Mike Ashley
486c3f1414
Replace OpenDKIM with Rspamd's dkim_signing module
- remove configuration of OpenDKIM
- remove OpenDKIM milter from postfix's configuration
- add configuration files for rpsamd's dkim module
- update the rspamd task
- update services in README
7 gadus atpakaļ
Mike Ashley
14615ae223
Switch to Rspamd for DMARC handling
- Remove OpenDMARC
- Configure Rspamd for DMARC handling
- Update services and how to set up DNS records in README
7 gadus atpakaļ
Mike Ashley
5e2c8c8a2d
Remove redundant greylisting
7 gadus atpakaļ
Mike Ashley
c9bb6dba92
Remove rmilter from mailserver configuration
Rmilter [is no longer
needed](https://rspamd.com/doc/quickstart.html#rmilter -setup) as of
Rspamd 1.6.
7 gadus atpakaļ
Carl Meyer
1a3d01f311
Complete rmilter/rspamd setup.
8 gadus atpakaļ
Carl Meyer
57982401a9
Pass {auth_type} to milters, fixing OpenDKIM signing of authenticated SMTP messages.
8 gadus atpakaļ
Mike Ashley
beaceafbd1
Update mailserver role to use LE certificate
9 gadus atpakaļ
Sven Neuhaus
d59c5eff05
Generate 2048 DH group and add it to Postfix
9 gadus atpakaļ
Sven Neuhaus
20bd80c599
Generate 2048 DH group and add it to Postfix
9 gadus atpakaļ
Alex Payne
ecaa4c2330
Partially working Rspamd replacement for dspam
9 gadus atpakaļ
Miloš Hadžić
d823ed0848
Use lmtp instead of lda for delivery.
9 gadus atpakaļ
Alex Payne
26d61c68a8
Implement OpenDMARC. Resolves #369 .
9 gadus atpakaļ
Sven Neuhaus
ac59435d6e
exclude SSLv3 for all TLS
to mitigate POODLE vulnerability
10 gadus atpakaļ
Sven Neuhaus
f338b1e15d
Postfix: Disable SSLv2 and SSLv3 for mandatory TLS connections
Postfix: Disable SSLv2 and SSLv3 for 'mandatory SSL' mode connections to completely mitigate the POODLE issue.
10 gadus atpakaļ
Michael West
aa2e1a0e74
Increase security of postfix smtp tls ciphers, that is sending email to other smtp servers using encryption
10 gadus atpakaļ
Alex Payne
e6bd0a08c2
Set `smtpd_relay_restrictions` to backwards compatible mode. Resolves #231 .
10 gadus atpakaļ
Thom Wiggers
6312286b64
Remove ahbl as it's being winded down
http://ahbl.org/content/changes-ahbl
Fixes #232
10 gadus atpakaļ
cji
015617c18c
Fixes issue #8
Fixes issue #8 . Adds new variable mail_header_privacy, on by default.
Installs postfix-pcre unconditionally, and then copies the pcre file
over and adds the header check to main.cf based on the variable value.
“this header replacement works great, but it logs that the replacement
has been done, which means that you are storing this information,
unless you are anonymizing your logs”
11 gadus atpakaļ
Shawn Sorichetti
da1b1ad685
Change database to PostgreSQL
Remove all configuration for MySQL and configure PostgreSQL as the main
database.
All *_mysql_* options have been changed to *_db_* options.
Postgres requires the database user to have a password in order to
connect via localhost. The db_admin_password option is used to set the
password of the admin user (usually postgres).
11 gadus atpakaļ
Alex Payne
d28f0f82b9
move to non-deprecated template variable formatting
11 gadus atpakaļ
PajamaSoft
54648a8f39
Enable Roundcube's managesieve plugin or server-side filters
These are the changes necessary to enable Roundcube's manage sieve plugin to mange server-side sieve filters.
Signed-off-by: PajamaSoft <support@pajamasoft.com >
11 gadus atpakaļ
Luke Cyca
e46ad018ba
Improved test suite, rewritten in python
Added friendly_networks variable to denote whitelisted networks
11 gadus atpakaļ
Luke Cyca
194f587f3a
dsbl.org is no longer operating
11 gadus atpakaļ
Luke Cyca
369b90925a
Move DNSBL to postscreen (fixes #45 )
11 gadus atpakaļ
Luke Cyca
85bbbd7d02
Increase message size limit to 50MB (from default of 10MB)
11 gadus atpakaļ
Luke Cyca
5497f31fb9
Set postfix origin to correctly deliver mail for local users
(such as root's cron errors)
11 gadus atpakaļ
Luke Cyca
ca8a371320
Use combined cert for postfix, dovecot, and znc
Fix CAcert usage in postfix and dovecot
11 gadus atpakaļ
Bertrand Cachet
fbd5deb4ea
Fix Postfix TLS configuration
Fix Postfix configuration file to link to correct SSL certificate locations
11 gadus atpakaļ
Luke Cyca
ed6245a2f2
smtpd should provide full cert chain, and smtp should verify certs against known CAs
11 gadus atpakaļ
Alex Payne
080d38986c
first commit
11 gadus atpakaļ