2021-11-07 22:54:43 +01:00
kiekerjan
d36b3e9030
Merge branch 'mail-in-a-box:main' into master 2021-11-06 23:39:28 +01:00
jvolkenant
58b0323b36
Update persistent_login for Roundcube 1.5 (#2055) 2021-11-04 18:59:10 -04:00
KiekerJan
2741affa48 Merge branch 'master' of github.com:kiekerjan/mailinabox 2021-11-04 00:32:14 +01:00
github@kiekerjan.isdronken.nl
7c11022fb5 merge upstream 2021-11-04 00:26:53 +01:00
KiekerJan
9c35f4d5f5 add totp two factor auth to roundcube 2021-10-28 21:56:50 +02:00
KiekerJan
be899f2b9e avoid a runaway /64 in jail.conf 2021-10-25 16:44:25 +02:00
KiekerJan
91d4dfc88c fix downloaded version of nextcloud contacts app 2021-10-25 16:24:18 +02:00
KiekerJan
5403f7eea7 updated version nextcloud 2021-10-25 00:09:32 +02:00
github@kiekerjan.isdronken.nl
eeada2b9b5 merge changes from V55 upstream 2021-10-19 23:07:02 +02:00
Joshua Tauberer
65861c68b7 Version 55 2021-10-18 20:40:51 -04:00
Joshua Tauberer
71a7a3e201 Upgrade to Roundcube 1.5 2021-10-18 20:40:51 -04:00
Joshua Tauberer
113b7bd827 Disable SMTPUTF8 in Postfix because Dovecot LMTP doesn't support it and bounces messages that require SMTPUTF8
By not advertising SMTPUTF8 support at the start, senders may opt to transmit recipient internationalized domain names in IDNA form instead, which will be deliverable.

Incoming mail with internationalized domains was probably working prior to our move to Ubuntu 18.04 when postfix's SMTPUTF8 support became enabled by default.

The previous commit is retained because Mail-in-a-Box users might prefer to keep SMTPUTF8 on for outbound mail, if they are not using internationalized domains for email, in which case the previous commit fixes the 'relay access denied' error even if the emails aren't deliverable.
2021-09-24 08:11:36 -04:00
Joshua Tauberer
3e19f85fad Add domain maps from Unicode forms of internationalized domains to their ASCII forms
When an email is received by Postfix using SMTPUTF8 and the recipient domain is a Unicode internationalized domain, it was failing to be delivered (bouncing with 'relay access denied') because our users and aliases tables only store ASCII (IDNA) forms of internationalized domains. In this commit, domain maps are added to the auto_aliases table from the Unicode form of each mail domain to its IDNA form, if those forms are different. The Postfix domains query is updated to look at the auto_aliases table now as well, since it is the only table with Unicode forms of the mail domains.

However, mail delivery is still not working since the Dovecot LMTP server does not support SMTPUTF8, and mail still bounces but with an error that SMTPUTF8 is not supported.
2021-09-24 08:11:36 -04:00
Joshua Tauberer
11e84d0d40 Move automatically generated aliases to a separate database table
They really should never have been conflated with the user-provided aliases.

Update the postfix alias map to query the automatically generated aliases with lowest priority.
2021-09-24 08:11:36 -04:00
drpixie
df46e1311b
Include NSD config files from /etc/nsd/nsd.conf.d/*.conf (#2035)
And write MIAB dns zone config into /etc/nsd/nsd.conf.d/zones.conf. Delete lingering old zones.conf file.

Co-authored-by: Joshua Tauberer <jt@occams.info>
2021-09-24 08:07:40 -04:00
Joshua Tauberer
e884c4774f Replace HMAC-based session API keys with tokens stored in memory in the daemon process
Since the session cache clears keys after a period of time, this fixes #1821.

