Commit graph

2517 commits

Author SHA1 Message Date
Brennan Kinney 1d2df8d499
fix: DB helper should properly filter entries (#3359)
Previously it was assumed the sed operation was applying the sed expressions as a sequence, but it did not seem to filter entries being looked up correctly.

Instead any line that matched either sed expression pattern was output (_value without matching key, values split by the delimiter_), then grep would match any of that causing false-positives.

Resolved by piping the first sed expression into the next.
2023-05-23 11:02:30 +12:00
georglauterbach da8d3654b8
add dispatch to scheduled build workflow 2023-05-15 20:36:08 +02:00
Georg Lauterbach e82f0f2527
ci: fix scheduled build permissions (#3345) 2023-05-15 20:35:00 +02:00
Georg Lauterbach 7453bc096b
Dovecot: make home dir distinct from mail dir (#3335)
* add new home dir for Dovecot

I tried changing the mail dir, but this is a _very_ disruptive change,
so I took approach 3 on
<https://doc.dovecot.org/configuration_manual/home_directories_for_virtual_users/>,
whereby the home directory is now inside the mail directory.

The MDBOX/SDBOX formats are not touched by this change. The change
itself could be considered breaking though.

* adjust Sieve tests accordingly

* Update target/dovecot/10-mail.conf

* Update target/dovecot/auth-passwdfile.inc

---------

Co-authored-by: Casper <casperklein@users.noreply.github.com>
2023-05-15 20:10:29 +02:00
Casper a72adc2731
Fix typos (#3344) 2023-05-15 19:11:36 +02:00
Andreas Perhab ec330a35a1
ClamAV: add a warning for the internal message size limit (#3341) 2023-05-15 15:46:13 +02:00
Georg Lauterbach a99ae786db
adjust antivirus.conf for Rspamd (#3331)
See #3320
2023-05-15 07:01:13 +02:00
Casper f794d10bb5
Update contributing (#3339) 2023-05-15 06:38:52 +02:00
Casper 7cc05581d1
docs: Restore missing edit button (#3338) 2023-05-14 23:54:53 +02:00
Casper 063b1bf51d
docs: Fix URL (#3337) 2023-05-14 23:09:07 +02:00
Georg Lauterbach 9fd00bd6ad
Rspamd: adjust learning of ham (#3334)
* adjust learning of ham

See #3333

When moving a mail from the Junk folder to the Trash folder, the mail
previously classified as ham due to the wildcard match of `*`. Because
the syntax does not allow for negation, we can only change the behavior
in a way that mails are learned as ham when they are moved into `INBOX`
from `Junk`. This is reasonable though.

* adjust tests accordingly

* adjust docs accordingly
2023-05-13 13:59:16 +02:00
Georg Lauterbach 78b7f0cbea
scripts: improve CLAMAV_MESSAGE_SIZE_LIMIT usage (#3332)
* add sanity check for Clam size & adjusted MaxScanSize

The second part is of special importance! See
<https://askubuntu.com/a/1448525>, which explains that the maximum scan
size is important as well. We previously just set the maximum file size,
which actually is pretty insecure as we silently not scan mile bigger
than `MaxScanSize`. This is corrected now.

* add SlamAV size configuration to Rspamd
2023-05-12 16:04:41 +02:00
georglauterbach 3340b80972
correct typo 2023-05-12 11:29:36 +02:00
Georg Lauterbach 05cd538fa9
ci: slim down bug report template (#3317)
* slim down bug report template and outsource note to documentation

---------

Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
2023-05-12 09:21:08 +00:00
ghnp5 823ef33a92
fix: typo about OpenDMARC (#3330)
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2023-05-11 18:10:51 +02:00
Georg Lauterbach e4274ef113
docs: improve Rspamd docs about DKIM signing of multiple domains (#3329)
* improve Rspamd docs

See #3326 & #3328

* improve warning message

See #3328
2023-05-11 18:08:54 +02:00
Georg Lauterbach 03c0b116c7
clear up confusion about override.d (#3325)
See https://github.com/docker-mailserver/docker-mailserver/issues/3323#issuecomment-1543636636
2023-05-11 13:33:32 +02:00
Georg Lauterbach 45361094e9
fix spelling mistakes (#3324) 2023-05-11 11:06:43 +02:00
Brennan Kinney 793e4026fc
chore(main.cf): Add note advising caution changing mydestination (#3316)
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
Co-authored-by: Casper <casperklein@users.noreply.github.com>
2023-05-10 23:23:02 +00:00
Georg Lauterbach 272c19c218
docs: update Rspamd docs (small improvement) (#3318) 2023-05-10 11:51:49 +02:00
Georg Lauterbach 595ff03804
Postfix: rename "smtps" to "submissions" (#3235) 2023-05-10 11:29:51 +02:00
Georg Lauterbach c461dabe9e
docs/misc: update to align with Docker Compose v2 (#3295)
* rename: `docker-compose.yml` => `compose.yaml`
* rename: `docker-compose` => `docker compose`
2023-05-10 11:02:44 +02:00
Georg Lauterbach 652bbd831f
release: v12.1.0 (#3305)
Co-authored-by: Casper <casperklein@users.noreply.github.com>
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
2023-05-10 10:20:46 +02:00
dependabot[bot] 9577ab5033
chore(deps): Bump peter-evans/create-pull-request from 5.0.0 to 5.0.1 (#3314) 2023-05-08 15:07:40 +02:00
Georg Lauterbach bba72daedf
scripts: add DKIM helper script for Rspamd (#3286)
Co-authored-by: Casper <casperklein@users.noreply.github.com>
2023-05-03 08:30:49 +02:00
Casper 423188176f
fail2ban: add 'log' command (#3299)
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2023-05-03 00:13:44 +02:00
georglauterbach 869caf35ec
ci: fix contributors workflow (again) (#3304) 2023-05-02 20:52:54 +02:00
Georg Lauterbach 2bdbe5d918
F2B: update F2B after discussion in #3256 (#3288) 2023-05-01 15:00:35 +02:00
Georg Lauterbach b6261c7387
remove unnecessary return 0 statements (#3290)
See <https://github.com/docker-mailserver/docker-mailserver/pull/3285#issuecomment-1521706729>
2023-04-29 10:55:54 +02:00
Brennan Kinney cd7d9b1977
update contributors.yml (#2227) 2023-04-29 09:03:18 +02:00
Georg Lauterbach bbc54c7139
docs: update FAQ entries (#3294)
* removed FAQ entry about Rancher, see <https://github.com/docker-mailserver/docker-mailserver/issues/3289#issuecomment-1521333815>
* update FAQ about special directories, see <https://github.com/docker-mailserver/docker-mailserver/issues/3289#issuecomment-1521333815>
2023-04-26 10:24:21 +02:00
Georg Lauterbach f9d55a9384
docs: update F2B docs & bind mount links (#3293) 2023-04-26 10:05:42 +02:00
dependabot[bot] 223c766320
chore(deps): Bump docker/metadata-action from 4.3.0 to 4.4.0 (#3287)
Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 4.3.0 to 4.4.0.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](https://github.com/docker/metadata-action/compare/v4.3.0...v4.4.0)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-24 15:02:26 +02:00
Georg Lauterbach 7e7497ae5a
scripts: apply fixes to helpers when using set -eE (#3285)
For an upcoming PR, these changes are required, because the script that
is using the helpers uses `set -eE`. This leads to situations where
errors are not properly handled in our helpers (yet; I plan on changing
that in the future).
2023-04-24 14:35:19 +02:00
Georg Lauterbach 449d53fc3f
docs/scripts: remove WIP warnings for Rspamd (#3283) 2023-04-23 15:14:36 +02:00
Georg Lauterbach cd1721334c
scripts: Rspamd stabilization pt. 2 (#3282)
* move modules adjustment file to new location

Because we link `/tmp/docker-mailserver/rspamd/override.d` to
`/etc/rspamd/override.d`, I think it makes sense to move the modules
adjustment file into `/tmp/docker-mailserver/rspamd/` as well.

I write the code in a way that it is backwards compatible for now, so
this is NOT a breaking change.

* minor improvement to `__rspamd__handle_user_modules_adjustments`

The expansion of `ARGUMENT3` is now done in a way that only adds the
whitespace in case the variable is set and not null.

* move test file structure to respect latest changes

Because we're now linking `rspamd/override.d/`, we can simplify the
setup a bit. But this requires a change in directory structure.

The current Rspamd test will be renamed to `rspamd_full.bats`, because I
plan on adding more tests in different files for different feature sets.
This is done to make this feature well-tested!

* improved and added tests to Rspamd-full

FYI: The line

```bats
_run_in_container grep 'sieve_global_extensions.*\+vnd\.dovecot\.pipe'
"${SIEVE_CONFIG_FILE}"
```

was testing a condition that should actually not be met, but when I
started working on this feature, I thought this was the correct
configuration. Adding the `assert_success` statements revealed this
wrong line.

I also added tests to check whether `override.d` is linked correctly.

* renamed: `rspamd.bats` => `rspamd_full.bats`

* added new tests for incomplete Rspamd feature set

We now test that warnings are emitted & features are disabled correctly.

* update documentation
2023-04-23 14:02:56 +02:00
Georg Lauterbach 638975922e
scripts: Rspamd stabilization pt. 1 (#3261)
* added checks whether OpenDKIM/OpenDMARC/policyd-spf are enabled
* added functions to check if VAR is 0/0 or an int

and also added tests.

I also adjusted the test file to not run in a container, because there
is no need. This also decreases test time, which, in turn, increases
maintainers' happiness.

* added more checks to Rspamd setup

I added the helpers from the previous commit to the Rspamd setup to make
the whole setup more robust, and indicate to the user that an ENV
variable's value is incorrect.

While we did not issues for this in the past, I believe it to be
worthwhile for the future.

* added canonical directory for users to place files in

This dir is canonical with DMS's optional configuration dirs, as it
lives in well-known volume mounts. Hence, users will not need to adjust
`/etc/rspamd/override.d` manually anymore, or mount a volume to this
place.

The docs explain this now, but the DKIM page needs a slight update on
this too I guess. I will follow-up here.

* misc minor improvements
* use variables for common directories
2023-04-23 12:22:54 +02:00
Georg Lauterbach 88cd244e47
scripts: misc improvements (#3281)
* corrected typo
* corrected indentation
2023-04-23 12:16:53 +02:00
Georg Lauterbach 1c9ed6ce32
docs: improve Rspamd docs (part of its stabilization) (#3257)
* revise links in docs
* added information about `soft_reject_on_timeout`
* added `ENABLE_POLICYD_SPF=0` to basic Rspamd setup docs
2023-04-21 12:21:20 +02:00
Andreas Perhab 2b330fdc49
scripts: remove superfluous EOF in dmarc_dkim_spf.sh (#3266)
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2023-04-20 09:52:07 +02:00
Georg Lauterbach 7371ba225f
ci: simplify bug_report.yml (#3276)
The extra checks for reading the code of conduct are now in one place; also removed a double-check on searching the docs and the issue tracker.
2023-04-19 11:21:21 +02:00
Georg Lauterbach aa3a175364
ci: update bug_report.yml (#3275) 2023-04-19 11:16:47 +02:00
Casper e10ca569f1
misc: make Fail2Ban log persistent (#3269) 2023-04-18 21:40:21 +00:00
Casper ea07bcdb4c
scripts: improve shutdown function by making PANIC_STRATEGY obsolete (#3265) 2023-04-18 23:38:46 +02:00
James a735dddc52
scripts: fix setting SRS_EXCLUDE_DOMAINS during startup (#3271) 2023-04-18 17:07:08 +02:00
Andreas Perhab 2f33f44f4a
postfix.sh: add missing -E for extended regexes in smtpd_sender_restrictions (#3272) 2023-04-18 11:08:19 +02:00
Georg Lauterbach 3f22cbce01
scripts: disallow alias = account (#3270) 2023-04-17 19:22:50 +02:00
Andreas Perhab 4b937fda5b
shellcheck: do not check .git folder (#3267) 2023-04-17 10:42:35 +02:00
Andreas Perhab 95c812346d
config-examples: update fail2ban config examples with current DMS default values (#3258)
Co-authored-by: Casper <casperklein@users.noreply.github.com>
2023-04-16 20:17:58 +00:00
Georg Lauterbach c8dfb9ac76
Posfix: add option to re-enable reject_unknown_client_hostname after #3248 (#3255) 2023-04-16 14:09:00 +02:00