Commit Graph

5204 Commits

Author SHA1 Message Date
Niklas Meyer
654dbf8198
🐄🐰 Moopril 2022 - ClamAV, Rspamd, SOGo Update
Additions:

Update SOGo to 5.5.1
Update Rspamd to 3.2.1
Update ClamAV Containers to use the official ones
Added a specific ClamAV Volume for Docker

Fixes:

Autodiscover is now compatible with App Passwords.
The Postmap Access List has been updated to a newer state.
New French translations.
2022-04-05 11:38:01 +02:00
Niklas Meyer
53a5254897
[SOGo] Update SOGo to 5.5.1
**Includes Database Changes!**

As a preparation for 5.5.2 the database as well as some NGINX Settings have been changed.
2022-04-01 15:20:09 +02:00
milkmaker
c433daf024
[Web] Updated lang.fr.json [CI SKIP] (#4529)
Co-authored-by: crep7424 <guillaume@crepieux.eu>

Co-authored-by: crep7424 <guillaume@crepieux.eu>
2022-03-31 21:05:40 +02:00
Peter
fd7269d455
[ClamAV] Move to official ClamAV Docker container (#4525)
Since ClamAV starts to offer Docker containers this PR introduces said containers so we don't need to build the container on our own anymore. This was an easy task until v0.104, but then ClamAV changed its buildprocess to use cmake and with v0.105 it also needs the Rust toolchain -> https://docs.clamav.net/manual/Installing/Installing-from-source-Unix.html#ubuntu--debian

Here are the main changes for the new container

Creates clamd-db-vol-1 volume
Still uses the same config files
Downloads ClamAV databases in said volume
Smaller container footprint 13MB vs 150MB

---

* [ClamAV] Move to official ClamAV Docker container

* [ClamAV] Remove vim + nano

* [ClamAV] Use normal version in docker-compose
2022-03-28 11:07:47 +02:00
Niklas Meyer
b375e6a250
[Rspamd] Update Rspamd to 3.2.1 (#4526)
This PR Updates Rspamd to 3.2.1

(See Changelog here: https://rspamd.com/announce/2022/03/26/rspamd-3.2.html)

The new Tag is mailcow/rspamd:1.90
2022-03-28 11:05:44 +02:00
milkmaker
48589d20e2
[Web] Updated lang.fr.json [CI SKIP] (#4523)
Co-authored-by: crep7424 <guillaume@crepieux.eu>

Co-authored-by: crep7424 <guillaume@crepieux.eu>
2022-03-25 18:00:50 +01:00
Aiko Appeldorn
be9cbcf5ac
[Postfix] update postscreen access list (#4515) 2022-03-23 11:49:46 +01:00
Niklas Meyer
b04faddac4 Modified Buffer Size in site-defaults.conf 2022-03-23 11:14:07 +01:00
DerLinkman
e925187dda Revert "[Web] add github version tag - adjust css"
This reverts commit a0c09af67e.
2022-03-22 19:53:21 +01:00
Niklas Meyer
06f380a17a [DB] Removed empty space behind c_value 2022-03-22 19:47:53 +01:00
Niklas Meyer
67882414e1 [DB] Update DB Version to 22032022_1330
For SOGo 5.5.1 and newer
2022-03-22 19:47:53 +01:00
Niklas Meyer
2b149fb8ea [DB] Update schema for longer passwords in sogo 2022-03-22 19:47:53 +01:00
Niklas Meyer
3166bd5df5 [Compose] Update SOGo to 5.5.1 2022-03-22 19:47:53 +01:00
Michael Kuron
e911452d0c
Enable autodiscover to work with app passwords (#4516)
Fixes #4513
2022-03-22 19:41:34 +01:00
Vincent Simon
deac5ad2fe [Web] Fix resource.php and /cache/ warning message
If http://mail.example.tld/cache/ or http://mail.example.tld/resource.php are called without the required parameters it returns one or two warnings
2022-03-20 22:05:28 +01:00
Niklas Meyer
f097267bcd
Merge branch 'mailcow:staging' into staging 2022-03-20 22:04:46 +01:00
FreddleSpl0it
161130c116
[Web] Fix missing rspamd description (#4512)
* [Web] fix missing rspamd description

* [Web] fix missing rspamd description
2022-03-19 23:21:00 +01:00
Perry Toone
a03b8f28ae
Update lang.en.json (#4511)
* Update lang.en.json

Minor grammar correction in whitelist area.

* Update lang.en.json

Co-authored-by: Peter <magic@kthx.at>
2022-03-19 23:12:21 +01:00
Niklas Meyer
bb9ae02ccc
Merge branch 'mailcow:staging' into staging 2022-03-17 22:56:23 +01:00
DerLinkman
880a68d563 Merge branch 'staging'
* staging:
  [WEB] Changed Version to footer margin top to 20px
  [Helper] Backup and restore: Use bullseye-slim
  [Web] Delete related spam aliases when deleting alias domain
  Revert "Before update on 2022-03-02_17_04_05"
  [Web] Footer fix (#4500)
  [Web] Update composer libs   - Removing symfony/deprecation-contracts (v2.4.0)   - Upgrading ddeboer/imap (1.12.1 => 1.13.1)   - Upgrading directorytree/ldaprecord (v2.6.3 => v2.10.1)   - Upgrading illuminate/contracts (v8.53.1 => v9.3.0)   - Upgrading nesbot/carbon (2.51.1 => 2.57.0)   - Upgrading phpmailer/phpmailer (v6.5.0 => v6.6.0)   - Upgrading psr/container (1.1.1 => 2.0.2)   - Upgrading psr/log (1.1.4 => 3.0.0)   - Upgrading psr/simple-cache (1.0.1 => 2.0.0)   - Upgrading robthree/twofactorauth (1.8.0 => 1.8.1)   - Upgrading symfony/polyfill-ctype (v1.23.0 => v1.24.0)   - Upgrading symfony/polyfill-mbstring (v1.23.1 => v1.24.0)   - Upgrading symfony/polyfill-php80 (v1.23.1 => v1.24.0)   - Upgrading symfony/translation (v5.3.4 => v6.0.5)   - Upgrading symfony/translation-contracts (v2.4.0 => v3.0.0)   - Upgrading symfony/var-dumper (v5.3.6 => v6.0.5)   - Upgrading tightenco/collect (v8.34.0 => v8.83.2)   - Upgrading twig/twig (v3.3.2 => v3.3.8)
  Before update on 2022-03-02_17_04_05
  Fix issue forms
  [GH-Actions][stale] Update to v5.0.0
2022-03-17 22:06:10 +01:00
DerLinkman
d52323df2d [WEB] Changed Version to footer margin top to 20px 2022-03-17 21:57:27 +01:00
andryyy
769e08843b
[Helper] Backup and restore: Use bullseye-slim 2022-03-14 13:10:39 +01:00
andryyy
7692685122 Merge remote-tracking branch 'origin/staging' into staging 2022-03-14 08:36:18 +01:00
andryyy
b820096656 [Web] Delete related spam aliases when deleting alias domain 2022-03-14 08:35:21 +01:00
FreddleSpl0it
a0c09af67e [Web] add github version tag - adjust css 2022-03-12 22:39:56 +01:00
Peter
eddaf7a975
Revert "Before update on 2022-03-02_17_04_05"
This reverts commit 24275ffdbf.
2022-03-05 23:31:41 +01:00
FreddleSpl0it
bdd8b4a5ab
[Web] Footer fix (#4500)
* Fix issue forms

* [GH-Actions][stale] Update to v5.0.0

* [Web] fix version footer

* [Web] fix footer - hard coded repo url

Co-authored-by: Peter <magic@kthx.at>
2022-03-05 23:27:36 +01:00
andryyy
98bc947d00 [Web] Update composer libs
- Removing symfony/deprecation-contracts (v2.4.0)
  - Upgrading ddeboer/imap (1.12.1 => 1.13.1)
  - Upgrading directorytree/ldaprecord (v2.6.3 => v2.10.1)
  - Upgrading illuminate/contracts (v8.53.1 => v9.3.0)
  - Upgrading nesbot/carbon (2.51.1 => 2.57.0)
  - Upgrading phpmailer/phpmailer (v6.5.0 => v6.6.0)
  - Upgrading psr/container (1.1.1 => 2.0.2)
  - Upgrading psr/log (1.1.4 => 3.0.0)
  - Upgrading psr/simple-cache (1.0.1 => 2.0.0)
  - Upgrading robthree/twofactorauth (1.8.0 => 1.8.1)
  - Upgrading symfony/polyfill-ctype (v1.23.0 => v1.24.0)
  - Upgrading symfony/polyfill-mbstring (v1.23.1 => v1.24.0)
  - Upgrading symfony/polyfill-php80 (v1.23.1 => v1.24.0)
  - Upgrading symfony/translation (v5.3.4 => v6.0.5)
  - Upgrading symfony/translation-contracts (v2.4.0 => v3.0.0)
  - Upgrading symfony/var-dumper (v5.3.6 => v6.0.5)
  - Upgrading tightenco/collect (v8.34.0 => v8.83.2)
  - Upgrading twig/twig (v3.3.2 => v3.3.8)
2022-03-02 20:08:44 +01:00
andryyy
24275ffdbf Before update on 2022-03-02_17_04_05 2022-03-02 20:03:09 +01:00
Peter
5541f84c3c
[GH-Actions][stale] Update to v5.0.0 2022-03-02 18:22:55 +01:00
Peter
4907f702c8
Fix issue forms 2022-03-02 18:22:27 +01:00
Peter
412e1188b0
Fix issue forms 2022-03-02 18:21:08 +01:00
Peter
6d6b673cf2
[GH-Actions][stale] Update to v5.0.0 2022-03-02 18:17:10 +01:00
FreddleSpl0it
a1ffaae3d5 [Web] add github version tag - adjust css 2022-03-02 16:57:07 +01:00
FreddleSpl0it
f3f6fb8908 [Web] add github version tag error handling 2022-03-02 16:57:07 +01:00
FreddleSpl0it
a1a96bfabb [Web] add github version tag 2022-03-02 16:57:07 +01:00
Niklas Meyer
c520f21d28
🐄 Moorch Update 2022 - ClamAV, Dovecot & Olefy Update (#4497)
* [API] Fix minor issue in api docs

* [GH-Actions][stale] Add neverstale label to exempt list

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag error handling

* [Web] add github version tag error handling

* Passwordless SOGo auth: support for calendar invitations and calendar/contacts subscriptions

Inviting someone to a calendar event triggers a request to /SOGo/so/otheruser@example.com/freebusy.ifb/ajaxRead. Subscribing to someone's calendar/contacts triggers a request to /SOGo/so/otheruser@example.com/foldersSearch. The email address in the URL is different from the logged-in user, which needs to be handled appropriately by sogo-auth.php.

* [Web] add github version tag - adjust css

* [Compose] Update SOGo Autoreply Schedule to 5m

Based on the advice of inverse (SOGo developer). Thanks to https://github.com/jmber

Closes: https://github.com/mailcow/mailcow-dockerized/issues/4436

* [Web] add github version tag - move twig globals

* [Web] add github version tag - missing </div>

* Passwordless SOGo auth: improvements for when accessing other users

* [WebAuthn] fido2 passwordless auth - fix (#4440)

* [WebAuthn] fido2 revert

* [WebAuthn] set UV flags to 'discouraged'

* [WebAuthn] revert - set UV flags to 'discouraged'

* Update clamav to 0.104.2

* Update clamav to 0.104.2

* Update dovecot to 2.3.18

Update gosu to 1.14
Use debian bullseye as base

* [Web] Updated lang.es.json [CI SKIP] (#4453)

Co-authored-by: Fijxu <fijxu@zzls.xyz>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

Co-authored-by: Fijxu <fijxu@zzls.xyz>

* Fix broken documentation links (#4458)

* Fix broken documentation links

* Fix a few more broken documentation links

* Fix broken documentation links in translation files

* Fall back to empty string if WATCHDOG_NOTIFY_EMAIL undefined (#4457)

By default, `.env` (`mailcow.conf`) does not define `WATCHDOG_NOTIFY_EMAIL`.

Using it in `docker-compose.yml` without having it defined leads to Compose v2 displaying this warning on startup:

> WARNING: The WATCHDOG_NOTIFY_EMAIL variable is not set. Defaulting to a blank string.

Related to https://github.com/mailcow/mailcow-dockerized/issues/4315

* [Web] Updated lang.sk.json [CI SKIP] (#4461)

Co-authored-by: Lukáš Matula <lukas@gbely.net>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

Co-authored-by: Lukáš Matula <lukas@gbely.net>

* oletools: disable template injection detection (#4464)

Seems to be causing a lot of false positives lately

* Fix minor typo in comment (#4466)

Correction of the comment, so that the explanation is correct and can be understood.

* Update issue templates to issue forms (#4465)

This PR updates the issue templates to GitHubs new issue forms

* [Web] Fix padding issue in UI admin panel (#4481)

* [Web] fix admin panel padding issue

* [Web] fix admin panel padding issue

* [Web] Updated lang.sk.json [CI SKIP] (#4489)

Co-authored-by: Lukáš Matula <lukas@gbely.net>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

Co-authored-by: Lukáš Matula <lukas@gbely.net>

* increase opcache.interned_strings_buffer to 16 (#4487)

since version 23.0.2 Nextcloud recommends having a value greater than 8 for `opcache.interned_strings_buffer`. As this memory will be only used when needed this should have no impact on installations that are not using nextcloud.

related discussion: https://help.nextcloud.com/t/nextcloud-23-02-opcache-interned-strings-buffer/134007/19
related nextcloud issue: https://github.com/nextcloud/server/issues/31223

* nextcloud - add missing redirections (#4366)

adds missing location directives to the nginx configuration of nextcloud 22, to prevent warnings in nextcloud admin center of missing redirections

* Update imapsync to 2.178 (#4491)

* Update and fix oletools (#4479)

As noticed by @MAGICCC (#4464 (comment)), our olefy image does not work anymore if you rebuild it. This is because @HeinleinSupport recently updated their repository with the changes from @decalage2's repository, which renamed olvba3 to olevba. Since @HeinleinSupport does not recommend using its own patched branch and is very slow in pulling in changes from upstream (@decalage2), let's switch to the latter. This also allowed me to revert #4464.

Finally, a minor patch to rspamd is necessary. While the documentation says

In the extended mode the oletools module will not trigger on specific categories, but will always set a threat string with all found flags when at least a macro was found.

This is not actually true -- it only sets it when suspicious or autoexec threats were detected. But it's a one-line patch to make rspamd behave as documented and we should submit that patch to @rspamd too. With this patch, I have confirmed that Mailcow will reject any incoming, non-whitelisted message containing attachments with macros.

* [Web] Fix excluded domain list in quaratine view

Previously excluded domains from quarantine were not shown.

* [Dovecot] Update syslogng Version to 3.28 (#4496)

Co-authored-by: Niklas Meyer <niklas.meyer@tinc.gmbh>

Co-authored-by: ntimo <git@nowitzki.me>
Co-authored-by: Peter <magic@kthx.at>
Co-authored-by: FreddleSpl0it <patschul@posteo.de>
Co-authored-by: FreddleSpl0it <75116288+FreddleSpl0it@users.noreply.github.com>
Co-authored-by: Michael Kuron <mkuron@users.noreply.github.com>
Co-authored-by: milkmaker <milkmaker@mailcow.de>
Co-authored-by: Fijxu <fijxu@zzls.xyz>
Co-authored-by: Slavi Pantaleev <slavi@devture.com>
Co-authored-by: Lukáš Matula <lukas@gbely.net>
Co-authored-by: Max <mail@heavygale.de>
Co-authored-by: Michael Cramer <michael@bigmichi1.de>
Co-authored-by: Robert Christian <soulsymphonies@users.noreply.github.com>
Co-authored-by: André <andre.peters@debinux.de>
Co-authored-by: Niklas Meyer <niklas.meyer@tinc.gmbh>
2022-03-02 16:32:17 +01:00
Michael Gerdemann
b1314bd9a3
[dovecot] Fix delayed quarantine notification (#4470)
Fixes: #4469
2022-03-02 11:17:08 +01:00
André
6521ccd425
Update README.md 2022-02-27 10:06:52 +01:00
Niklas Meyer
89fdd1986d
Jan(moo)uary Update 2022 - Revision A (2022-01a) (#4445)
* [API] Fix minor issue in api docs

* [GH-Actions][stale] Add neverstale label to exempt list

* [Web] add github version tag

* [Web] add github version tag error handling

* Passwordless SOGo auth: support for calendar invitations and calendar/contacts subscriptions

Inviting someone to a calendar event triggers a request to /SOGo/so/otheruser@example.com/freebusy.ifb/ajaxRead. Subscribing to someone's calendar/contacts triggers a request to /SOGo/so/otheruser@example.com/foldersSearch. The email address in the URL is different from the logged-in user, which needs to be handled appropriately by sogo-auth.php.

* [Web] add github version tag - adjust css

* [Compose] Update SOGo Autoreply Schedule to 5m

Based on the advice of inverse (SOGo developer). Thanks to https://github.com/jmber

Closes: https://github.com/mailcow/mailcow-dockerized/issues/4436

* [Web] add github version tag - move twig globals

* [Web] add github version tag - missing </div>

* Passwordless SOGo auth: improvements for when accessing other users

* [WebAuthn] fido2 passwordless auth - fix (#4440)

* [WebAuthn] fido2 revert

* [WebAuthn] set UV flags to 'discouraged'

* [WebAuthn] revert - set UV flags to 'discouraged'

Co-authored-by: ntimo <git@nowitzki.me>
Co-authored-by: Peter <magic@kthx.at>
Co-authored-by: FreddleSpl0it <patschul@posteo.de>
Co-authored-by: FreddleSpl0it <75116288+FreddleSpl0it@users.noreply.github.com>
Co-authored-by: Michael Kuron <mkuron@users.noreply.github.com>
2022-02-01 15:26:48 +01:00
Peter
5a1ef72b82
[GH-Actions][stale] Add neverstale label to exempt list 2022-01-22 17:39:08 +01:00
Niklas Meyer
c0f2922eb0
[Readme] Added Twitter links
Merge pull request #4432 from DerLinkman/staging
2022-01-21 20:59:56 +01:00
Niklas Meyer
a624e32873
[Readme] Added Twitter links 2022-01-21 20:58:36 +01:00
Niklas Meyer
2f9da5ae93
🐄 Jan(moo)uary Update 2022 - The U2F --> WebAuthn (2FA) Update
Images which get a new tag (on docker hub):

unbound-mailcow (Tag 1.15)
acme-mailcow (Tag 1.81)
dockerapi-mailcow (Tag 1.41)
netfilter-mailcow (Tag 1.46)
watchdog-mailcow (Tag 1.96)
These docker tag changes include the Alpine Update to 3.15

clamd-mailcow (Tag 1.43)
sogo-mailcow (Tag 1.106)
olefy-mailcow (Tag 1.8.1)
dovecot-mailcow (Tag 1.159)
solr-mailcow (Tag 1.8.1)
Very important changes:

U2F API Removal --> Replaced with WebAuthn API (TFA) [More Details here] (Thanks to @FreddleSpl0it)
Important changes:

Dovecot Update to 2.3.17.1
SOGO Update to 5.5.0
ClamAV Update to 0.103.5 (DDOS Fix)
Solr Security Fix Fix (Removed breached log4j Class)
Alpine Linux Update to 3.15
Better Acme SSL Path recognition for Alpine Versions after 3.15 (Thanks to @mkuron) --> Fixing issue: Possible regression in acme-mailcow 1.80 #4392
Olefy Ping Fix (Will fix: Olefy 1.8 broken  #4401) (Thanks to @a16bitsysop for the Fix!)
Netfilter GeoIP Fix (Thanks to @marcvorwerk) --> Fixing issue: Netfilter Python error #2668
2022-01-21 14:54:31 +01:00
Kristian Feldsam
f4c9a6941a [Web] Updated lang.cs.json
Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
2022-01-21 14:18:20 +01:00
Niklas Meyer
355ea71877
Merge pull request #4428 from FreddleSpl0it/master
Migrating from U2F to WebAuthn for 2FA
2022-01-21 12:19:25 +01:00
Niklas Meyer
fac8d9d28a
[Netfilter] Update to Alpine 3.15 + GeoIP Fix
Added xtables-addon to netfilter container to handle iptables rules with geoip
**Commited by: @marcvorwerk**
2022-01-21 09:22:25 +01:00
FreddleSpl0it
af1b90fa18
[WebAuthn] rename env var 2022-01-20 14:37:20 +01:00
FreddleSpl0it
aaf5da240a
[WebAuthn] rename env var 2022-01-20 11:19:00 +01:00
Niklas Meyer
513588621d
[Compose] Update Netfilter Image to 1.46 2022-01-20 10:12:28 +01:00