Compare commits
10 Commits
4e3294b273
..
master
| Author | SHA1 | Date | |
|---|---|---|---|
 nico
|
93d5f592cb | ||
 Ashitaka
|
e8d9315d4a | ||
|
DerLinkman
|
d977ddb501 | ||
|
DerLinkman
|
e76f5237ed | ||
|
Copilot
|
c11ed5dd1e | ||
|
DerLinkman
|
4ef65fc382 | ||
|
DerLinkman
|
dbb9e474b0 | ||
|
Khurram Malik
|
f8eed8c786 | ||
|
DerLinkman
|
ef010aa39c | ||
|
milkmaker
|
79171ea6f5 |
+1
-1
@@ -5,7 +5,7 @@ First of all, thank you for wanting to provide a bugfix or a new feature for the
|
||||
|
||||
As we want to keep mailcow's development structured we setup these Guidelines which helps you to create your issue/pull request accordingly.
|
||||
|
||||
**PLEASE NOTE, THAT WE WILL CLOSE ISSUES/PULL REQUESTS IF THEY DON'T FULLFIL OUR WRITTEN GUIDELINES WRITTEN INSIDE THIS DOCUMENT**. So please check this guidelines before you propose a Issue/Pull Request.
|
||||
**PLEASE NOTE, THAT WE WILL CLOSE ISSUES/PULL REQUESTS IF THEY DON'T FULFILL OUR WRITTEN GUIDELINES WRITTEN INSIDE THIS DOCUMENT**. So please check this guidelines before you propose a Issue/Pull Request.
|
||||
|
||||
## Topics
|
||||
|
||||
|
||||
@@ -4,7 +4,7 @@ WORKDIR /src
|
||||
ENV CGO_ENABLED=0 \
|
||||
GO111MODULE=on \
|
||||
NOOPT=1 \
|
||||
VERSION=1.8.14
|
||||
VERSION=1.8.22
|
||||
|
||||
RUN git clone --branch v${VERSION} https://github.com/Zuplu/postfix-tlspol && \
|
||||
cd /src/postfix-tlspol && \
|
||||
|
||||
@@ -1,19 +1,33 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDBDCCAe6gAwIBAgIQeJMoL/3dxhxhT9EwuRTL/DALBgkqhkiG9w0BAQswEjEQ
|
||||
MA4GA1UEChMHbWFpbGNvdzAeFw0xNjEyMTMxMDExMDBaFw0xOTExMjgxMDExMDBa
|
||||
MC0xEDAOBgNVBAoTB21haWxjb3cxGTAXBgNVBAMTEG1haWwuZXhhbXBsZS5vcmcw
|
||||
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRg0xT3At9DSb3H5OMp3K1
|
||||
MpXAgYyotSK6TS61fC0QEHy2fMXiws7Agcye6Ln7CG63Fe1eN2jkdlefy9xJivS8
|
||||
y5w0M8i168v5znzC8fnylL2iOiSYfK/B/oEqfU7YH4RcegO53oDDIUZmi4Frgnu7
|
||||
39VVOU1ZyHEVqGJ2H2aAIkoZRjGzumD9Ym4LWGidtKJzBgFt/qmhUeWXipM8w281
|
||||
XkQnJU79+x2ywnJSvEZ3r/ZVJC7kbjiVw+/k15k9Cxk6Ik8wmJ0X/+xWxoZomHQI
|
||||
1LM0VKAS/iaU95dn2bplvL6jTiiyWAbrMjSKs4XbPt/fIbOicNkj6+CFy0MVfyyH
|
||||
AgMBAAGjPzA9MA4GA1UdDwEB/wQEAwIAqDAdBgNVHSUEFjAUBggrBgEFBQcDAgYI
|
||||
KwYBBQUHAwEwDAYDVR0TAQH/BAIwADALBgkqhkiG9w0BAQsDggEBAI/jBJa1P8nB
|
||||
eHUN5muQmjBVDVOYyWAAEapOe2HYsBcpjaB2H8Iw3DQzJtz6peYeYSCmHRVqFLCm
|
||||
VPrq36l9mPUotyPDPlQQAxCj9R2+WbGaJO+N/E1F8FQ94dr3jqwUyfjVPoqEjmIH
|
||||
NFkvbA0RJOeBm9oYGdhM0wjOBV9c9MTHFG82nQ/zQeTuPb7GXuKIOXYCxoLNOZMw
|
||||
UJ02Cqjv5ImrgOhcstAKX3Ip0urSvZUGvtPla4CGh+M6yDFJ08GzX6OiMIH207RW
|
||||
jAbUXXERSUv/7hysdDjGo5HZjCeMzVu9KAxoZXqnmvkk8g2swKWtWBRcoeU1VGx0
|
||||
Bx4Q4KMjuYQ=
|
||||
MIIFuzCCA6OgAwIBAgIUKHIENbIlha9HgCSBg5LdDBWYGqowDQYJKoZIhvcNAQEL
|
||||
BQAwbTELMAkGA1UEBhMCREUxDDAKBgNVBAgMA05SVzEQMA4GA1UEBwwHV2lsbGlj
|
||||
aDEQMA4GA1UECgwHbWFpbGNvdzEQMA4GA1UECwwHbWFpbGNvdzEaMBgGA1UEAwwR
|
||||
bWFpbC5ieWhhaWRlci5kZXYwHhcNMjYwMTA2MTczMDUxWhcNMjcwMTA2MTczMDUx
|
||||
WjBtMQswCQYDVQQGEwJERTEMMAoGA1UECAwDTlJXMRAwDgYDVQQHDAdXaWxsaWNo
|
||||
MRAwDgYDVQQKDAdtYWlsY293MRAwDgYDVQQLDAdtYWlsY293MRowGAYDVQQDDBFt
|
||||
YWlsLmJ5aGFpZGVyLmRldjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
|
||||
AL7fr9RFCXCjpL3VV9f7ZEOHiO+9V7EHsWfr5T+WJY8oPnNNFmXgBH0X+g/dJZFn
|
||||
C2cXfF7oHyirXQeceQOLjFWgiAM2WmkMk+avIxs5p6UcY9d6utchTDzb4tSj91B8
|
||||
ZFlErPkZujOxNDdsNhlll+iqce5l3WsJY/lI5HaRDCYWANNK0Zv2dZ2d+9STCILx
|
||||
y/FqEHKoUTsEC9UHXCcT4RehbUynYEv8QZNLlz1n55tx+Q4A12Vx+ymVc6J0xH+m
|
||||
VCwuywn3Ji46+27jT1aHtKrA+2DRhzBskPTPxjowJHmOoem1zQXzBIaSZ2QI2yxV
|
||||
vhAA1f+La7+VlyoS7JlS3mSvl5f/8EYCHa03tppotVuH5OEchO54z/RE7ThtoitL
|
||||
djGNGYk8giq/PGgCma3ZTpZDJhQY0mTTS49KQkSnwmzWjW4ATfxe9uTpbnJ09hU6
|
||||
WSxe8E6mUe409wkXMdJzuvtXfacsQBVst1WdjRFJtsvVq7pU2J0B1yNmsCU1hxwP
|
||||
kD3WEB/bGiRdxOtZKgTAnHid2R964s0kk5oxpNl4qqiTxYXmvjRS63iy8iD/D43h
|
||||
V/M0Pz9k7moEGyxiHc0NiHbJRQW201FhIAoZEmiFJOOnpjMMCbUhXU3kdSXCE+AC
|
||||
PCqqv6kXUWxSGS2AZuvvDtR6/Fzd9XlcNHFNXfmWTpZDAgMBAAGjUzBRMB0GA1Ud
|
||||
DgQWBBSD4wzq+HvtYbOe31NBJQhhWknvyzAfBgNVHSMEGDAWgBSD4wzq+HvtYbOe
|
||||
31NBJQhhWknvyzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQBW
|
||||
zg3lvh4bC/SaNQ5nvhiRMP4CAG7+FjAVdvk7iJbOyW+EZ6957ygvuulG0LllgZCc
|
||||
o9IpCw8+ZeaEVylEmgnvZOT6vr+JFdzvjHfNXGh/sJaSD258DmiJGKH1mJ6BE6wV
|
||||
I77kbBZvATUF2Hyurzmcj4B/a1MawwWmWfQmI4AfKiSQxSn2tIXyQ57L4UTw+TG6
|
||||
e6kcg1G6O9us7RE1s7N5ykGLXOHVhv0XizaQV24jS97U1Isb/DFcNgtgm2NmU4pP
|
||||
ru87ZxeLWH3xYxaXxVjO8p7p7EPaDekSW9lxDlsxCcz3c4foLWzWTyzd2dmV9Vx3
|
||||
cbAsKDLDN+OzYPCc8W5qFMP8jctPx6KW1z9Sb2s5ig8X56Z5vTH3Xwoiom5czg5S
|
||||
Cs1BKIpvns3QAwGZT1DvajjtWZ1tiuvC1YY1kgcwyzt951JRXP4MNsxU4JZ8UMtQ
|
||||
Ml0tQHMnVfs+LosELnxZl0kzqdeU/nc4yfpTfxsrISz/20UxHBb0EvQdXGMdfff5
|
||||
KjjpolMnPgBsjazlH9RR51Qa+j1LqWcnCmjbWkm3UH/XJHuMM0XU6kjLAfeoIUMd
|
||||
tgJlUABWl8mP6UfY6SpocEHaEvD/JH5PVezTJvx2hZ1RvK1/H0X6QhgBO/J7BMhm
|
||||
cDyUnIzUriwEixUVY9B31y0iKcI5u18s3DQcJ28J0w==
|
||||
-----END CERTIFICATE-----
|
||||
|
||||
@@ -1,27 +1,52 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpAIBAAKCAQEA0YNMU9wLfQ0m9x+TjKdytTKVwIGMqLUiuk0utXwtEBB8tnzF
|
||||
4sLOwIHMnui5+whutxXtXjdo5HZXn8vcSYr0vMucNDPItevL+c58wvH58pS9ojok
|
||||
mHyvwf6BKn1O2B+EXHoDud6AwyFGZouBa4J7u9/VVTlNWchxFahidh9mgCJKGUYx
|
||||
s7pg/WJuC1honbSicwYBbf6poVHll4qTPMNvNV5EJyVO/fsdssJyUrxGd6/2VSQu
|
||||
5G44lcPv5NeZPQsZOiJPMJidF//sVsaGaJh0CNSzNFSgEv4mlPeXZ9m6Zby+o04o
|
||||
slgG6zI0irOF2z7f3yGzonDZI+vghctDFX8shwIDAQABAoIBAQC9kiLnIgxXGyZt
|
||||
pmmYdA6re1jatZ2zLSp+DcY8ul3/0hs195IKCyCOOSQPiR520Pt0t+duP46uYZIJ
|
||||
aakp9gxaI5Vz+oMacH/AyaBDuDTj1Mf9WMSyIOfbDVCMRJOppGLcVh62+Gfjp2EO
|
||||
+h2hTJBuvypFkbK2kVIZOaHVpbXWKw1oYuEcTftk9XfxxvfSMw1HQ12/P2CAcbaa
|
||||
