Commit Graph

115 Commits (852a09f13881d25dc5b5294b9ffdf9313ce848c7)

Author SHA1 Message Date
David Goodwin cdacb5697f improve formatting of error message; remove use of db_array (to be removed). 6 years ago
David Goodwin 20b1eb842e fix sqlite display of password expired check for mailboxes 6 years ago
David Goodwin 766c947190 fix case of $conf; improve comments 6 years ago
David Goodwin 74002bbf57 psalm fixes 6 years ago
Damien Martins 12ce418f79 No need to have password expiration value in config file 6 years ago
Damien Martins 84533224ba Adds colored indicators for password expired, account disabled and vacation enabled accounts 6 years ago
Damien Martins b33d79125c Merge branch 'master' of github.com:doktoil-makresh/postfixadmin 6 years ago
Damien Martins d809e0fbf7 Adds colored indicators for password expired, account disabled and vacation enabled accounts 6 years ago
Damien Martins 72dddbc93b Adds colored indicators for password expired, account disabled and vacation enabled accounts 6 years ago
Damien Martins e786609aa9 Adding support for password expiration. Please read README.password_expiration for more details 6 years ago
David Goodwin ba14535489
Merge pull request #172 from abonanni/bootstrap
Bootstrap Integration
6 years ago
Aleksi Kinnunen 48c19a1cbd
Combine encrypt CONF-keys
Went through the old PR #25, updated the encrypt rounds/cost setting to be in the encrypt -configuration key as per suggestion from @cboltz
7 years ago
Aleksi Kinnunen 7b16e8a1c2
Add info about php_crypt and encrypt_difficulty to sample config 7 years ago
root fb3e968cfc Bootstrap template integration 7 years ago
David Goodwin f7ba904800 see #171 7 years ago
Christian Boltz 7c38bdd871
add a big notice about using config.local.php 7 years ago
Christian Boltz 3f1866d041
display phone number field only if $CONF[sms_send_function] is set
Without a way to send a SMS, asking users for their mobile number is
pointless.
7 years ago
Lee Clemens ebbd9025e4 Add support for MySQL connections over SSL 7 years ago
Sylvain Tissot ffb84283c2
Harden password reset process
The improvements are:

- Die with an explicit message when a user is trying to reset his lost password and the option is disabled in config
- Redirect user to main page after password change using relative URL
- Don't leak info whether user exists or has recovery info defined
- Throttle password reset requests to prevent brute force attacks
- Show phone/alt email fields in mailbox/admin edit form only when the password reset option is enabled
- Make database upgrade code compatible with other databases types
- Use the existing password generator to generate OTP. It is now stored in database, unique to each user, valid only for 1 hour and can only by used once.
7 years ago
David Goodwin 4b999b3f6b improve mysqli connection settings - see https://github.com/postfixadmin/postfixadmin/issues/73 7 years ago
Christian Boltz 2251c00fb8
disable password reset until it is secure
For some unknown reason, the insecure version of pull request 18 (which
uses easily guessable reset codes) was merged. This commit disables the
password reset until someone makes it secure.

See the comments in https://github.com/postfixadmin/postfixadmin/pull/18
for details.
7 years ago
Sylvain Tissot 9c9ba64a7f Allows a user or admin to reset his/her forgotten password with a code sent by email/SMS #18 7 years ago
Christian Boltz f18f16c004
move $CONF['edit_alias'] next to $CONF['alias_control'] 7 years ago
Christian Boltz 4d9a0717d0 Merge pull request #26 from medarion/master
added config option to disable "edit_alias" function for users
7 years ago
David Goodwin 0951629a48 config.inc.php: debian has doveadm in /usr/bin not /usr/sbin 8 years ago
Christian Boltz 8aecf3eae3 Merge branch 'master' into broadcast_improvements 8 years ago
Christian Boltz f7f3781770
Fix default for $CONF[create_mailbox_subdirs_hostoptions]
array('') means to include an empty item, and that results in an invalid
remote specification with a trailing "/"

Using an empty array() fixes this.

Reported by oftc_ftw on IRC.
8 years ago
Martin Oemus 9aba43ee48 added config option to disable "edit_alias" function for users 8 years ago
Jan-Frederik Rieckers 3c360f646f
Switch config item for broadcast.
The new config item is now `sendmail_all_admins`
8 years ago
Jan-Frederik Rieckers 3c3d844130
Improve the broadcast message tool
* Make it possible by config option that non global admins can send
  broadcast messages to their domains.
* Allow the sender to select the domains the broadcast message should be
  delivered to
* Allow the sender to decide if the broadcast message should just be
  delivered to mailboxes
8 years ago
David Goodwin 491df198cc Merge remote-tracking branch 'svnexport/master' 8 years ago
Christian Boltz 4c2ff84d52 upate wiki links
mediawiki -> SF wiki


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1876 a1433add-5e2c-0410-b055-b7f2511e0802
8 years ago
David Goodwin 17d1cce041 Merge remote-tracking branch 'svnexport/master' 8 years ago
Christian Boltz 62b872491f config.inc.php: add pointers between $CONF[encrypt] = 'authlib' and $CONF[authlib_default_flavor]
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1874 a1433add-5e2c-0410-b055-b7f2511e0802
8 years ago
David Goodwin 6bc747ba9b Merge remote-tracking branch 'svnexport/master' 9 years ago
Christian Boltz a46720c8c8 config.inc.php:
- add more detailed notes about unsupported dovecot:* encryption types
  (after hunting them down with r00t^2 on IRC)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1833 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
David Goodwin d3ca74af0d merge github pull request into svn manually - 3e62d3975a - adding configurable smtp helo (CONF["smtp_client"])
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1832 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 6ee6574076 include_once(config.local.php) instead of include()ing it
This should avoid problems with endless include loops like in
https://sourceforge.net/p/postfixadmin/bugs/367/


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1830 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
CaptainArk 21c4ec0dd8 smtp_client variable empty by default 9 years ago
CaptainArk 7778c0b9c6 Adding an option to configure the hostname in HELO when sending emails from Postfix Admin 9 years ago
Christian Boltz b261db86c7 Merge pull request #9 from phyrog/master
Add sqlite backend option (thank you @phyrog for doing this)

(imported from github)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1824 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Tom Gehrke 92f1dbdf39 Add sqlite backend option 9 years ago
David Goodwin a190ca8f3b Merge remote-tracking branch 'svnexport/master' 9 years ago
Christian Boltz c9b43879de config.inc.php:
- mention MariaDB as another option for 'mysqli' database type
  https://sourceforge.net/p/postfixadmin/feature-requests/103/


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1796 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
David Goodwin ee7514c1ca Merge remote-tracking branch 'svnexport/master' 10 years ago
David Goodwin 7bd492ef1e include only once 10 years ago
Christian Boltz a89bd5f573 config.inc.php:
- remove unused $CONF['users_domain_controle'] 



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1787 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz 27bdba3ba2 Add FetchmailHandler.php
- uses list.php and edit.php instead of the fetchmail-specific template
- replaces fetchmail.php and its template

config.inc.php:
- add $CONF['fetchmail_struct_hook']



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1762 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz fb4af233af config.inc.php:
- add note that $CONF[vacation_domain] can't be used for "normal" mails

model/DomainHandler.php:
- validate_new_id(): 
  - error out when trying to add $CONF[vacation_domain]
  - some whitespace fixes
- remove superfluous comment on initStruct()

*.lang:
- add 'domain_conflict_vacation_domain' error message



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1694 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz d80816ad86 DomainHandler:
- $CONF[default_aliases] can now use the new domain as alias target
  http://sourceforge.net/p/postfixadmin/patches/124/

config.inc.php:
- update comment for $CONF[default_aliases]



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1690 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago