Commit Graph

98 Commits (48a37090415f3a3664a545bc9a5c079e0ca9063c)

Author SHA1 Message Date
Lee Clemens ebbd9025e4 Add support for MySQL connections over SSL 7 years ago
Sylvain Tissot ffb84283c2
Harden password reset process
The improvements are:

- Die with an explicit message when a user is trying to reset his lost password and the option is disabled in config
- Redirect user to main page after password change using relative URL
- Don't leak info whether user exists or has recovery info defined
- Throttle password reset requests to prevent brute force attacks
- Show phone/alt email fields in mailbox/admin edit form only when the password reset option is enabled
- Make database upgrade code compatible with other databases types
- Use the existing password generator to generate OTP. It is now stored in database, unique to each user, valid only for 1 hour and can only by used once.
7 years ago
David Goodwin 4b999b3f6b improve mysqli connection settings - see https://github.com/postfixadmin/postfixadmin/issues/73 7 years ago
Christian Boltz 2251c00fb8
disable password reset until it is secure
For some unknown reason, the insecure version of pull request 18 (which
uses easily guessable reset codes) was merged. This commit disables the
password reset until someone makes it secure.

See the comments in https://github.com/postfixadmin/postfixadmin/pull/18
for details.
7 years ago
Sylvain Tissot 9c9ba64a7f Allows a user or admin to reset his/her forgotten password with a code sent by email/SMS #18 7 years ago
Christian Boltz f18f16c004
move $CONF['edit_alias'] next to $CONF['alias_control'] 7 years ago
Christian Boltz 4d9a0717d0 Merge pull request #26 from medarion/master
added config option to disable "edit_alias" function for users
7 years ago
David Goodwin 0951629a48 config.inc.php: debian has doveadm in /usr/bin not /usr/sbin 8 years ago
Christian Boltz 8aecf3eae3 Merge branch 'master' into broadcast_improvements 8 years ago
Christian Boltz f7f3781770
Fix default for $CONF[create_mailbox_subdirs_hostoptions]
array('') means to include an empty item, and that results in an invalid
remote specification with a trailing "/"

Using an empty array() fixes this.

Reported by oftc_ftw on IRC.
8 years ago
Martin Oemus 9aba43ee48 added config option to disable "edit_alias" function for users 8 years ago
Jan-Frederik Rieckers 3c360f646f
Switch config item for broadcast.
The new config item is now `sendmail_all_admins`
8 years ago
Jan-Frederik Rieckers 3c3d844130
Improve the broadcast message tool
* Make it possible by config option that non global admins can send
  broadcast messages to their domains.
* Allow the sender to select the domains the broadcast message should be
  delivered to
* Allow the sender to decide if the broadcast message should just be
  delivered to mailboxes
8 years ago
David Goodwin 491df198cc Merge remote-tracking branch 'svnexport/master' 8 years ago
Christian Boltz 4c2ff84d52 upate wiki links
mediawiki -> SF wiki


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1876 a1433add-5e2c-0410-b055-b7f2511e0802
8 years ago
David Goodwin 17d1cce041 Merge remote-tracking branch 'svnexport/master' 8 years ago
Christian Boltz 62b872491f config.inc.php: add pointers between $CONF[encrypt] = 'authlib' and $CONF[authlib_default_flavor]
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1874 a1433add-5e2c-0410-b055-b7f2511e0802
8 years ago
David Goodwin 6bc747ba9b Merge remote-tracking branch 'svnexport/master' 9 years ago
Christian Boltz a46720c8c8 config.inc.php:
- add more detailed notes about unsupported dovecot:* encryption types
  (after hunting them down with r00t^2 on IRC)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1833 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
David Goodwin d3ca74af0d merge github pull request into svn manually - 3e62d3975a - adding configurable smtp helo (CONF["smtp_client"])
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1832 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 6ee6574076 include_once(config.local.php) instead of include()ing it
This should avoid problems with endless include loops like in
https://sourceforge.net/p/postfixadmin/bugs/367/


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1830 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
CaptainArk 21c4ec0dd8 smtp_client variable empty by default 9 years ago
CaptainArk 7778c0b9c6 Adding an option to configure the hostname in HELO when sending emails from Postfix Admin 9 years ago
Christian Boltz b261db86c7 Merge pull request #9 from phyrog/master
Add sqlite backend option (thank you @phyrog for doing this)

