sovereign

Autor	SHA1	Mensagem	Data
Thomas Buck	ee0f739b1d	Lots of updates, first test of VPN.	5 anos atrás
Thomas Buck	781a660162	dont send DMARC reports to ourselves	5 anos atrás
Thomas Buck	14c4c800ba	Minimal config with only mail and web and git hosting. So disable z-push backend CalDav and CardDav integration for now.	5 anos atrás
Thomas Buck	50ca2d19b2	Remove indices from mailserver SQL schema and added send-only users.	5 anos atrás
Thomas Buck	f17f41b536	use mail as dkim selector. explicitely give keysize. add localhost to sasl exceptions.	5 anos atrás
Thomas Buck	2d359819a2	Similar log settings for all apache virtual hosts	5 anos atrás
Thomas Buck	f7094f17dd	Generate mail autoconfig for all domains and put them in well-known too	5 anos atrás
Thomas Buck	7b8f15528d	Fix a bunch of broken http->https redirects and make them always temporary	5 anos atrás
Thomas Buck	db6a0571a6	Newer Dovecot won't start with SSLv2 in config	5 anos atrás
Thomas Buck	5a900bb33a	Use Z-Push from official upstream repos. Configure imap, caldav, carddav backends properly for nextcloud. Using Z-Push Autodiscover.	5 anos atrás
Thomas Buck	9411373c5b	Cleanup postfix task. Move password hashing into top level config file.	5 anos atrás
Thomas Buck	7096fec015	don't keep extra var for organization thats not really needed.	5 anos atrás
Thomas Buck	e452e31e42	Rename mail_virtual_domains to only virtual_domains, will later also use for web.	5 anos atrás
Thomas Buck	31afcaa7b9	Remove encfs and call directory data instead of decrypted	5 anos atrás
John Giannelos	351addffd7	Force https on mail autoconfig apache vhost.	8 anos atrás
Mike Ashley	486c3f1414	Replace OpenDKIM with Rspamd's dkim_signing module - remove configuration of OpenDKIM - remove OpenDKIM milter from postfix's configuration - add configuration files for rpsamd's dkim module - update the rspamd task - update services in README	7 anos atrás
Mike Ashley	14615ae223	Switch to Rspamd for DMARC handling - Remove OpenDMARC - Configure Rspamd for DMARC handling - Update services and how to set up DNS records in README	7 anos atrás
Mike Ashley	5e2c8c8a2d	Remove redundant greylisting	7 anos atrás
Mike Ashley	c9bb6dba92	Remove rmilter from mailserver configuration Rmilter [is no longer needed](https://rspamd.com/doc/quickstart.html#rmilter-setup) as of Rspamd 1.6.	7 anos atrás
Arjen Verstoep	46b234929a	Correct configuration of imap plugins	7 anos atrás
Aaron D Borden	2bde2afb53	Use postmaster@ for DMARC reports	7 anos atrás
Aleksandr Bogdanov	f5a38fec63	Implementing password hashing for ircbouncer and mailserver inside password_hash filter plugin	7 anos atrás
Mike Ashley	166c57f045	Use submission port for client outgoing email Currently client email is submitted via ssmtp (port 465). This has been deprecated for years. The correct way to submit email is via submission (port 587). This patch adds port 587 as a second and the default way of submitting email for delivery. Port 465 remains open for backwards compatibility with existing clients.	8 anos atrás
Carl Meyer	1a3d01f311	Complete rmilter/rspamd setup.	8 anos atrás
Carl Meyer	d46fb1521b	Make OpenDMARC cron job email root only on error.	8 anos atrás
Carl Meyer	57982401a9	Pass {auth_type} to milters, fixing OpenDKIM signing of authenticated SMTP messages.	8 anos atrás
Mike Ashley	beaceafbd1	Update mailserver role to use LE certificate	9 anos atrás
Mike Ashley	4c830e1b07	Override opendmarc defaults This patch restores sovereign's configuration of opendmarc.	8 anos atrás
