external
/
mailinabox
mirror of https://github.com/mail-in-a-box/mailinabox.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Commit Graph

  • 37e626df77 Delete zpush.sh Josh Harmon 2016-07-24 17:28:17 -0700
  • 19b08c61d2 Update index.html Josh Harmon 2016-07-24 17:27:37 -0700
  • f8bf686b4b Update mail-postfix.sh Josh Harmon 2016-07-24 17:25:40 -0700
  • 13cb4357de Update www_default.html Josh Harmon 2016-07-24 17:23:57 -0700
  • 7c526313fd per Yodax suggestion used built in python tool I was unaware existed. ChiefGyk 2016-07-21 12:15:58 -0400
  • 125405edfb Merge master Michael Kroes 2016-07-21 16:30:03 +0200
  • 5bec8014fc added it under the firewall conditions so it will run only if enabled ChiefGyk 2016-07-20 17:12:23 -0400
  • bf8e095b36 added grep to see if ciphers were already added for when rerunning the script ChiefGyk 2016-07-20 16:46:38 -0400
  • 46627f98ef Remove HTTP_PROXY from mail and zpush Michael Kroes 2016-07-19 07:45:03 +0200
  • dc19a614ce Strip HTTP_PROXY from requests to php-fpm and Flask Michael Kroes 2016-07-19 05:38:35 +0200
  • 4d00d8be9b Allow i686 as a supported architecture. This is checked during preflight. See https://github.com/mail-in-a-box/mailinabox/issues/885 Michael Kroes 2016-07-17 07:40:09 +0200
  • e069eb9940 Add trailing slash when checking a remote backup. Also check if we actually can read the remote size Michael Kroes 2016-07-16 11:25:39 +0200
  • 5454a5f06b Remove nohup from ssh-keygen so errors aren't hidden. Also only generate a key if none exists yet Michael Kroes 2016-07-16 07:00:53 +0200
  • 6f899033e4 fixed some spacing and missing TLSv1+HIGH ChiefGyk 2016-07-14 20:42:20 -0400
  • 5be322aa04 hardened dovecot, learning postfix now used tips per https://bettercrypto.org/static/applied-crypto-hardening.pdf ChiefGyk 2016-07-14 20:09:48 -0400
  • 6b6bda520a only enabled recommended MAC and ciphers per research. Added this after it was revealed via OpenVAS ChiefGyk 2016-07-14 19:36:11 -0400
  • be8ae6619c added repo of ipset-assassin for easier modification by me as I update the root project for this. ChiefGyk 2016-07-02 18:56:21 -0400
  • 8f4941a3c5 removed optional GeoIP and Tor exit node blocking. Can be readded if need be later, or by using the root project ChiefGyk 2016-07-02 18:34:34 -0400
  • 5abc9c3ec5 added MaxMind, StopForumSpam, and Greensnow addresses to ipset lists. ChiefGyk 2016-07-02 18:29:07 -0400
  • c02be38f07 Added MaxMind, StopForumSpam, and GreenSnow to the list of ipset filters ChiefGyk 2016-07-02 18:24:45 -0400
  • 2d51e5d0ab code fix ChiefGyk 2016-06-30 16:38:52 -0400
  • 894fdc1d21 updated readme ChiefGyk 2016-06-30 15:21:34 -0400
  • 24a2062ca6 updated readme ChiefGyk 2016-06-30 15:21:06 -0400
  • 025dc9a02b updated readme ChiefGyk 2016-06-30 15:19:35 -0400
  • 1cdf97158f updated readme ChiefGyk 2016-06-30 15:18:58 -0400
  • 99a852ad34 updated readme ChiefGyk 2016-06-30 15:17:01 -0400
  • 0337dc3eb0 Merge branch '2.41' ChiefGyk 2016-06-30 15:05:20 -0400
  • 55ab6ec99a readme ChiefGyk 2016-06-30 15:04:44 -0400
  • f3b1309971 clutter ChiefGyk 2016-06-30 15:00:52 -0400
  • e70eabbd21 clutter ChiefGyk 2016-06-30 14:59:29 -0400
  • 22d173ff80 credits ChiefGyk 2016-06-30 14:56:27 -0400
  • a9fa2533b6 credit fixes ChiefGyk 2016-06-30 14:37:21 -0400
  • 9d3f7df679 merging and credits, added malc0de IP blacklist ChiefGyk 2016-06-30 14:34:06 -0400
  • 8a6e59af47 wrong link Alon Ganon 2016-06-30 09:28:21 -0400
  • 5c5fc025c2 fixed minor issue Alon Ganon 2016-06-30 09:25:46 -0400
  • 18cd0c6902 removed dialog.sh which had the geoblock options, and fixed typo in tor.sh for the optional tor exit node block ChiefGyk 2016-06-30 08:57:35 -0400
