lingble/archived-Mailu
1
0
Fork 0
mirror of https://github.com/lingble/Mailu.git synced 2026-03-20 03:50:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,636 Commits 113 Branches 122 Tags
f2bc441e9ef1e4e8d83803ff8ba10c33ea589334
Commit Graph

263 Commits

Author SHA1 Message Date
mergify[bot]
278bcfb13a Merge pull request #814 from Nebukadneza/fix_delimiter_alias 
Deliver mails to alias-stripped-of-delimeter, even if catchall exists
 2019-01-11 14:06:35 +00:00
Tim Möhlmann
8541ae2c46 Fix migration order after merge 2019-01-11 12:49:07 +02:00
mergify[bot]
99cd1d714b Merge pull request #799 from hoellen/fix-domain-negative-values-1 
don't allow negative values on domain creation/edit
 2019-01-11 09:57:15 +00:00
Tim Möhlmann
2567646f47 Merge branch 'master' into fix-domain-negative-values-1 2019-01-11 11:32:30 +02:00
Ionut Filip
50343f354e Merge remote-tracking branch 'upstream/master' into feat-psql-support 2019-01-11 11:21:22 +02:00
Dario Ernst
b8d1beed29 Simplify alias-wildcard detection to not consider actual % anymore 2019-01-10 23:06:56 +01:00
Dario Ernst
10d2601963 Unsimplify alias precedence handling 
As discussed with hoellen on matrix, since postfix indeed supports including
the recipient delimiter character in a verbatim alias, we should support so too
— and handle its precedence correctly. The clearer and simpler formulation of
the precedence-clauses are credit to @hoellen. Thanks!
 2019-01-10 17:30:11 +01:00
mergify[bot]
161394a774 Merge pull request #817 from hoellen/fix-fetch-passwordfield-1 
fix edit of fetched acc without changing password
 2019-01-10 11:10:46 +00:00
Dario Ernst
ac64a75743 Simplify alias precedence handling; Remove bogus changelog 2019-01-10 10:28:57 +01:00
hoellen
7247b4b10c Merge branch 'master' into fix-password-on-user-edit 2019-01-09 21:14:18 +01:00
hoellen
a59d5dad23 fix edit of fetched acc without changing password 2019-01-09 12:52:05 +01:00
hoellen
f08491dc46 fix forced password on user edit 2019-01-09 12:09:14 +01:00
Ionut Filip
2b0a2d561b Fix connection to mysql db 2019-01-09 12:53:59 +02:00
Dario Ernst
291f8a457b Deliver mails to alias-stripped-of-delimeter, even if catchall exists 
This fixes delivery to an alias minus recipient delimiter in cases where a
wildcard alias would also match. For example,
* foo@xxx.tld
* %@xxx.tld
Sending to foo+spam@xxx.tld would get eaten by the catchall before this fix.
Now, the order of alias resolution is made clearer.

