1. 20 Jul, 2015 5 commits
    • David Piggott's avatar
      s/email/address/ in aliases UI variable names · 123ac4fd
      David Piggott authored
      This makes the frontend consistent with the backend.
      123ac4fd
    • David Piggott's avatar
      Fix remove-alias button breakage · 423bb8e3
      David Piggott authored
      423bb8e3
    • David Piggott's avatar
    • David Piggott's avatar
      Add support for bidirectional mail alias controls · 3fdfad27
      David Piggott authored
      This is an extension of #427. Building on that change it adds support in the
      aliases table for flagging aliases as:
       1. Applicable to inbound and outbound mail.
       2. Applicable to inbound mail only.
       3. Applicable to outbound mail only.
       4. Disabled.
      
      The aliases UI is also updated to allow administrators to set the direction of
      each alias.
      
      Using this extra information, the sqlite queries executed by Postfix are
      updated so only the relevant alias types are checked.
      
      The goal and result of this change is that outbound-only catch-all aliases can
      now be defined (in fact catch-all aliases of any type can be defined).
      
      This allow us to continue supporting relaying as described at
      https://mailinabox.email/advanced-configuration.html#relay
      without requiring that administrators either create regular aliases for each
      outbound *relay* address, or that they create a catch-all alias and then face a
      flood of spam.
      
      I have tested the code as it is in this commit and fixed every issue I found,
      so in that regard the change is complete. However I see room for improvement
      in terms of updating terminology to make the UI etc. easier to understand.
      I'll make those changes as subsequent commits so that this tested checkpoint is
      not lost, but also so they can be rejected independently of the actual change
      if not wanted.
      3fdfad27
    • Joshua Tauberer's avatar
      bug in new secondary nameservers · d3bbc0ec
      Joshua Tauberer authored
      forgot a 'continue' statement
      see 216acb0e
      fixes #497
      d3bbc0ec
  2. 19 Jul, 2015 6 commits
  3. 18 Jul, 2015 2 commits
  4. 17 Jul, 2015 4 commits
  5. 13 Jul, 2015 2 commits
  6. 11 Jul, 2015 2 commits
  7. 10 Jul, 2015 3 commits
  8. 09 Jul, 2015 1 commit
  9. 06 Jul, 2015 2 commits
    • anoma's avatar
      Ultra safe dovecot findtime and maxretry settings · e591d908
      anoma authored
      Explicitly set the timings and counts for the dovecot jail rather than change the global [DEFAULT] and inherit it for this one jail. These settings are far too safe so a future PR should increase security here.
      e591d908
    • anoma's avatar
      Revert to defaults FAIL2BAN findtime and maxretry · b6f26c0f
      anoma authored
      Reverts the remaining FAIL2BAN settings to default: findtime 600 and maxretry 3. As jail settings override default settings this was hardly being used anyway so it is better to explicitly set it per jail as and when required.
      b6f26c0f
  10. 04 Jul, 2015 2 commits
  11. 03 Jul, 2015 4 commits
    • Joshua Tauberer's avatar
      v0.12 · b503ea1c
      Joshua Tauberer authored
      --------------------
      
      This is a minor update to v0.11, which was a major update. Please read v0.11's advisories.
      
      * The administrator@ alias was incorrectly created starting with v0.11. If your first install was v0.11, check that the administrator@ alias forwards mail to you.
      * Intrusion detection rules (fail2ban) are relaxed (i.e. less is blocked).
      * SSL certificates could not be installed for the new automatic 'www.' redirect domains.
      * PHP's default character encoding is changed from no default to UTF8. The effect of this change is unclear but should prevent possible future text conversion issues.
      * User-installed SSL private keys in the BEGIN PRIVATE KEY format were not accepted.
      * SSL certificates with SAN domains with IDNA encoding were broken in v0.11.
      * Some IDNA functionality was using IDNA 2003 rather than IDNA 2008.
      b503ea1c
    • Joshua Tauberer's avatar
      091c2e45
    • Joshua Tauberer's avatar
      update changelog · 0a78d1d2
      Joshua Tauberer authored
      0a78d1d2
    • Joshua Tauberer's avatar
      ff4780d5
  12. 02 Jul, 2015 7 commits