  • f02acfe0c5 fixed typo ChiefGyk 2016-06-30 08:56:43 -0400
  • 795ca8a2e0 removed redundant dialog.sh ChiefGyk 2016-06-30 08:30:00 -0400
  • 0d69474688 updated added tor exit node being optional ChiefGyk 2016-06-30 08:29:22 -0400
  • 6556da1e65 removed geoblocks, made tor exit node blocking optional during setup via yes/no dialog which will comment out the appropriate line in /etc/cron.daily/blacklist. Rearranged some code, deleted some files and clutter. ChiefGyk 2016-06-30 08:20:47 -0400
  • c478125269 Update README.md Alon Ganon 2016-06-29 21:43:36 -0400
  • 88365d43ac polished, more finalized, from now on minor features added (lists, new countries), but the foundation I believe is complete ChiefGyk 2016-06-29 21:37:56 -0400
  • 52410106e9 replaced iptables-persistent with another iptables-persistent in /etc/init.d, this one also will save ipsets and allow persistence upon reboot. Cleaned up some code, changed debconf variables at iptables-persistent install to false. Still installs iptable-persistant through apt, just to get rid of all the foundation work for it to run, but is quickly replaced. ChiefGyk 2016-06-29 21:35:37 -0400
  • 6ee8852a67 removed apt installing iptables-persistent, now manually adding it ChiefGyk 2016-06-29 21:28:20 -0400
  • 4645806675 readme tweaks and other fixes ChiefGyk 2016-06-29 21:20:24 -0400
  • 67e40c07b8 moved persistence to front, pulled iptables-persistence from another github and forked it. Using that in /etc/init.d/iptables-persistent so it handles ipset as well to make things easier. Also allows you to load and save much easier for both iptables and ipset. ChiefGyk 2016-06-29 21:07:11 -0400
  • a1698f82ef ipset persistence, and fixes ChiefGyk 2016-06-29 20:50:33 -0400
  • 84040e56f8 fixes ChiefGyk 2016-06-29 20:14:07 -0400
  • b66ab07ea0 fixed a bug with unable to reload network interface ChiefGyk 2016-06-29 19:56:01 -0400
  • 3d7f9bdbea Merge 8a06d0aa8b into 82903cd09e Michael Kroes 2016-06-29 23:42:10 +0000
  • c15aa078b7 added #!/bin/bash to install.sh ChiefGyk 2016-06-29 19:09:17 -0400
  • 8316782cdb removing unneccessary clutter ChiefGyk 2016-06-29 18:52:00 -0400
  • 835c8e0d74 Merge branch '2.2' ChiefGyk 2016-06-29 18:37:42 -0400
  • 86a504713e added dshield ChiefGyk 2016-06-29 18:36:55 -0400
  • 9b3a158b72 Added Dshield, to automatically block the top 20 malicious IP blocks each day. It is merged into blacklist which will run in cron.daily. So ipset blocks the majority of addresses from lists, and IPTables does the blocks. ChiefGyk 2016-06-29 18:33:09 -0400
  • 66a542d666 dialog fix ChiefGyk 2016-06-29 18:27:01 -0400
  • b9a9b46707 merging dshield and blacklist cron together ChiefGyk 2016-06-29 18:23:46 -0400
  • fe8acc8e44 trying to get the blacklist and dshield merged ChiefGyk 2016-06-29 18:13:18 -0400
  • 4286eff0bd changing IPtable settings ChiefGyk 2016-06-29 17:55:36 -0400
  • 06f4a1d55c changing IPtable settings ChiefGyk 2016-06-29 17:54:21 -0400
  • 10aef791d7 dshield ChiefGyk 2016-06-29 17:49:54 -0400
  • 7dffae1cb3 Closing China, calls you 'Mr.Trump' ChiefGyk 2016-06-29 16:01:08 -0400
  • 61780b8ae7 added optional geoblock lists that update weekly for China, and Korea as they create a lot of spam. They are added via IPtables as they are added in blocks. ChiefGyk 2016-06-29 15:39:41 -0400
  • d5df6ff09d added geo-blocking ChiefGyk 2016-06-29 15:24:29 -0400
  • adf7ca25ea added ability to optionally block Korean and/or Chinese IP address blocks towards the end via a dialog box. ChiefGyk 2016-06-29 15:23:13 -0400
  • aca54c66bf fixing stuff ChiefGyk 2016-06-29 15:00:35 -0400