Based on https://github.com/mail-in-a-box/mailinabox/pull/2012, and so:

Co-Authored-By: NewbieOrange <NewbieOrange@users.noreply.github.com>

Also fixes #2029 by not revealing through the login failure error message whether a user exists or not.
2021-09-06 09:23:58 -04:00
Joshua Tauberer
700188c443 Roundcube 1.5 RC 2021-09-06 09:23:58 -04:00
KiekerJan
9b39251469 active roundcube markasjunk plugin 2021-09-03 22:23:00 +02:00
github@kiekerjan.isdronken.nl
4b260354c2 revert carddav plugin install 2021-08-02 22:47:42 +02:00
github@kiekerjan.isdronken.nl
75f14a0735 make plugin installation of carddav like other git based installs 2021-08-02 22:09:04 +02:00
github@kiekerjan.isdronken.nl
a3b7878ef4 add contextmenu plugin 2021-08-02 00:44:47 +02:00
github@kiekerjan.isdronken.nl
bd9952704a mute re indexing, could be lots of noise on existing installs 2021-08-02 00:27:45 +02:00
KiekerJan
cf6eac0d0c add nginx security headers 2021-08-02 00:05:12 +02:00
KiekerJan
1f35158211 use predefined DHE field groups 2021-08-01 23:09:59 +02:00
github@kiekerjan.isdronken.nl
dbf029b399 remove old ciphers from postfix 2021-08-01 22:49:25 +02:00
KiekerJan
87be897d36 update DH security to 4096 2021-08-01 21:52:37 +02:00
KiekerJan
f6450c1cae update obsolete settings 2021-07-31 21:43:25 +02:00
KiekerJan
104d40e819 add alternative sshd port to ssh jail 2021-07-31 21:42:57 +02:00
KiekerJan
128541d506 add alternative sshd port to ssh jail 2021-07-31 21:36:38 +02:00
github@kiekerjan.isdronken.nl
1315e02cba mail homes and correct use of STORAGE PATH 2021-07-19 21:41:50 +02:00
github@kiekerjan.isdronken.nl
afe078ce32 remove compression for dovecot 2021-07-19 21:34:51 +02:00
KiekerJan
af079a1139 enable compression for dovecot mailboxes 2021-07-04 20:09:29 +02:00
github@kiekerjan.isdronken.nl
050c77a49a fix sed order 2021-06-27 22:14:57 +02:00
github@kiekerjan.isdronken.nl
212b9a31df add definition of admin ipv6 address 2021-06-27 22:12:15 +02:00
KiekerJan
606e66fe80 fixes 2021-06-22 23:33:11 +02:00
github@kiekerjan.isdronken.nl
ca5fb3c2e0 Merge changes from upstream v0.54 2021-06-20 23:36:54 +02:00
Joshua Tauberer
4cb46ea465 v0.54 2021-06-20 15:50:04 -04:00
KiekerJan
cc234c2cab add notes app to nextcloud 2021-06-12 09:52:37 +02:00
KiekerJan
95712e196b remove chkrootkit,too many false positives 2021-06-05 09:53:07 +02:00
KiekerJan
a24c01973f doveadm fts rescan clears the indices, we don't want that 2021-05-30 21:11:47 +02:00
KiekerJan
5fa27b27e2 make security settings more strict for postfix 2021-05-29 00:18:43 +02:00
Joshua Tauberer
d510c8ae2a Enable and recommend port 465 for mail submission instead of port 587 (fixes #1849)
Port 465 with "implicit" (i.e. always-on) TLS is a more secure approach than port 587 with explicit (i.e. optional and only on with STARTTLS). Although we reject credentials on port 587 without STARTTLS, by that point credentials have already been sent.
2021-05-15 16:42:14 -04:00
github@kiekerjan.isdronken.nl
9bd34141bf add extra munin plugins 2021-05-14 00:12:11 +02:00
github@kiekerjan.isdronken.nl
d1b45945b0 cleanup 2021-05-09 21:47:14 +02:00