closes #813
 2019-01-09 11:41:22 +01:00
hoellen
732b5fe161 change password field type in fetch creation/edit and add validators. 2019-01-08 19:44:27 +01:00
mergify[bot]
3b5f3af207 Merge pull request #778 from Nebukadneza/fix_recipient_delimiter 
Attempt stripping recipient delimiter from localpart
 2019-01-07 19:01:44 +00:00
Ionut Filip
9077bf7313 Merge remote-tracking branch 'upstream/master' into feat-psql-support 2019-01-07 16:29:50 +02:00
Ionut Filip
953aa04354 Added postgresql-libs to admin 2019-01-07 14:04:39 +02:00
Tim Möhlmann
561e2fda67 Merge remote-tracking branch 'upstream/master' into fix-favicon 2019-01-07 12:20:06 +02:00
hoellen
501ecf13c1 add migration script 2019-01-06 15:36:57 +01:00
Tim Möhlmann
a358b5305f Merge pull request #797 from Mailu/upgrade-pyyaml 
Upgrade PyYAML
 2019-01-06 15:56:18 +02:00
Tim Möhlmann
4f93e09028 Implement favicon package 
Credit to:
- https://stackoverflow.com/a/19590415/1816774
- https://realfavicongenerator.net/
 2019-01-06 15:49:40 +02:00
Tim Möhlmann
284d54190a Upgrade PyYAML to 4.2b4 2019-01-06 14:40:29 +02:00
hoellen
dda64fe91e allow to disable aliases or users for domains and don't allow negativ values on domain creation/edit 2019-01-05 13:52:13 +01:00
hoellen
8fe1e788b3 add missing route fixes 2019-01-04 21:18:51 +01:00
Tim Möhlmann
3c7bf58211 Upgrade PyYAML 
CVE-2017-18342
Vulnerable versions: < 4.2b1
Patched version: 4.2b1
In PyYAML before 4.1, the yaml.load() API could execute arbitrary code. In other words, yaml.safe_load is not used.
 2019-01-04 21:52:43 +02:00
hoellen
d5d4d6c337 harden email address validation and fix routes with user_email 2019-01-04 18:05:56 +01:00
Ionut Filip
01ec6e7bf3 Removed undefined function 2019-01-04 16:48:51 +02:00
mergify[bot]
d483ef3c2a Merge pull request #792 from hoellen/admin-broken-links-1 
fix broken webmail and logo url in admin
 2019-01-02 17:18:46 +00:00
Tim Möhlmann
74fe177297 Merge pull request #785 from TheLegend875/feat-displayed-name 
Feature: send auto reply with displayed name
 2019-01-02 19:14:17 +02:00
hoellen
f617e82c06 fix broken webmail and logo url in admin 2019-01-02 14:08:03 +01:00
Tim Möhlmann
4068c5b751 Versioning for mysqlclient and psycopg2 2018-12-31 18:22:24 +02:00
Tim Möhlmann
b2823c23b8 Merge remote-tracking branch 'upstream/master' into feat-psql-support 2018-12-31 18:20:39 +02:00
Tim Möhlmann
9eaeb80a27 Finalize merge with kaiyou/feat-multiple-db 2018-12-31 18:02:07 +02:00
TheLegend875
999d2a9557 changed default.sieve to send displayed name 2018-12-30 22:06:36 +01:00
TheLegend875
2954d84790 added necessary ui elements 2018-12-30 22:06:36 +01:00
TheLegend875
56f4d4c894 fixed auto-forward 2018-12-30 22:05:33 +01:00
TheLegend875
5bdbbf60d7 fixed display of username when not logged in 2018-12-28 19:30:23 +01:00
Dario Ernst
c2d45a47fe Attempt stripping recipient delimiter from localpart 
Since postfix now asks us for the complete email over podop, which
includes the recipient-delimiter-and-what-follows not stripped, we need
to attempt to find both the verbatim localpart, as well as the localpart
stripped of the delimited part ….

Fixes #755
 2018-12-27 16:31:59 +01:00
Tim Möhlmann
19df86f13f Merge pull request #764 from usrpro/fix-alias-bug 
Added regex validation for alias username
 2018-12-27 11:54:43 +02:00
Tim Möhlmann
af086bbdbe Include DKIM in VOLUME 2018-12-20 17:47:15 +02:00
Ionut Filip
8fc2846924 Added regex validation for alias username 2018-12-18 17:06:39 +02:00
Tim Möhlmann
3c4ee1b31e Merge pull request #743 from kaiyou/master 
Fixes #738 regarding application context
 2018-12-14 11:09:27 +02:00
ofthesun9
97b3a85090 Merge pull request #737 from hoellen/fix-alias-match-behaviour 
fix alias match behaviour
 2018-12-13 20:34:09 +01:00
mergify-bot
09a50b6cfc Merge branch 'master' into 'master' 2018-12-13 19:14:20 +01:00
kaiyou
4060ac2223 Remove some forgotten debugging 2018-12-13 15:19:34 +01:00
kaiyou
087841d5b7 Fix the way we handle the application context 
The init script was pushing an application context, which maked
flask.g global and persisted across requests. This was evaluated
to have a minimal security impact.

This explains/fixes #738: flask_wtf caches the csrf token in the
application context to have a single token per request, and only
sets the session attribute after the first generation.
 2018-12-13 14:23:17 +01:00
kaiyou
b5f51b0e2e Update python dependencies 2018-12-13 14:10:43 +01:00
kaiyou
8707b0fcd7 Use a dictionary of db connection string templates 2018-12-10 15:30:53 +01:00
kaiyou
19f18e2240 Lowercase relays as well as other tables 2018-12-10 15:16:30 +01:00