(imported from github)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1824 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Tom Gehrke 92f1dbdf39 Add sqlite backend option 9 years ago
David Goodwin a190ca8f3b Merge remote-tracking branch 'svnexport/master' 9 years ago
Christian Boltz c9b43879de config.inc.php:
- mention MariaDB as another option for 'mysqli' database type
  https://sourceforge.net/p/postfixadmin/feature-requests/103/


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1796 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
David Goodwin ee7514c1ca Merge remote-tracking branch 'svnexport/master' 10 years ago
David Goodwin 7bd492ef1e include only once 10 years ago
Christian Boltz a89bd5f573 config.inc.php:
- remove unused $CONF['users_domain_controle'] 



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1787 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz 27bdba3ba2 Add FetchmailHandler.php
- uses list.php and edit.php instead of the fetchmail-specific template
- replaces fetchmail.php and its template

config.inc.php:
- add $CONF['fetchmail_struct_hook']



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1762 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz fb4af233af config.inc.php:
- add note that $CONF[vacation_domain] can't be used for "normal" mails

model/DomainHandler.php:
- validate_new_id(): 
  - error out when trying to add $CONF[vacation_domain]
  - some whitespace fixes
- remove superfluous comment on initStruct()

*.lang:
- add 'domain_conflict_vacation_domain' error message



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1694 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz d80816ad86 DomainHandler:
- $CONF[default_aliases] can now use the new domain as alias target
  http://sourceforge.net/p/postfixadmin/patches/124/

config.inc.php:
- update comment for $CONF[default_aliases]



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1690 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz c4e723b355 config.inc.php:
- remove unused config options:
  - $CONF['vacation_replytype_control']
  - $CONF['vacation_allow_user_reply'];
  - $CONF['vacation_autoreplydelay_default']
  - $CONF['vacation_intervaldelay_default']

CHANGELOG.TXT
- update with vacation changes


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1613 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 8c139c95d6 vacation:
restrict reply type to a list of options ($CONF[vacation_choice_of_reply]),
remove input field for custom interval


config.inc.php:
- change $CONF['vacation_choice_of_reply'] to [seconds] => [$PALANG label]
  (note: reply to every mail is commented by default because it can be
  annoying. Admins will have to explicitely add/enable it in their config.)
- remove $CONF[vacation_replytype_default]
- update comment about dovecot:* for $CONF[encrypt]

*.lang:
- add texts for reply types

VacationHandler.php:
- remove reply_type at various places
- set_away(): remove reply_type from list of function parameters

templates/vacation.tpl:
- update reply type dropdown for the changed $CONF['vacation_choice_of_reply']
- remove the input fields for custom reply delay

vacation.php:
- restrict reply type to a list of options ($CONF[vacation_choice_of_reply])
- if vacation is disabled, but old values are stored in the database,
  change the activeFrom and activeUntil date to today to avoid users
  have to scroll through the calendar a lot

xmlrpc.php:
- update set_away() call to match the removed parameter

upgrade.php:
- comment out upgrade_1345_mysql() which created the reply_type and 
  interval_time fields in the vacation table in mysql
- add upgrade_1610() to add the vacation.interval_time field


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1610 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 75c2c9cea5 config.inc.php:
- add missing $CONF[*_struct_hook] options
- add empty defails for various $CONF[*_post*_script]



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1590 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 6e2e132bac remove "postfixadmin.com" in comments in lots of files
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1558 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 949d58e5c4 config.inc.php:
- remove unused $CONF['usercontol'] which leaked in with an unrelated 
  patch in r1374
- fixed some typos in comments


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1551 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz b4823b9e04 Finally replace create-mailbox.php with edit.php?table=mailbox :-)
configs/menu.conf:
- change url_create_mailbox to edit.php?table=mailbox

templates/list-virtual.tpl:
- replace hardcoded create-mailbox.php with {#url_create_mailbox#}

functions.inc.php:
- delete functions that are now part of MailboxHandler:
  - check_mailbox()
  - multiply_quota()
- add some TODO notes

config.inc.php:
- rewrite a comment that referenced create-mailbox.php

create-mailbox.php:
- delete - no longer needed


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1433 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
Christian Boltz 47b0ebdec5 config.inc.php:
- fix typo in comment


