Adrià Casajús
7649f6b822
Do not show an error if we receive an unsubscribe from a different address
2022-04-11 14:19:32 +02:00
Adrià Casajús
dc59b61fba
Revert changes to pgp_utils
2022-04-11 10:20:02 +02:00
Adrià Casajús
f333bb00c5
fix import
2022-04-11 10:19:25 +02:00
Adrià Casajús
60a070731e
Send newrelic events on login and register
2022-04-11 10:18:22 +02:00
Adrià Casajús
7fdd7d7f6a
PR changes
2022-04-11 09:28:57 +02:00
Adrià Casajús
0dbe504329
format
2022-04-08 14:23:59 +02:00
Adrià Casajús
8df6d98522
Merge remote-tracking branch 'origin/master' into ac-dmarc-reply-phase
2022-04-08 11:34:12 +02:00
Adrià Casajús
68e58c0876
Move dmarc management to its own file
2022-04-08 11:28:14 +02:00
Adrià Casajús
b128d64563
Moved spamd check to a custom file and cached the result
2022-04-07 19:17:37 +02:00
Adrià Casajús
0e3c46d944
Save original envelope for debugging
2022-04-06 17:31:46 +02:00
Adrià Casajús
8ca1be0166
Apply dmarc policy to the reply phase
2022-04-06 12:51:04 +02:00
Adrià Casajús
451e69a3c4
More rebase fixes
2022-03-30 16:09:17 +02:00
Adrià Casajús
dce9e633bf
fix
2022-03-30 16:02:05 +02:00
Adrià Casajús
db06ce0ae6
Create signed email addresses for VERP emails
2022-03-30 16:00:02 +02:00
Son
67c2c6afad
add warning to email content when dmarc softfail
2022-03-30 19:48:07 +07:00
Son Nguyen Kim
110f2f2f2c
Merge pull request #861 from acasajus/spf-dmarc-backscatter
...
Reduce backscatter by checking return-path domain SPF status
2022-03-30 19:44:39 +07:00
Son Nguyen Kim
f7a98bc7d2
Merge pull request #862 from simple-login/ac/sanitize-next
...
Properly validate //host.com urls
2022-03-30 19:40:36 +07:00
Adrià Casajús
83fc8964a8
PR comments
2022-03-30 09:53:35 +02:00
Son Nguyen Kim
d561bae7dd
Merge pull request #864 from simple-login/ac/insecure-random
...
Replace using random with secrets for security purposes
2022-03-30 11:49:33 +07:00
Adrià Casajús
1555bc6346
fix test
2022-03-29 21:03:55 +02:00
Adrià Casajús
19e87a7156
More random to secrets
2022-03-29 18:42:28 +02:00
Adrià Casajús
b15facb6e4
Use secrets instead of random
2022-03-29 18:40:52 +02:00
Adrià Casajús
97ef5ff765
Fix oauth redirect when clientid is invalid
2022-03-29 18:37:01 +02:00
Adrià Casajús
a9e31cff26
Fix tests
2022-03-29 18:34:13 +02:00
Adrià Casajús
c5b0f5304e
Format
2022-03-29 18:18:11 +02:00
Adrià Casajús
d6df5e0ea0
Add limiters to auth routes
2022-03-29 18:14:13 +02:00
Adrià Casajús
e91fd26964
Sanitized missing places
2022-03-29 18:03:18 +02:00
Adrià Casajús
fe9161b101
Properly validate //host.com urls when redirecting after receiving a next param
2022-03-29 17:53:00 +02:00
Adrià Casajús
085c166cb2
Replace 5XX with 2XX for return path that fail SPF check
2022-03-29 15:09:10 +02:00
Adrià Casajús
7d36256b7c
Check return-path spf record before bouncing a message
2022-03-29 10:52:11 +02:00
Son
0d7d56c0ea
send email when an email is put to quarantine
2022-03-25 18:02:17 +01:00
Son
63b1100a8b
log event when there's no dmarc result
2022-03-25 16:19:11 +01:00
Son
ce2d2a3b3a
fix case where header isn't string
2022-03-25 16:17:58 +01:00
Son
32fd65b69b
add more log for alias transfer
2022-03-23 18:33:33 +01:00
Son Nguyen Kim
3d30870395
Merge pull request #849 from acasajus/new/parse-rpamd-headers
...
Return 200 on fishy dmarc result
2022-03-22 17:36:45 +01:00
Son Nguyen Kim
99b05034b0
Merge pull request #843 from acasajus/new/parse-rpamd-headers
...
Parse rspamd headers and apply dmarc policy if found.
2022-03-22 17:13:11 +01:00
Adrià Casajús
517bcb632e
MR changes
2022-03-22 17:02:59 +01:00
Son
5b3688b6df
set a domain for message-id
2022-03-22 11:02:02 +01:00
Adrià Casajús
5f831d593a
CamelCase to snake_case
2022-03-21 17:59:43 +01:00
Adrià Casajús
45459d65be
PR comments
2022-03-21 17:43:26 +01:00
Son
f554375f23
decode, replace and encode for base64 encoding
2022-03-21 17:29:22 +01:00
Son
1952f368a8
require password to use the api key page
2022-03-21 14:40:47 +01:00
Son
9dc7cff87f
add rate limiting for /auth/mfa
2022-03-21 14:23:35 +01:00
Son
a662ef4aee
remove g.deduct_limit in api auth endpoint
2022-03-21 14:23:20 +01:00
Adrià Casajús
06a1363e92
Updated MR comments
2022-03-21 12:03:11 +01:00
Adrià Casajús
cdea0f5ee2
Rename header
2022-03-21 10:43:19 +01:00
Adrià Casajús
44dd06fabf
Added spoofed email test
2022-03-21 10:43:18 +01:00
Adrià Casajús
c9cbaeb460
format
2022-03-21 10:43:17 +01:00
Adrià Casajús
e8013f8e0c
Initial parse of rpamd extra headers
2022-03-21 10:43:17 +01:00
Son
0931642d11
use 10.0.0.0 network instead of 240.0.0.0
2022-03-20 10:38:58 +01:00
Son
fa2f83dbf4
fix and refactor
2022-03-16 10:24:59 +01:00
Son
7e0992b767
add mime version header for transactional email
2022-03-14 19:23:38 +01:00
Son Nguyen Kim
79154378f2
Merge pull request #836 from cquintana92/feature/allow-to-edit-manual-subscription
...
Allow to edit manual subscription
2022-03-14 18:07:07 +01:00
Carlos Quintana
ed58e811d1
Allow to edit manual subscription
2022-03-14 16:47:30 +01:00
Adrià Casajús
479a7420cb
Useful time format
2022-03-14 15:40:50 +01:00
Adrià Casajús
b463ba8f41
Added filter
2022-03-14 15:33:09 +01:00
Adrià Casajús
bf177ac5ba
Remove unused
2022-03-14 15:29:17 +01:00
Adrià Casajús
9b16143e59
Show nicer admin logs
2022-03-14 15:28:53 +01:00
Adrià Casajús
553d8976be
Added extend subscription log
2022-03-14 15:07:51 +01:00
Adrià Casajús
549c6ec7d3
Comment changes
2022-03-11 11:37:14 +01:00
Adrià Casajús
4368fd323f
Less changes
2022-03-10 18:13:33 +01:00
Adrià Casajús
d0860cd54d
Merge remote-tracking branch 'origin/master' into new/admin-audit-trail
...
* origin/master: (35 commits)
reduce nb of commit
show "more" only when a notification has a title. Show either title or message. Use bold font when a notification isn't read
create a notification when an alias is disabled
mark a notification as read when user arrives on the notification page
Use plausible outbound link tracking
add more log
fix discover page
fix
fix "local variable 'alias_id' referenced before assignment"
make sure to close session in monitoring
use Date instead of date for header value
lessen alias automatic disable check
refactor
return the block reason in should_disable()
add adhoc upgrade on admin
add extend subscription for 1 month to admin
disable edition on admin
comment out some admin pages
fix migration
fix duplicated stats
...
2022-03-10 18:10:13 +01:00
Adrià Casajús
733efc387c
Updated admin view
2022-03-10 17:49:30 +01:00
Adrià Casajús
98c942d84a
Added admin log view
2022-03-10 17:32:35 +01:00
Adrià Casajús
bc82bab1eb
Added alembic migration
2022-03-10 16:37:21 +01:00
Adrià Casajús
1d15af53b7
Add an audit log for the admin panel
2022-03-10 16:13:31 +01:00
Son
0e3a5c3d3c
mark a notification as read when user arrives on the notification page
2022-03-09 17:58:26 +01:00
Son
6f80edfd64
fix discover page
2022-03-08 16:38:03 +01:00
Son
a64a70cbc8
use Date instead of date for header value
2022-03-07 15:57:29 +01:00
Son
350f498b94
lessen alias automatic disable check
2022-03-07 15:50:58 +01:00
Son
71136669e9
return the block reason in should_disable()
2022-03-07 15:44:27 +01:00
Son
f7ba3873d0
add adhoc upgrade on admin
2022-03-02 19:05:17 +01:00
Son
52a911f9d3
add extend subscription for 1 month to admin
2022-03-02 19:04:45 +01:00
Son
b2d8f5a017
disable edition on admin
2022-03-02 19:04:30 +01:00
Son
627b2e56d9
comment out some admin pages
2022-02-28 16:40:07 +01:00
Son Nguyen Kim
6a520e110c
Merge pull request #816 from simple-login/feature/include-sender-in-header
...
Feature/include sender in header
2022-02-28 09:24:18 +01:00
Son
205d8d7d3f
add index for Alias custom_domain_id and directory_id columns
2022-02-26 17:51:50 +01:00
Son
4faf0d7636
optimize dashboard page: load custom domain using joinedload() instead of explicit join
2022-02-26 17:34:53 +01:00
Son Nguyen Kim
7df93c2ee5
Merge pull request #813 from cquintana92/feature/make-nameservers-configurable
...
Make nameservers configurable
2022-02-25 12:29:50 +01:00
Son
007aa56551
user can turn on/off the including sender in header option
2022-02-25 12:24:54 +01:00
Son
51598ada02
add User.include_header_email_header column
2022-02-25 12:24:54 +01:00
Carlos Quintana
e9dd73e99b
Replace env by os.environ.get
2022-02-25 11:19:49 +01:00
Adrià Casajús
01cc65bdca
Allow to have lower priority MX servers
2022-02-24 17:23:45 +01:00
Carlos Quintana
8f339923f8
Make nameservers configurable
2022-02-24 15:05:05 +01:00
Son
7da06ba424
return 422 if account not activated
2022-02-22 22:12:36 +01:00
Son Nguyen Kim
e9d134fe8f
Merge pull request #784 from FozzieHi/fix-testing-warnings
...
Fix deprecation warnings.
2022-02-21 17:12:36 +01:00
Son Nguyen Kim
e55c3a155b
Merge pull request #803 from acasajus/fix/sentry-APP-ZP
...
Only allow authenticated and enabled users to accept a OAuth post request
2022-02-21 17:11:53 +01:00
Adrià Casajús
4b13d5a28c
Fix test
2022-02-21 16:03:39 +01:00
Son Nguyen Kim
7d008228e3
Merge pull request #811 from cquintana92/feature/ignore-or-reject-for-blocked-contacts
...
Allow to configure ignore or reject response for blocked contacts
2022-02-21 15:55:48 +01:00
Son Nguyen Kim
bfcd75bdea
Merge pull request #801 from acasajus/new/no-reply
...
Send support questions to the support ticket page
2022-02-21 15:07:27 +01:00
Carlos Quintana
ee9170bb17
Allow to configure ignore or reject response for blocked contacts
2022-02-21 12:52:21 +01:00
Adrià Casajús
33163660f7
PR comments
2022-02-21 12:30:26 +01:00
Adrià Casajús
3e983e3557
Only allow authenticated and enabled users to accept a OAuth post request
2022-02-17 17:25:04 +01:00
Adrià Casajús
b0ac2f871a
Fixes
2022-02-17 13:21:40 +01:00
Adrià Casajús
398c1a55f1
Change SUPPORT_EMAIL to NOREPLY
2022-02-17 13:18:52 +01:00
Adrià Casajús
15ce7b00d8
Reply to noreply@... once per user
2022-02-16 18:38:31 +01:00
Carlos Quintana
2a751624a8
Default ALLOWED_REDIRECT_DOMAINS to URL if it's not set
2022-02-16 16:16:14 +01:00
Carlos Quintana
b4e291d4fd
Make NextUrlSanitizer a static class
2022-02-16 16:05:50 +01:00
Carlos Quintana
6be99bc576
Do not account for urlencoded redirects
2022-02-16 16:02:13 +01:00
Carlos Quintana
a44acf1846
Add support for allowed redirect domains
2022-02-16 09:38:55 +01:00
Carlos Quintana
39222cf868
Simplify conditional
2022-02-15 16:33:30 +01:00
Carlos Quintana
2f9489fe39
Only allow relative redirects
2022-02-15 15:16:31 +01:00
Son
728d935d65
add ZENDESK_ENABLED param
2022-02-14 18:08:32 +01:00
Son
c3cd1419f9
reformat code: put POST handling on top
2022-02-14 18:02:54 +01:00
Son
a0bb4e9ccc
more verbose error
2022-02-14 18:02:30 +01:00
Son Nguyen Kim
69c8980c18
Merge pull request #792 from acasajus/new/zendesk-support
...
Create support tickets via zendesk
2022-02-14 17:53:30 +01:00
Adrià Casajús
416e7b363a
PR fixes
2022-02-14 15:58:36 +01:00
Adrià Casajús
305ce38379
PR changes
2022-02-14 11:19:03 +01:00
Adrià Casajús
700856053a
PR comment fixes
2022-02-11 13:32:31 +01:00
Adrià Casajús
8120128a51
Added Zendesk token
2022-02-10 12:59:48 +01:00
Adrià Casajús
639d4412e1
Updated comments from PR
2022-02-10 12:47:31 +01:00
Adrià Casajús
c9974d5321
Removed successful ticket created page and replaced with notification
2022-02-10 12:38:56 +01:00
Adrià Casajús
3fedc84c95
Add rate limit to ticket createion
2022-02-10 12:34:46 +01:00
Son Nguyen Kim
c18f9658b0
Merge pull request #787 from FozzieHi/test-config
...
Update testing suite and refactor.
2022-02-10 11:37:36 +01:00
Adrià Casajús
e844c9a392
Removed disabled page and redirected to the normal dashboard
2022-02-10 11:04:36 +01:00
Adrià Casajús
f59c5499fb
Formatting
2022-02-10 10:30:28 +01:00
Adrià Casajús
8aee883aae
Updated with more PR comments
2022-02-09 16:41:04 +01:00
Adrià Casajús
95fa95649d
Added comments from PR
2022-02-09 16:20:55 +01:00
Adrià Casajús
e57dcac2d2
Added zendesk submission flow
2022-02-09 12:00:48 +01:00
Adrià Casajús
219d5b998f
Add a suport form to create tickets in zendesk
2022-02-08 22:04:25 +01:00
Son
5b62f5a745
add rate limit to /auth/register
2022-02-07 18:45:41 +01:00
george
c415324932
Add flake8-bugbear
2022-02-06 20:37:43 +00:00
george
f7be992437
Update black, flake8 and pre-commit and use specific pre-commit versions.
2022-02-06 14:25:53 +00:00
Son
5da31f53b4
add MONITORING_EMAIL param
2022-02-04 15:43:40 +01:00
george
936d90a5f5
Fix deprecation warnings.
2022-02-04 13:49:38 +00:00
Son
4d1c4cfdff
support pinned parameter in /api/v2/aliases
2022-02-03 11:16:49 +01:00
Son Nguyen Kim
543923b325
Merge pull request #760 from FozzieHi/delete-all-api-keys-button
...
Add a button to delete all API Keys
2022-02-02 18:31:05 +01:00
Son
049bd746ad
refactor shell
2022-01-26 15:22:37 +01:00
Son
5a712f3877
make sure subdomain can only contain lowercase letters, numbers and dashes.
2022-01-26 14:53:27 +01:00
george
74713c2142
Rename method.
2022-01-25 18:32:34 +00:00
Son Nguyen Kim
89a800eed9
Merge pull request #753 from FozzieHi/totp-invalid-login-email
...
Invalid TOTP and recovery code email notifications
2022-01-24 18:35:52 +01:00
Son
fc3f06f4d8
create notification listing page
2022-01-24 16:45:36 +01:00
Son
90fa4abf69
create a notification for a bounce email
2022-01-24 16:10:36 +01:00
Son
1de6fefc59
add notification detail page
2022-01-24 15:22:01 +01:00
Son
5b7949f346
return title in /api/notifications
2022-01-24 15:20:59 +01:00
Son
3422f038eb
add Notification title
2022-01-24 15:18:56 +01:00
george
65531b5c63
Add a button to delete all API Keys.
2022-01-23 18:38:54 +00:00
Son
e73288354d
remove IGNORED_EMAILS variable
2022-01-21 19:30:27 +01:00
george
ab72927a16
Update text.
2022-01-20 18:24:28 +00:00
george
50122da0fe
Implement API notifications and use a function in email_utils
2022-01-20 17:42:11 +00:00
george
42407a0543
Send the email after the local error.
2022-01-20 16:44:15 +00:00
george
f7f91afc1e
Send a notification email for invalid recovery codes.
2022-01-20 16:41:42 +00:00
george
6d736aa915
Implement rate limiting with send_email_with_rate_control.
2022-01-20 15:05:18 +00:00
george
0eb2984b9c
Add invalid TOTP login email notifications.
2022-01-20 14:18:47 +00:00
Son
b929dc5462
check if alias is not none
2022-01-18 09:40:50 +01:00
Son
0806f9243e
return custom domain json in patch
2022-01-16 17:26:11 +01:00
Son
841621dbe2
handle the case mailboxes is empty in try_auto_create_via_domain
2022-01-13 09:33:32 +01:00
Son
4cea47cc27
add setting for include_website_in_one_click_alias
2022-01-12 11:50:49 +01:00
Son
6cd8e45d21
return the default sender format (AT) in case user uses a non-supported sender format
2022-01-12 10:19:25 +01:00
Son
c0067b7657
add more log
2022-01-10 15:58:22 +01:00