Mike Ashley	1bc60827ef	Revert opendmarc to use mysql An earlier commit started transitioning opendmarc to use postgres, but this was incomplete. This patch reverts that change and uses mysql for the reporting database. Other changes: * Do not maintain a copy of the database import schema. A copy is included in the distribution in /usr/share/doc, so that is used instead. * The configuration file is replaced with the distribution's sample configuration. A second patch will restore the actual configuration. This will make the changes easier to see if the default configuraton file changes in future versions of opendmarc.	8 anos atrás
Mike Ashley	d3abc02f84	Clean up Apache SSL configuration Avoid using the Include directive. Move most of the SSL configuration to the global configuration and leave enabling the SSL engine to each virtual host that wants to use it.	8 anos atrás
Sven Neuhaus	d59c5eff05	Generate 2048 DH group and add it to Postfix	9 anos atrás
Sven Neuhaus	20bd80c599	Generate 2048 DH group and add it to Postfix	9 anos atrás
Alex Payne	ecaa4c2330	Partially working Rspamd replacement for dspam	9 anos atrás
Alex Payne	58a4532fe7	Better permission handling for OpenDMARC. Resolves #400.	9 anos atrás
Alex Payne	417403f534	Use {{ mail_server_hostname }} over mail.servername Resolves #402.	9 anos atrás
Miloš Hadžić	d823ed0848	Use lmtp instead of lda for delivery.	9 anos atrás
Will McCutchen	16b66cc849	Define apache SSL config in one place	9 anos atrás
Alex Payne	26d61c68a8	Implement OpenDMARC. Resolves #369.	9 anos atrás
Sven Neuhaus	a088d9c456	Use "modern" SSLCipherSuite per Mozilla recommendations. See https://wiki.mozilla.org/Security/Server_Side_TLS for details. Removes RC4 cipher. Fixes issue #341. Also explicitly disabled SSLCompression and enables OCSP stapling. We should put all these settings in /etc/apache2/mods-enabled/ssl.conf to avoid duplication...	9 anos atrás
Sven Neuhaus	ac59435d6e	exclude SSLv3 for all TLS to mitigate POODLE vulnerability	10 anos atrás
Sven Neuhaus	f338b1e15d	Postfix: Disable SSLv2 and SSLv3 for mandatory TLS connections Postfix: Disable SSLv2 and SSLv3 for 'mandatory SSL' mode connections to completely mitigate the POODLE issue.	10 anos atrás
Mike Ashley	cf5d98c505	Correct SMTP port number	10 anos atrás
Patrick O'Doherty	6f6fc6a90f	Disable SSLv3 in all Apache vhosts	10 anos atrás
Lorenzo Villani	8959f1c183	Add support for Thunderbird automatic configuration Resolves #114	10 anos atrás
Michael West	aa2e1a0e74	Increase security of postfix smtp tls ciphers, that is sending email to other smtp servers using encryption	10 anos atrás
Alex Payne	e6bd0a08c2	Set `smtpd_relay_restrictions` to backwards compatible mode. Resolves #231.	10 anos atrás
Thom Wiggers	6312286b64	Remove ahbl as it's being winded down http://ahbl.org/content/changes-ahbl Fixes #232	10 anos atrás
James Ravn	46eabbedd7	Limits z-push sync to 3 months This prevents timeouts when trying to sync very large mailboxes. By default, z-push attempts to get headers for all messages in a folder.	10 anos atrás
Allen Riddell	9a6cbcd925	Quote password substitution (may contain spaces)	10 anos atrás
Cameron Rudnick	0493e9b57e	Allow # in mail_db_password I had a # in my mail_db_password and spent the last 2 hours trying to figure out why I couldn't connect by IMAP. A # is only allowed if the connect string is wrapped in quotes.	10 anos atrás

Primeira Anterior 1 2 Próximo Última

79 Commits (7c5537b78de36ec16ba2d084fa88d6c070a575c6)