public/mailcow-dockerized
1
0
Fork 0
mirror of https://github.com/mailcow/mailcow-dockerized.git synced 2026-01-30 09:07:19 +00:00
Code Issues Releases Wiki Activity
7,430 Commits 38 Branches 83 Tags
978bff9dbc26fb01f5a006d68091f8b001dcc919
Commit Graph

1425 Commits

Author SHA1 Message Date
FreddleSpl0it
869d9af7dd Merge pull request #6901 from mailcow/renovate/phpredis-phpredis-6.x 
chore(deps): update dependency phpredis/phpredis to v6.3.0
 2026-01-27 08:05:58 +01:00
FreddleSpl0it
af10499ecb Merge pull request #6927 from mailcow/renovate/imagick-imagick-3.x 
chore(deps): update dependency imagick/imagick to v3.8.1
 2026-01-27 08:04:51 +01:00
FreddleSpl0it
a1a4d8ff98 Merge pull request #6947 from mailcow/renovate/krakjoe-apcu-5.x 
chore(deps): update dependency krakjoe/apcu to v5.1.28
 2026-01-27 08:04:24 +01:00
Copilot
038b2efb75 Add MTA-STS support for alias domains (#6972) 
* Initial plan

* Add MTA-STS support for alias domains

Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com>

* Improve domain normalization and code style in mta-sts.php

Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com>

* Add error handling for idn_to_ascii in mta-sts.php

Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com>

* Add database error handling for alias domain query

Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com>

* Add ACME certificate support for MTA-STS on alias domains

Query alias_domain table to find aliases with MTA-STS enabled target domains and request certificates for mta-sts.<alias-domain> subdomains.

Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com>

* compose: bump image tag to 1.95

* Add MTA-STS DNS records display for alias domains in UI

When viewing an alias domain's DNS diagnostics, check if the target domain has MTA-STS enabled and display the required DNS records for the alias domain.

Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com>
Co-authored-by: DerLinkman <niklas.meyer@servercow.de>
 2025-12-15 16:29:21 +01:00
DerLinkman
b6f57dfb78 rspamd: update to 3.14.2 2025-12-12 14:06:49 +01:00
DerLinkman
67e7acd6bd rspamd: upgrade to 3.14.1, trixie rebuild + bcc forwarded hosts fix (#6958) 
* rspamd: fix bcc + subadress handling when using forward hosts

* rspamd: build against trixie + use version 3.14.1
 2025-12-11 09:45:56 +01:00
renovate[bot]
01cf72cdef chore(deps): update dependency phpredis/phpredis to v6.3.0 
Signed-off-by: milkmaker <milkmaker@mailcow.de>
 2025-12-10 10:41:54 +00:00
renovate[bot]
1bd795a9c6 chore(deps): update dependency krakjoe/apcu to v5.1.28 
Signed-off-by: milkmaker <milkmaker@mailcow.de>
 2025-12-10 10:41:42 +00:00
renovate[bot]
39f29e6c30 chore(deps): update dependency imagick/imagick to v3.8.1 
Signed-off-by: milkmaker <milkmaker@mailcow.de>
 2025-12-10 10:41:38 +00:00
DerLinkman
dbb9e474b0 pf-tlspol: upgrade to 1.8.22 (#6951) 
* postfix-tlspol: upgrade to 1.8.20

* pf-tlspol: update to 1.8.22
 2025-12-09 13:25:50 +01:00
Josh
0413d26855 Allow making spam aliases permanent (#6888) 
* Allow making spam aliases permanent

* added german translation

* updated Spamalias Twig + Rename in Spam Alias

* compose: update image tags to align to vendor version

---------

Co-authored-by: DerLinkman <niklas.meyer@servercow.de>
 2025-11-13 16:05:01 +01:00
Peter
7313f996d3 Update to trixie (#6907) 2025-11-13 15:16:00 +01:00
DerLinkman
62d16c9e56 compose: changes cronjobs to regular cron syntax + fixed sogo creds for cronjobs (#6866) 
* cron: restructure cron timer to time on second (instead of random)

* dovecot: fix clearance for cron.creds file
 2025-11-13 14:59:49 +01:00
Claas Flint
1b833be760 Replace pigz with zstd for backup compression (#6897) 
* Replace pigz with zstd for backup compression

This change replaces pigz (parallel gzip) with zstd (Zstandard) as the
compression algorithm for mailcow backups while maintaining full backward
compatibility with existing .tar.gz backups.

Benefits:
- Better compression ratios (12-37% improvement in tests)
- Improved compression speed with modern algorithm
- Maintains rsyncable functionality for incremental backups
- Full backward compatibility for restoring old .tar.gz backups
- Wide industry adoption and active development

Changes:
- Backup compression: pigz --rsyncable -p → zstd --rsyncable -T
- Backup decompression: pigz -d -p → zstd -d -T
- File extensions: .tar.gz → .tar.zst
- Added get_archive_info() function for intelligent format detection
- Updated backup Dockerfile to install zstd alongside pigz
- Restore function now auto-detects and handles both formats
- Updated FILE_SELECTION regex to recognize both .tar.zst and .tar.gz
- Updated comments to reflect new file extension

Backward Compatibility:
- Restore automatically detects .tar.zst (preferred) or .tar.gz (legacy)
- Existing .tar.gz backups can still be restored without issues
- pigz remains installed in backup image for legacy support
- Graceful fallback if backup file format not found

Testing:
- Added comprehensive test suite (test_backup_and_restore.sh)
- 12 automated tests covering all scenarios:
  * Backup creation (both formats)
  * Restore (both formats)
  * Format detection and priority
  * Error handling (missing files, empty dirs)
  * Content integrity verification
  * Multi-threading configuration
  * Large file compression (8.59 MB realistic data)

Test Results:
✓ zstd compression working
✓ pigz compression working (legacy)
✓ zstd decompression working
✓ pigz decompression working (backward compatible)
✓ Archive detection working
✓ Content integrity verified
✓ Format priority correct (.tar.zst preferred)
✓ Error handling for missing files
✓ Error handling for empty directories
✓ Multi-threading configuration verified
✓ Large file compression: 37.05% improvement
✓ Small file compression: 12.18% improvement

* move testing script into development folder

---------

Co-authored-by: DerLinkman <niklas.meyer@servercow.de>
 2025-11-12 10:06:36 +01:00
DerLinkman
ec472f13cf sogo: removed URLDecrpytion by default, make it configurable in sogo.conf 2025-11-12 09:50:41 +01:00
FreddleSpl0it
980bfa3aa0 Merge pull request #6696 from mailcow/renovate/krakjoe-apcu-5.x 
chore(deps): update dependency krakjoe/apcu to v5.1.27
 2025-10-10 14:07:24 +02:00
FreddleSpl0it
664a954393 Merge pull request #6798 from mailcow/renovate/php-pecl-mail-mailparse-3.x 
chore(deps): update dependency php/pecl-mail-mailparse to v3.1.9
 2025-10-10 14:07:05 +02:00
FreddleSpl0it
f47df263d7 [Rspamd] Update to 3.13.2 2025-10-10 13:04:01 +02:00
DerLinkman
417835dea8 netfilter: improve logging and mark iptables-legacy as deprecated 2025-10-09 16:37:05 +02:00
renovate[bot]
dd160cd508 Update dependency php/pecl-mail-mailparse to v3.1.9 
Signed-off-by: milkmaker <milkmaker@mailcow.de>
 2025-09-30 13:42:36 +00:00
FreddleSpl0it
9940c503a2 [Nginx] do not invert ENABLE_IPV6 2025-09-22 14:16:42 +02:00
FreddleSpl0it
610609378f [SOGo][Web] Set URL encryption key in mailcow.conf 2025-09-22 12:58:05 +02:00
FreddleSpl0it
260906e350 [SOGo][Web] Enable SOGo URL Encryption 2025-09-22 12:28:09 +02:00
FreddleSpl0it
0d900d4fc8 [SOGo] Drop deprecated sogo_update_password sql trigger if it still exists 2025-09-11 11:01:50 +02:00
FreddleSpl0it
1c438330c6 [postfix-tlspol] build with NOOPT=1 for wider CPU compatibility 2025-09-10 10:14:37 +02:00
FreddleSpl0it
221f2989b0 Merge pull request #6698 from mailcow/6644_clamd-tmp-folder-naming-change 
Changed clamavs tmp folder structure
 2025-09-09 13:12:54 +02:00
FreddleSpl0it
8c8497d885 [Rspamd] only recreate external_services.conf file if it was deleted 2025-09-09 12:50:19 +02:00
FreddleSpl0it
56d083ced4 Merge pull request #6682 from psuet/fix/imapsync 
fix: imapsync gets correct timeouts from imapsync_runner.pl
 2025-09-09 12:34:02 +02:00
DerLinkman
34877ecf9c watchdog: added postfix-tlspol check (#6691) 2025-09-03 08:18:04 +02:00
Peter
48e90a72dc Changed clamavs tmp folder structure 2025-08-29 18:27:34 +02:00
renovate[bot]
6dc90186f9 chore(deps): update dependency krakjoe/apcu to v5.1.27 
Signed-off-by: milkmaker <milkmaker@mailcow.de>
 2025-08-29 16:22:28 +00:00
maxi322
5e66ffa366 watchdog: use dig instead of check_dns (#6685) 
* watchdog: use dig instead of check_dns

check_dns is slower and uses more system resources,
dig wrapped in a script is a more performant approach and uses
fewer system resources

* added debug mode + compose image bump

---------

Co-authored-by: maxi322 <maxi322@users.noreply.github.com>
Co-authored-by: DerLinkman <niklas.meyer@servercow.de>
 2025-08-28 12:56:37 +02:00
DerLinkman
1cb38bacdb Postfix: Split TLSPol companion app into separate container (#6688) 
* postfix: split postfix-tlspol service into new container

* postfix-tls-pol: added debug mode

* pf-tlspol: removed obsoleted standalone conf from Dockerfiles

* pf-tlspol: use git instead of wget
 2025-08-28 10:18:18 +02:00
DerLinkman
3826c4b5be fix postfix tlspol missing folders for config 2025-08-26 10:10:16 +02:00
DerLinkman
c39712af67 pf/php: add mta-sts support (outbound) (#6686) 
* added mta-sts-resolver into postfix config + daemon

* [Web] Add MTA-STS support

* [Web] Fix mta-sts server_name

* updated .gitignore

* [ACME] fetch cert for mta-sts subdomain

* [Web] change MTA-STS id to human-readable timestamp

* [Web] Remove MTA-STS version STSv2

* [Web] Fix MTA-STS DNS check

* [Web] add max_age limit for MTA-STS policy

* Added tooltips and info texts to mta-sts webui page

* postfix: replace mta-sts-resolver with postfix-tlspol

---------

Co-authored-by: FreddleSpl0it <75116288+FreddleSpl0it@users.noreply.github.com>
 2025-08-26 09:57:05 +02:00
Paul Sütterlin
53c35493a5 fix: imapsync gets correct timeouts 
Previously imapsync only attached the timeout1 / timeout2 arguments if the argument was negative (which is not even possible). Now the argument is added for every positive number.

Fixes #6590
 2025-08-21 18:36:01 +00:00
Christoph Lechleitner
2b2da1679e [DB][Web] optimize qhandler by keeping SHA2 in new column qhash (#6556) 
* [DB][Web] optimize qhandler by keeping SHA2(id+qid) in new column quarantine.qhash, for feature #6555, might also help with #6361

* rspamd: only add qhash to new entries while passing rspamd not all existing

* compose: bump dovecot image + push to registry

---------

Co-authored-by: DerLinkman <niklas.meyer@servercow.de>
 2025-08-06 16:02:25 +02:00
DerLinkman
88bf9b02e1 core: modules splitting + ipv6 nat rewrite (#6634) 
* ipv6: added ipv6 detection + removed ip6 nat container

* nginx: renamed DISABLE_IPv6 to ENABLE_IPV6 to align

* initial commit for script overhauls

* rewrite to scripts after testing (improved error handling)

* fixed missing fi in update.sh

* fixed/added comments for modules

* fix broken EXIT_CODE var handling

* added jq as dependancy

* fixed docker version check for daemon

* improved _modules handling while running

* reintegrated module loading (update.sh)

* added error handling for blank daemon.json

* adapted removal of ACME_CONTACT for nightly

* move detect_major_update func to core submodule

* removed unnecessary message on every call of function

* Update _modules/scripts/new_options.sh

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update _modules/scripts/core.sh

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* improve ENABLE_IPV6 check in nginx bootstrap

* improve detection of ENABLE_IPV6

* ip6_controller: moved docker major detection upwards

* Update _modules/scripts/new_options.sh

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update _modules/scripts/new_options.sh

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* reuse DOCKER_MAJOR Variable in ip6_controller

* fix some smaller typos in update.sh

* smaller bugfixes in submodules

* completely remove ACME_CONTACT Variable

---------

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-08-06 08:36:40 +02:00
renovate[bot]
3803b5d351 Update dependency php-memcached-dev/php-memcached to v3.3.0 (#6638) 
Signed-off-by: milkmaker <milkmaker@mailcow.de>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-08-06 08:35:14 +02:00
renovate[bot]
14d58c8163 Update dependency phpredis/phpredis to v6.2.0 (#6639) 
Signed-off-by: milkmaker <milkmaker@mailcow.de>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-08-06 08:34:53 +02:00
renovate[bot]
728fcdb375 Update dependency tianon/gosu to v1.17 (#6640) 
Signed-off-by: milkmaker <milkmaker@mailcow.de>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-08-06 08:34:30 +02:00
renovate[bot]
1fc36263dc chore(deps): update dependency krakjoe/apcu to v5.1.26 (#6656) 
Signed-off-by: milkmaker <milkmaker@mailcow.de>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-08-06 08:33:41 +02:00
Markus Machatschek
69420113f7 rspamd: update rspamd to 3.12.1 (#6643) 
* rspamd: update rspamd to 3.12.1

* compose: correct rspamd tag + pushed image

---------

Co-authored-by: DerLinkman <niklas.meyer@servercow.de>
 2025-08-06 08:33:11 +02:00
Denis Evers
95eb350f15 [netfilter] fix negative timer, no unbanning of IPs (#6575) 
* [netfilter] added debug logs and updated autopurge

* updated "Allow/Blacklist" terms

* netfilter: bumped compose version

* netfilter: changed black/whitelist terms in code

---------

Co-authored-by: Denis Evers <git@evers.sh>
Co-authored-by: DerLinkman <niklas.meyer@servercow.de>
 2025-07-16 10:08:55 +02:00
FreddleSpl0it
02557b2098 Merge pull request #6631 from mailcow/fix/jinja2-rendering 
[Dovecot] Use Jinja2 sandbox for rendering quota and quarantine notif…
 2025-07-15 07:38:20 +02:00
FreddleSpl0it
ec6dbb099a [ACME] Remove deprecated ACME_CONTACT variable 2025-07-02 10:37:23 +02:00
FreddleSpl0it
2fbbbbe9a9 [Dovecot] Use Jinja2 sandbox for rendering quota and quarantine notifications 2025-07-02 08:59:29 +02:00
FreddleSpl0it
8ff0e029f0 Merge pull request #6398 from marvinruder/feat/skip-olefy 
feat(olefy): Allow disabling Olefy
 2025-05-08 15:34:51 +02:00
renovate[bot]
a370499aaa Update dependency Imagick/imagick to v3.8.0 (#6480) 2025-04-11 08:30:54 +02:00
FreddleSpl0it
e452917de9 [SOGo] Show mailcow Settings Button to SOGoSuperUsers 2025-03-31 12:14:43 +02:00