jPmVbisunv6kpXtewSBTcaLSYWJf1MYD5Hi8fzkD2FJSXYbfQd8RKvT2rj6FA7ux
|
||||
CDMzbYhdnd7lc63OARCIjfCRNtDT1cZ3gR1CQHD98lWxmPQIZukv+w7s/bSrFgnQ
|
||||
ROZ0ghBJAoGBAOmE/3d5FDmp0aJNxXynKcRGdpEEM4O40RIdqa2eR6Pa7aTRosao
|
||||
z0qVgdFuJrqjlB3jgedxXEX1M0abCUzzM9Q5F7JLl+KsjwRwpkIOkPiyUncLp7LK
|
||||
QbY3tvYBIdpjlF1USOMGRL4j11hqr4vQC/yPBF7jj81kCZDTbmZhp82jAoGBAOWu
|
||||
ql5QFUOlmqkuWIAFkiLEZhOu+ptqkE+zG50CCGMJIX0dJ2PHXFyNGInomAeT0nbI
|
||||
pbnK3x7KeEKiGrAqZFNCTHhApTwkrIj0L/RQbMDZ7u7j1AEUVNFEhIm62kg84FtG
|
||||
xtfxVxredE+NQc/tyV3hXegdNZxegALirlcMKIvNAoGAWFwIxk48Ru1o8z72QQqH
|
||||
lUsMRicOzwK5qV8r+xPvC6MlVL42F3F8rj4QFwzU/r4yp3SUjNyqC5aSRl8Xj9Re
|
||||
gijwPHi6Cf09SHLPliMo29GtvnnchJxfbPF7+23GP3p6gy4HPk/65u9s5nnH3uFk
|
||||
B7ad8sGsgg0eSXyXQ4okEn0CgYEAnogPuedGthlxBgMiPMMbmfm7hyyId4t3Ljuu
|
||||
/JExnsHnpobf8EPjoVIWNOIhRWGnrCtUEEhR9tvDZCKljyDDfKBPTdU496lMmX8K
|
||||
NnToi7gg7iy84T3aSVMktDgPgDrclMPmbZh8CeSvnVUfrtgu3Ci4+4Rlw5eKffNe
|
||||
aGDQ/6UCgYAbUq9mRT2WOXIo+Dchi9VzDWgtfOw5VEyqkSpb7hPiIYx5jNaENnVK
|
||||
cAi3iqbBgPJBuMlTrKmmaxdmssGOEZNJLuuXLDbCU+f5cpu5PQ4crC6UtRI5rlhp
|
||||
8Yc+oiv3HWbSw3sVRpMFB6NP4DnvgFW3B2Wdfb/lNzPCKWqBsX7gWw==
|
||||
-----END RSA PRIVATE KEY-----
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQC+36/URQlwo6S9
|
||||
1VfX+2RDh4jvvVexB7Fn6+U/liWPKD5zTRZl4AR9F/oP3SWRZwtnF3xe6B8oq10H
|
||||
nHkDi4xVoIgDNlppDJPmryMbOaelHGPXerrXIUw82+LUo/dQfGRZRKz5GbozsTQ3
|
||||
bDYZZZfoqnHuZd1rCWP5SOR2kQwmFgDTStGb9nWdnfvUkwiC8cvxahByqFE7BAvV
|
||||
B1wnE+EXoW1Mp2BL/EGTS5c9Z+ebcfkOANdlcfsplXOidMR/plQsLssJ9yYuOvtu
|
||||
409Wh7SqwPtg0YcwbJD0z8Y6MCR5jqHptc0F8wSGkmdkCNssVb4QANX/i2u/lZcq
|
||||
EuyZUt5kr5eX//BGAh2tN7aaaLVbh+ThHITueM/0RO04baIrS3YxjRmJPIIqvzxo
|
||||
Apmt2U6WQyYUGNJk00uPSkJEp8Js1o1uAE38Xvbk6W5ydPYVOlksXvBOplHuNPcJ
|
||||
FzHSc7r7V32nLEAVbLdVnY0RSbbL1au6VNidAdcjZrAlNYccD5A91hAf2xokXcTr
|
||||
WSoEwJx4ndkfeuLNJJOaMaTZeKqok8WF5r40Uut4svIg/w+N4VfzND8/ZO5qBBss
|
||||
Yh3NDYh2yUUFttNRYSAKGRJohSTjp6YzDAm1IV1N5HUlwhPgAjwqqr+pF1FsUhkt
|
||||
gGbr7w7Uevxc3fV5XDRxTV35lk6WQwIDAQABAoICABuiJsKEfClih6c0C9OpAYsF
|
||||
RD3xG5D1nCl/bWEXS7i+CsyGjIeTNxMlNX62dYnncS8rp0XWNSyeIonHjX2F5ns/
|
||||
EnHknJI4z/DFyj9WyX6N7aZ0jjg3CeKFswE1+8gbOivyVVh68QoqzXR4phxnKOb2
|
||||
RihNdxDX+zFL7Ed+GFQrO1NbsZzywXRgOuU7pC/Q8cWxpU/0Lk5s94mP1zeRGTVi
|
||||
mYBPexGFI7k/aFXrhQxsI7JzTLvTFJmgmW0bmpcgbW84Fw0KSuzGfUBAiGvumale
|
||||
5wXNT9Ui4pmOuxQRhDZU//vl5hjGZhFVgMJqxdBVWX7XoCOu+5pw/cGJm9dWt/t7
|
||||
dmDSUXqVgwJUa6K7ExEZlo3c+zfRYTcyYHtDnODoGm2NiLoBcGiVw5vkxao8Ug5V
|
||||
CEbADHwqkkx3+vNgihqND94DZx0itqMKdY7VaoD6EcKI3wHPsP9DwbP5kVtjLvVc
|
||||
PWeL3tCy1j7RXgTNmuhGw4nBQAMIiPPLY5Hr6PZ1GHFf6dLI69QYvePZVJhcibTM
|
||||
t2GJKyGU1QCNDhd+13p1UE5RNs+7cgEw7h2FHAwNGXLdiG/gxPF0iGca06YVU8C+
|
||||
8SJBVG4qkdhpT6tL6AtXpOeBwBLkiykm+7bXs3gLPVEtYs1rTqWbJ3SsCD1zQEwI
|
||||
xxKIwzaX6KrkraLgWBeBAoIBAQDwNAIh72ihHsm20OGqfY0Bw23X8jZu4M/cTeFT
|
||||
HJx8DjboewFQhbeSyCOYF/uRkG4/BNhqirGm6A88WgTgzqxfOIYqR/f35GtvpJve
|
||||
bfIMpDlbiJS4wL4KQHV+rPkgny2CeESJt1JAwbEKIkpi8qNYq5QUSZTHFaykjctE
|
||||
+0xEeqQz9wkE4I1q1D+5LzCfrpYNt4xYYUv1PFzs+rVsplOIdI8g9aRPsZVU1Wee
|
||||
m7TeVs1hCQLAkF0fsAXGvGojcrl0NFquWxX0uaP+vqLdNAiccoRaIbkWjNtahUis
|
||||
Q+6O/qxjRI0gIz4Dj00EcBm4aNEiZ4Dt7J5OH0wshD2iGl/1AoIBAQDLbS7jHyrl
|
||||
l+6G/v/LAz3+Xo0THSqILfCB4r/lolwqnxWgIf86tPLKj2t5kv3GVPcK29e7k1me
|
||||
1NkjuVGZQnRLBE9bSA2ii6C7LOEVod37jjAHP7irAlKTKMTwAsXGhqLKledZZ50j
|
||||
I1vYJKyvhBt9+hdx8OnHmWofLvF7Qso7yeCjhc48k3bhL8qDQnIZ91itKId2xyaH
|
||||
OwiLgCSPts5weeC295e47SK/siKgFiMElTkQNXF+P1bjuIsbTl3saOT57M3vQB/S
|
||||
SBlj7jKQieopahmT6gSNPbsB0bP7Mz3lfzV23GHz1TmyxeNpe/YqnyAGeVtLZo16
|
||||
5El2h4G6fdJXAoIBAQChQmlEGxRlRuQpJea6rPtjea5e0a+VlLw3rNlfENBFwM1A
|
||||
GoRxaLQriM3MqB0uRoadLEWWkXJfGWBRJiYsPtQeQTZhYFurQuCV3S7/j1R3BDG1
|
||||
r+YYet2ayFeZKcs/CV5mPxPUWQyRiPewVAEYmMjtGJObYyLM3VJATyluMD+toaBn
|
||||
eqvFaHPIiqIVUwcTzQPURaulEf0KsPG57z6pqKhf7dDBUehz0Ebu4y5jnyk4M5JC
|
||||
WOhOGx1JzsSx/YBMOBMlXpiagXAmEhN1TMrOMsatMXyFfipiZ0JEbUKy1BBuU6+s
|
||||
HTOZpc9WWHheSFwcH9J3hIFcOgS1cfGT2Vv/XjGZAoIBAQCdVqBaOKQUGlP6A8bS
|
||||
PXq4gGb67qcT1vxbaYbk1JQWvx6Z0VG4FXZoJ0+II6G2wcallm4gfZJmn9gmolIz
|
||||
iMurrfS29F7fZsF1o/ufoKexxkLtiGKLmetGONVBkdNofn/w0sqyQsqt/84sugj6
|
||||
Y+JjqIhzr1MR9122KrfJj1odrkHaGEbwYVokR7OJnF3mKYJjw6Iqw1PQal9sjjs5
|
||||
ELpREmM1AQFPndIvlFblnNmO1N/i4oMak2DgFr846n8IuATKLVcGgoFaQjupJ/Xi
|
||||
B1memJqZ5fmJSMKYYJqlYvevxpkSitgUIMpUtGv1DVTTmGnLuBddlT8+Ws1bKOm0
|
||||
1VZXAoIBAQDLy0s9u1XpfPncBe3rjJdTJ9QgzCi6kn2LUbCDsZ/hW3EKuruEc/7U
|
||||
aSxZSV9Qlm/nYp+m+A0Z1Y9T/k81iepnPMMxCM8Ks5oaip+fghyCdqWrJWVaecRY
|
||||
ZCCakyZJCNon9EuTY83C6R7TR0MakH9BUhHjjDZbuTKxjKQdv4sI7aphdogruMd1
|
||||
I3VyEDw90HJWcC4X9ya5n/Wxthmi4PetBMWLsck0XC8/wMzJxZOY5mCe6rypkYRY
|
||||
RN8We8ELCvJIB0SmRPrCUrDg1jbJCk0cn7YN6RGjujKHW/wId0HdvTfUzLp59uyW
|
||||
2MdNtnj3qRxFTim0Q9nr5L+oC5Me/QxZ
|
||||
-----END PRIVATE KEY-----
|
||||
|
||||
@@ -174,3 +174,29 @@ lmtp_destination_recipient_limit=1
|
||||
|
||||
# DO NOT EDIT ANYTHING BELOW #
|
||||
# Overrides #
|
||||
|
||||
postscreen_dnsbl_sites = wl.mailspike.net=127.0.0.[18;19;20]*-2
|
||||
hostkarma.junkemailfilter.com=127.0.0.1*-2
|
||||
list.dnswl.org=127.0.[0..255].0*-2
|
||||
list.dnswl.org=127.0.[0..255].1*-4
|
||||
list.dnswl.org=127.0.[0..255].2*-6
|
||||
list.dnswl.org=127.0.[0..255].3*-8
|
||||
bl.spamcop.net*2
|
||||
bl.suomispam.net*2
|
||||
hostkarma.junkemailfilter.com=127.0.0.2*3
|
||||
hostkarma.junkemailfilter.com=127.0.0.4*2
|
||||
hostkarma.junkemailfilter.com=127.0.1.2*1
|
||||
backscatter.spameatingmonkey.net*2
|
||||
bl.ipv6.spameatingmonkey.net*2
|
||||
bl.spameatingmonkey.net*2
|
||||
b.barracudacentral.org=127.0.0.2*7
|
||||
bl.mailspike.net=127.0.0.2*5
|
||||
bl.mailspike.net=127.0.0.[10;11;12]*4
|
||||
zen.spamhaus.org=127.0.0.[10;11]*8
|
||||
zen.spamhaus.org=127.0.0.[4..7]*6
|
||||
zen.spamhaus.org=127.0.0.3*4
|
||||
zen.spamhaus.org=127.0.0.2*3
|
||||
|
||||
# User Overrides
|
||||
myhostname = mail.byhaider.dev
|
||||
|
||||
|
||||
@@ -814,6 +814,32 @@ function verify_hash($hash, $password) {
|
||||
$hash = $components[4];
|
||||
return hash_equals(hash_pbkdf2('sha1', $password, $salt, $rounds), $hash);
|
||||
|
||||
case "PBKDF2-SHA512":
|
||||
// Handle FreeIPA-style hash: {PBKDF2-SHA512}10000$<base64_salt>$<base64_hash>
|
||||
$components = explode('$', $hash);
|
||||
if (count($components) !== 3) return false;
|
||||
|
||||
// 1st part: iteration count (integer)
|
||||
$iterations = intval($components[0]);
|
||||
if ($iterations <= 0) return false;
|
||||
|
||||
// 2nd part: salt (base64-encoded)
|
||||
$salt = $components[1];
|
||||
// 3rd part: hash (base64-encoded)
|
||||
$stored_hash_b64 = $components[2];
|
||||
|
||||
// Decode salt and hash from base64
|
||||
$salt_bin = base64_decode($salt, true);
|
||||
$hash_bin = base64_decode($stored_hash_b64, true);
|
||||
if ($salt_bin === false || $hash_bin === false) return false;
|
||||
// Get length of hash in bytes
|
||||
$hash_len = strlen($hash_bin);
|
||||
if ($hash_len === 0) return false;
|
||||
|
||||
// Calculate PBKDF2-SHA512 hash for provided password
|
||||
$test_hash = hash_pbkdf2('sha512', $password, $salt_bin, $iterations, $hash_len, true);
|
||||
return hash_equals($hash_bin, $test_hash);
|
||||
|
||||
case "PLAIN-MD4":
|
||||
return hash_equals(hash('md4', $password), $hash);
|
||||
|
||||
|
||||
@@ -1992,6 +1992,7 @@ if (isset($_GET['query'])) {
|
||||
break;
|
||||
case "cors":
|
||||
process_edit_return(cors('edit', $attr));
|
||||
break;
|
||||
case "identity-provider":
|
||||
process_edit_return(identity_provider('edit', $attr));
|
||||
break;
|
||||
|
||||
@@ -410,7 +410,8 @@
|
||||
"iam_host_info": "Saisissez un ou plusieurs hôtes LDAP, séparés par des virgules.",
|
||||
"iam_import_users": "Importer des utilisateurs",
|
||||
"filter": "Filtrer",
|
||||
"needs_restart": "nécessite un redémarrage"
|
||||
"needs_restart": "nécessite un redémarrage",
|
||||
"iam": "Fournisseur d'identité"
|
||||
},
|
||||
"danger": {
|
||||
"access_denied": "Accès refusé ou données de formulaire non valides",
|
||||
@@ -1375,7 +1376,9 @@
|
||||
"overview": "Vue d'ensemble",
|
||||
"expire_never": "Ne jamais expirer",
|
||||
"forever": "Pour toujours",
|
||||
"spam_aliases_info": "Un alias de spam est une adresse de courriel temporaire qui peut être utilisée pour protéger les véritables adresses de courriel. <br> De manière optionnelle, une durée d'expiration peut être définie afin que l'alias soit automatiquement désactivé après la période définie, éliminant ainsi les adresses étant abusées ou ayant fuité."
|
||||
"spam_aliases_info": "Un alias de spam est une adresse de courriel temporaire qui peut être utilisée pour protéger les véritables adresses de courriel. <br> De manière optionnelle, une durée d'expiration peut être définie afin que l'alias soit automatiquement désactivé après la période définie, éliminant ainsi les adresses étant abusées ou ayant fuité.",
|
||||
"authentication": "Authentification",
|
||||
"protocols": "Protocoles"
|
||||
},
|
||||
"warning": {
|
||||
"cannot_delete_self": "Impossible de supprimer l’utilisateur connecté",
|
||||
|
||||
@@ -144,7 +144,7 @@
|
||||
|
||||
<form action="/" method="post" id="logout"><input type="hidden" name="logout"></form>
|
||||
|
||||
{% if ui_texts.ui_announcement_text and ui_texts.ui_announcement_active and not is_root_uri %}
|
||||
{% if ui_texts.ui_announcement_text and ui_texts.ui_announcement_active and not is_root_uri and mailcow_cc_username %}
|
||||
<div class="container mt-4">
|
||||
<div class="alert alert-{{ ui_texts.ui_announcement_type }}">{{ ui_texts.ui_announcement_text }}</div>
|
||||
</div>
|
||||
|
||||
+75
-13
@@ -1,5 +1,20 @@
|
||||
services:
|
||||
|
||||
certdumper:
|
||||
image: ghcr.io/kereis/traefik-certs-dumper:latest
|
||||
container_name: traefik_certdumper
|
||||
restart: unless-stopped
|
||||
network_mode: none
|
||||
command: --restart-containers mailcow_postfix-mailcow_1,mailcow_dovecot-mailcow_1
|
||||
volumes:
|
||||
- ../traefik/certs/:/traefik/certs/:ro
|
||||
# - traefik_certs:/traefik:ro # Traefik Zertifikate einhängen
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
- ./data/assets/ssl:/output:rw
|
||||
environment:
|
||||
- DOMAIN=domain.com
|
||||
- ACME_FILE_PATH=/traefik/certs/cloudflare-acme.json # Dateipfad zur acme Datei
|
||||
|
||||
unbound-mailcow:
|
||||
image: ghcr.io/mailcow/unbound:1.24
|
||||
environment:
|
||||
@@ -71,7 +86,9 @@ services:
|
||||
unbound-mailcow:
|
||||
condition: service_healthy
|
||||
dns:
|
||||
- ${IPV4_NETWORK:-172.22.1}.254
|
||||
# - ${IPV4_NETWORK:-172.22.1}.254
|
||||
- 1.1.1.1
|
||||
- 8.8.8.8
|
||||
environment:
|
||||
- TZ=${TZ}
|
||||
- SKIP_CLAMD=${SKIP_CLAMD:-n}
|
||||
@@ -110,7 +127,9 @@ services:
|
||||
restart: always
|
||||
hostname: rspamd
|
||||
dns:
|
||||
- ${IPV4_NETWORK:-172.22.1}.254
|
||||
# - ${IPV4_NETWORK:-172.22.1}.254
|
||||
- 1.1.1.1
|
||||
- 8.8.8.8
|
||||
networks:
|
||||
mailcow-network:
|
||||
aliases:
|
||||
@@ -148,7 +167,9 @@ services:
|
||||
- ./data/assets/templates:/tpls:z
|
||||
- ./data/conf/nginx/:/etc/nginx/conf.d/:z
|
||||
dns:
|
||||
- ${IPV4_NETWORK:-172.22.1}.254
|
||||
# - ${IPV4_NETWORK:-172.22.1}.254
|
||||
- 1.1.1.1
|
||||
- 8.8.8.8
|
||||
environment:
|
||||
- REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
|
||||
- REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
|
||||
@@ -220,7 +241,9 @@ services:
|
||||
- REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
|
||||
- REDISPASS=${REDISPASS}
|
||||
dns:
|
||||
- ${IPV4_NETWORK:-172.22.1}.254
|
||||
# - ${IPV4_NETWORK:-172.22.1}.254
|
||||
- 1.1.1.1
|
||||
- 8.8.8.8
|
||||
volumes:
|
||||
- ./data/hooks/sogo:/hooks:Z
|
||||
- ./data/conf/sogo/:/etc/sogo/:z
|
||||
@@ -258,7 +281,9 @@ services:
|
||||
- netfilter-mailcow
|
||||
- redis-mailcow
|
||||
dns:
|
||||
- ${IPV4_NETWORK:-172.22.1}.254
|
||||
# - ${IPV4_NETWORK:-172.22.1}.254
|
||||
- 1.1.1.1
|
||||
- 8.8.8.8
|
||||
cap_add:
|
||||
- NET_BIND_SERVICE
|
||||
volumes:
|
||||
@@ -321,7 +346,7 @@ services:
|
||||
ofelia.job-exec.dovecot_clean_q_aged.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu vmail /usr/local/bin/clean_q_aged.sh || exit 0\""
|
||||
ofelia.job-exec.dovecot_maildir_gc.schedule: "0 */30 * * * *"
|
||||
ofelia.job-exec.dovecot_maildir_gc.command: "/bin/bash -c \"source /source_env.sh ; /usr/local/bin/gosu vmail /usr/local/bin/maildir_gc.sh\""
|
||||
ofelia.job-exec.dovecot_sarules.schedule: "0 0 0 * * *"
|
||||
ofelia.job-exec.dovecot_sarules.schedule: "@every 24h"
|
||||
ofelia.job-exec.dovecot_sarules.command: "/bin/bash -c \"/usr/local/bin/sa-rules.sh\""
|
||||
ofelia.job-exec.dovecot_fts.schedule: "0 0 0 * * *"
|
||||
ofelia.job-exec.dovecot_fts.command: "/bin/bash -c \"/usr/local/bin/gosu vmail /usr/local/bin/optimize-fts.sh\""
|
||||
@@ -374,7 +399,9 @@ services:
|
||||
- "${SUBMISSION_PORT:-587}:587"
|
||||
restart: always
|
||||
dns:
|
||||
- ${IPV4_NETWORK:-172.22.1}.254
|
||||
# - ${IPV4_NETWORK:-172.22.1}.254
|
||||
- 1.1.1.1
|
||||
- 8.8.8.8
|
||||
networks:
|
||||
mailcow-network:
|
||||
ipv4_address: ${IPV4_NETWORK:-172.22.1}.253
|
||||
@@ -382,7 +409,7 @@ services:
|
||||
- postfix
|
||||
|
||||
postfix-tlspol-mailcow:
|
||||
image: ghcr.io/mailcow/postfix-tlspol:1.0
|
||||
image: ghcr.io/mailcow/postfix-tlspol:1.8.22
|
||||
depends_on:
|
||||
unbound-mailcow:
|
||||
condition: service_healthy
|
||||
@@ -397,7 +424,9 @@ services:
|
||||
- DEV_MODE=${DEV_MODE:-n}
|
||||
restart: always
|
||||
dns:
|
||||
- ${IPV4_NETWORK:-172.22.1}.254
|
||||
# - ${IPV4_NETWORK:-172.22.1}.254
|
||||
- 1.1.1.1
|
||||
- 8.8.8.8
|
||||
networks:
|
||||
mailcow-network:
|
||||
aliases:
|
||||
@@ -421,7 +450,9 @@ services:
|
||||
- rspamd-mailcow
|
||||
image: ghcr.io/mailcow/nginx:1.05
|
||||
dns:
|
||||
- ${IPV4_NETWORK:-172.22.1}.254
|
||||
# - ${IPV4_NETWORK:-172.22.1}.254
|
||||
- 1.1.1.1
|
||||
- 8.8.8.8
|
||||
environment:
|
||||
- HTTPS_PORT=${HTTPS_PORT:-443}
|
||||
- HTTP_PORT=${HTTP_PORT:-80}
|
||||
@@ -453,11 +484,34 @@ services:
|
||||
ports:
|
||||
- "${HTTPS_BIND:-}:${HTTPS_PORT:-443}:${HTTPS_PORT:-443}"
|
||||
- "${HTTP_BIND:-}:${HTTP_PORT:-80}:${HTTP_PORT:-80}"
|
||||
expose:
|
||||
- 8080
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.http.routers.mailcow-autodiscover.entrypoints=websecure
|
||||
- traefik.http.routers.mailcow-autodiscover.rule=Host(`autodiscover.byhaider.dev`) && Path(`/autodiscover/autodiscover.xml`)
|
||||
- traefik.http.routers.mailcow-autodiscover.tls.certresolver=cloudflare
|
||||
- traefik.http.routers.mailcow-autodiscover.service=mailcow-svc
|
||||
|
||||
- traefik.http.routers.mailcow-autoconfig.entrypoints=websecure
|
||||
- traefik.http.routers.mailcow-autoconfig.rule=Host(`autoconfig.byhaider.dev`)&& Path(`/mail/config-v1.1.xml`)
|
||||
- traefik.http.routers.mailcow-autoconfig.tls.certresolver=cloudflare
|
||||
- traefik.http.routers.mailcow-autoconfig.service=mailcow-svc
|
||||
|
||||
- traefik.http.routers.mailcow.entrypoints=websecure
|
||||
- traefik.http.routers.mailcow.rule=Host(`mail.byhaider.dev`)
|
||||
- traefik.http.routers.mailcow.tls=true
|
||||
- traefik.http.routers.mailcow.tls.certresolver=cloudflare
|
||||
- traefik.http.routers.mailcow.service=mailcow-svc
|
||||
|
||||
- traefik.http.services.mailcow-svc.loadbalancer.server.port=8080
|
||||
- traefik.docker.network=traefik-network
|
||||
restart: always
|
||||
networks:
|
||||
mailcow-network:
|
||||
aliases:
|
||||
- nginx
|
||||
traefik-network:
|
||||
|
||||
acme-mailcow:
|
||||
depends_on:
|
||||
@@ -467,7 +521,9 @@ services:
|
||||
condition: service_healthy
|
||||
image: ghcr.io/mailcow/acme:1.94
|
||||
dns:
|
||||
- ${IPV4_NETWORK:-172.22.1}.254
|
||||
# - ${IPV4_NETWORK:-172.22.1}.254
|
||||
- 1.1.1.1
|
||||
- 8.8.8.8
|
||||
environment:
|
||||
- LOG_LINES=${LOG_LINES:-9999}
|
||||
- ADDITIONAL_SAN=${ADDITIONAL_SAN}
|
||||
@@ -524,7 +580,9 @@ services:
|
||||
watchdog-mailcow:
|
||||
image: ghcr.io/mailcow/watchdog:2.09
|
||||
dns:
|
||||
- ${IPV4_NETWORK:-172.22.1}.254
|
||||
# - ${IPV4_NETWORK:-172.22.1}.254
|
||||
- 1.1.1.1
|
||||
- 8.8.8.8
|
||||
tmpfs:
|
||||
- /tmp
|
||||
volumes:
|
||||
@@ -602,7 +660,9 @@ services:
|
||||
- label=disable
|
||||
restart: always
|
||||
dns:
|
||||
- ${IPV4_NETWORK:-172.22.1}.254
|
||||
# - ${IPV4_NETWORK:-172.22.1}.254
|
||||
- 1.1.1.1
|
||||
- 8.8.8.8
|
||||
environment:
|
||||
- DBROOT=${DBROOT}
|
||||
- TZ=${TZ}
|
||||
@@ -667,6 +727,8 @@ networks:
|
||||
config:
|
||||
- subnet: ${IPV4_NETWORK:-172.22.1}.0/24
|
||||
- subnet: ${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64}
|
||||
traefik-network:
|
||||
external: true
|
||||
|
||||
volumes:
|
||||
vmail-vol-1:
|
||||
|
||||
@@ -91,6 +91,44 @@ if grep --help 2>&1 | head -n 1 | grep -q -i "busybox"; then
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Add image prefetch function
|
||||
function prefetch_image() {
|
||||
echo "Checking Docker image: ${DEBIAN_DOCKER_IMAGE}"
|
||||
|
||||
# Get local image digest if it exists
|
||||
local local_digest=$(docker image inspect ${DEBIAN_DOCKER_IMAGE} --format='{{index .RepoDigests 0}}' 2>/dev/null | cut -d'@' -f2)
|
||||
|
||||
# Get remote image digest without pulling
|
||||
local remote_digest=$(docker manifest inspect ${DEBIAN_DOCKER_IMAGE} 2>/dev/null | grep -oP '"digest":\s*"\K[^"]+' | head -1)
|
||||
|
||||
if [[ -z "${remote_digest}" ]]; then
|
||||
echo "Warning: Unable to check remote image"
|
||||
if [[ -n "${local_digest}" ]]; then
|
||||
echo "Using cached version"
|
||||
echo
|
||||
return 0
|
||||
else
|
||||
echo "Error: Image ${DEBIAN_DOCKER_IMAGE} not found locally or remotely"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
if [[ "${local_digest}" != "${remote_digest}" ]]; then
|
||||
echo "Image update available, pulling ${DEBIAN_DOCKER_IMAGE}"
|
||||
if docker pull ${DEBIAN_DOCKER_IMAGE} 2>/dev/null; then
|
||||
echo "Successfully pulled ${DEBIAN_DOCKER_IMAGE}"
|
||||
else
|
||||
echo "Error: Failed to pull ${DEBIAN_DOCKER_IMAGE}"
|
||||
exit 1
|
||||
fi
|
||||
else
|
||||
echo "Image is up to date (${remote_digest:0:12}...)"
|
||||
fi
|
||||
echo
|
||||
}
|
||||
|
||||
# Prefetch the image early in the script
|
||||
prefetch_image
|
||||
|
||||
function backup() {
|
||||
DATE=$(date +"%Y-%m-%d-%H-%M-%S")
|
||||
|
||||
Reference in New Issue
Block a user