  • 345fd9e787 added do nothing option to dialog ChiefGyk 2016-06-29 14:53:23 -0400
  • 1b825f9bc4 fixing window size ChiefGyk 2016-06-29 14:50:12 -0400
  • ee41ba2366 fixing window size ChiefGyk 2016-06-29 14:49:25 -0400
  • c563970355 added dialog and blocks for korea as well as China ChiefGyk 2016-06-29 14:45:36 -0400
  • 8efe6c933f added Malware Domain list and ZeusTracker ChiefGyk 2016-06-29 14:18:43 -0400
  • 1437f7c891 dialog for china and korea ChiefGyk 2016-06-29 13:49:22 -0400
  • a8eb27dc3f added malware domain list and zeus tracker ChiefGyk 2016-06-29 13:09:33 -0400
  • 097adec5d2 polish ChiefGyk 2016-06-29 12:37:46 -0400
  • 162f580e68 moved the comments around so it looked nicer on my other computer ChiefGyk 2016-06-29 12:34:17 -0400
  • 324f5666f2 removed an unneeded line ChiefGyk 2016-06-29 12:31:59 -0400
  • a0185aca95 typo ChiefGyk 2016-06-29 11:54:32 -0400
  • 3824d20faa fixed comments in script ChiefGyk 2016-06-29 11:53:07 -0400
  • 02b014527b added link to original project ChiefGyk 2016-06-29 11:48:26 -0400
  • 5a40ff0bc6 updated readme ChiefGyk 2016-06-29 11:35:24 -0400
  • 9ed4952474 updated readme ChiefGyk 2016-06-29 11:31:08 -0400
  • 1edd94ba39 added persistence by adding a couple lines to /etc/network/interfaces. It will automatically load at start, save each time the cron.daily runs, so if you need to reboot the ipset is loaded again. ChiefGyk 2016-06-29 11:14:03 -0400
  • 33bcd10278 fixing persistence with ipset ChiefGyk 2016-06-29 11:01:53 -0400
  • 4f0096c3c2 somes code fixes and lines added for fixes ChiefGyk 2016-06-29 10:18:56 -0400
  • ef5f90e02c changed name from blocklist to blacklist to keep more uniform ChiefGyk 2016-06-29 09:38:08 -0400
  • 39644bd29e Now using ipset, added more lists, resarched and looked around for how to script it better. Now all will be able to wget from wizcraft (blocked my VPS, but not local machine so I suspect IP blocks are blocked from them), however there seems to be a lot of overlap of the addresses so I don't think it will be an issue. Averages around ~47,000 IP addresses as opposed to the original couple thousand just from blocklist.de. Does not require Fail2Ban to work just iptables, and of course iptables-persistent to keep changes. ChiefGyk 2016-06-29 09:32:16 -0400
  • 022752d0bb polished ChiefGyk 2016-06-29 09:18:24 -0400
  • ed8881afc9 double checking lists ChiefGyk 2016-06-29 09:05:39 -0400
  • a931ec80ad rewrote blacklist with more lists, and ipset ChiefGyk 2016-06-29 08:52:17 -0400
  • 74e5dba3ba testing all lists ChiefGyk 2016-06-29 08:24:43 -0400
  • 619e1a7265 added some bad url list ChiefGyk 2016-06-29 08:18:00 -0400
  • 957f3a9b08 removed some lists for testing ChiefGyk 2016-06-29 08:14:21 -0400
  • 4f9b926dba used xargs to make it a bit easier for script, had it make /etc/iptables then copy blocklist.txt to there, which the cron.daily will continuously read from for it's lists ChiefGyk 2016-06-29 08:06:54 -0400
  • 1b17b25e9e added mishing back slash for lists ChiefGyk 2016-06-29 07:48:47 -0400
  • b04bcf1d47 added a bunch of filters for email/webmail servers ChiefGyk 2016-06-29 07:45:48 -0400
  • 3249a55f3a added API info to users page template schlypel 2016-06-29 13:35:42 +0200
  • b58fb54725 added API info to aliases page template schlypel 2016-06-29 13:34:54 +0200
  • b4154ad1bd removed unneeded sudo ChiefGyk 2016-06-29 07:28:45 -0400
  • 6c808a5654 fixed unneccessary sudo, added part to load global variables. ChiefGyk 2016-06-29 07:26:34 -0400
  • ffe7efef96 Add HSTS to the control panel headers Michael Kroes 2016-06-29 08:33:41 +0200