Adds optional parameter to limit the alias destinations to local domains.
An additional check makes sure that the domain is in the list of postfix domain names.
1. Favicon configuration of the project:
a. Fixed incorrect link to favicon from the subfolder /users/
b. Added ability to set favicon via config
2. Completed translation of all string constants into Russian language.
The improvements are:
- Die with an explicit message when a user is trying to reset his lost password and the option is disabled in config
- Redirect user to main page after password change using relative URL
- Don't leak info whether user exists or has recovery info defined
- Throttle password reset requests to prevent brute force attacks
- Show phone/alt email fields in mailbox/admin edit form only when the password reset option is enabled
- Make database upgrade code compatible with other databases types
- Use the existing password generator to generate OTP. It is now stored in database, unique to each user, valid only for 1 hour and can only by used once.
For some unknown reason, the insecure version of pull request 18 (which
uses easily guessable reset codes) was merged. This commit disables the
password reset until someone makes it secure.
See the comments in https://github.com/postfixadmin/postfixadmin/pull/18
for details.
array('') means to include an empty item, and that results in an invalid
remote specification with a trailing "/"
Using an empty array() fixes this.
Reported by oftc_ftw on IRC.
* Make it possible by config option that non global admins can send
broadcast messages to their domains.
* Allow the sender to select the domains the broadcast message should be
delivered to
* Allow the sender to decide if the broadcast message should just be
delivered to mailboxes
- add more detailed notes about unsupported dovecot:* encryption types
(after hunting them down with r00t^2 on IRC)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1833 a1433add-5e2c-0410-b055-b7f2511e0802
Michael Krieger