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1431 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
Christian Boltz 299cde311d config.inc.php:
- changed some defaults as discussed on the mailinglist:
  - $CONF['database_type'] = 'mysqli';
  - $CONF['dovecotpw'] = "/usr/sbin/doveadm pw"; 
    $CONF['new_quota_table'] = 'YES'; (for dovecot 2)
  - $CONF['domain_path'] = 'YES'; $CONF['domain_in_mailbox'] = 'NO';
    (results in domain.tld/username/ maildirs)
  - $CONF['alias_control'] = 'YES'; $CONF['alias_control_admin'] = 'YES';
  - $CONF['backup'] = 'NO';
  - $CONF['show_status']='YES'; $CONF['show_status_key']='YES';
    $CONF['show_undeliverable']='YES'; $CONF['show_popimap']='YES';
    $CONF['show_undeliverable_exceptions']- "gmail.com" removed


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1406 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 0f672c7fb7 config.inc.php:
- $CONF[encrypt]: add warning about salted dovecot:* methods


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1403 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 57b28f1ae2 config.inc.php:
- remove the (now superfluous) $CONF['postfix_admin_url'] config option

debian/patches/db_credentials:
- remove the section that sets $CONF['postfix_admin_url']

functions.inc.php - authentication_require_role():
- also remove $CONF['postfix_admin_url'] from comments
- remove the './' part from the redirect

Combined with the previous two commits, this fixes
https://sourceforge.net/tracker/?func=detail&aid=3039042&group_id=191583&atid=937964


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1396 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
David Goodwin 87f33d95ae patch from Jan Kruis - see http://sourceforge.net/tracker/?func=detail&aid=3520749&group_id=191583&atid=937966 (Tracker id 3520749) ; thank you!
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1374 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
David Goodwin ef80736445 Merge jan-kruis's vacation interval reply behaviour - see SF patch 3508083 - https://sourceforge.net/tracker/?func=detail&aid=3508083&group_id=191583&atid=937966 ; Thank you
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1373 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 18b8564b64 Make $struct in the *Handler classes customizeable
config.inc.php:
- add $CONF['*_struct_hook'] to modify $struct in the *Handler classes

PFAHandler.php:
- call $CONF['*_struct_hook'] hook

AdminHandler.php, AliasdomainHandler.php, DomainHandler.php:
- remove now outdated TODO notes


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1303 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 69b3df10e4 config.inc.php
- new config option $CONF['password_validation'] - array with regular
  expressions to check if a password is valid/good enough.
  The default configuration enforces:
  - minimum length 5 characters/digits/whatever
  - at least 2 characters
  - at least 2 digits
- removed $CONF['min_password_length'] - it's now handled in /.{5}/ in
  $CONF['password_validation']

functions.inc.php
- new function validate_password to check a given password against
  $CONF['password_validation']
- generate_password: generated password is always 8 chars long
  (instead of $CONF['min_password_length'])

edit-admin.php, users/password.php, edit-mailbox.php, setup.php:
- use validate_password instead of $CONF['min_password_length']

This implements
https://sourceforge.net/tracker/?func=detail&aid=1785513&group_id=191583&atid=937967


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1192 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 536b7ac688 config.inc.php:
- several comments for the language_hook function:
  - x_* naming policy for custom texts
  - note that custom texts must appear in all blocks
  - note that translation fixes should be reported in the bugtracker


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1177 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz a5f3cb9b96 config.inc.php:
- new config option $CONF['language_hook']
  Hook function to override or add translations to $PALANG.
  Example hook function included (commented out).

common.php:
- honor $CONF['language_hook']

scripts/postfixadmin-cli.php:
- honor $CONF['language_hook']
- add TODO - language shouldn't be hardcoded to english

This implements my feature request at
http://sourceforge.net/tracker/?func=detail&aid=3292408&group_id=191583&atid=937967


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1176 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 3dcd56c77a Replaced motd*.txt with $CONF[motd_*] options
config.inc.php:
- new config options $CONF['motd_user'], $CONF['motd_admin'] and
  $CONF['motd_superadmin']

templates/index.tpl:
- added $CONF[motd_*] handling

css/default.css:
- new style #motd

templates/users_menu.tpl, templates/menu.tpl:
- removed inclusion of motd-users.txt / $motd_file

smarty.inc.php:
- removed handling for motd*.txt files

templates/motd-users.txt, templates/motd.txt:
- deleted


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1142 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago