Commit graph

2313 commits

Author SHA1 Message Date
Adrià Casajús
dce9e633bf
fix 2022-03-30 16:02:05 +02:00
Adrià Casajús
db06ce0ae6
Create signed email addresses for VERP emails 2022-03-30 16:00:02 +02:00
Son Nguyen Kim
110f2f2f2c
Merge pull request #861 from acasajus/spf-dmarc-backscatter
Reduce backscatter by checking return-path domain SPF status
2022-03-30 19:44:39 +07:00
Son Nguyen Kim
f7a98bc7d2
Merge pull request #862 from simple-login/ac/sanitize-next
Properly validate //host.com urls
2022-03-30 19:40:36 +07:00
Adrià Casajús
83fc8964a8
PR comments 2022-03-30 09:53:35 +02:00
Son Nguyen Kim
d561bae7dd
Merge pull request #864 from simple-login/ac/insecure-random
Replace using random with secrets for security purposes
2022-03-30 11:49:33 +07:00
Adrià Casajús
1555bc6346
fix test 2022-03-29 21:03:55 +02:00
Adrià Casajús
19e87a7156
More random to secrets 2022-03-29 18:42:28 +02:00
Adrià Casajús
b15facb6e4
Use secrets instead of random 2022-03-29 18:40:52 +02:00
Adrià Casajús
97ef5ff765
Fix oauth redirect when clientid is invalid 2022-03-29 18:37:01 +02:00
Adrià Casajús
a9e31cff26
Fix tests 2022-03-29 18:34:13 +02:00
Adrià Casajús
c5b0f5304e
Format 2022-03-29 18:18:11 +02:00
Adrià Casajús
d6df5e0ea0
Add limiters to auth routes 2022-03-29 18:14:13 +02:00
Adrià Casajús
e91fd26964
Sanitized missing places 2022-03-29 18:03:18 +02:00
Adrià Casajús
fe9161b101
Properly validate //host.com urls when redirecting after receiving a next param 2022-03-29 17:53:00 +02:00
Adrià Casajús
085c166cb2
Replace 5XX with 2XX for return path that fail SPF check 2022-03-29 15:09:10 +02:00
Adrià Casajús
7d36256b7c
Check return-path spf record before bouncing a message 2022-03-29 10:52:11 +02:00
Son
0d7d56c0ea send email when an email is put to quarantine 2022-03-25 18:02:17 +01:00
Son
63b1100a8b log event when there's no dmarc result 2022-03-25 16:19:11 +01:00
Son
ce2d2a3b3a fix case where header isn't string 2022-03-25 16:17:58 +01:00
Son
32fd65b69b add more log for alias transfer 2022-03-23 18:33:33 +01:00
Son Nguyen Kim
3d30870395
Merge pull request #849 from acasajus/new/parse-rpamd-headers
Return 200 on fishy dmarc result
2022-03-22 17:36:45 +01:00
Son Nguyen Kim
99b05034b0
Merge pull request #843 from acasajus/new/parse-rpamd-headers
Parse rspamd headers and apply dmarc policy if found.
2022-03-22 17:13:11 +01:00
Adrià Casajús
517bcb632e
MR changes 2022-03-22 17:02:59 +01:00
Son
5b3688b6df set a domain for message-id 2022-03-22 11:02:02 +01:00
Adrià Casajús
5f831d593a
CamelCase to snake_case 2022-03-21 17:59:43 +01:00
Adrià Casajús
45459d65be
PR comments 2022-03-21 17:43:26 +01:00
Son
f554375f23 decode, replace and encode for base64 encoding 2022-03-21 17:29:22 +01:00
Son
1952f368a8 require password to use the api key page 2022-03-21 14:40:47 +01:00
Son
9dc7cff87f add rate limiting for /auth/mfa 2022-03-21 14:23:35 +01:00
Son
a662ef4aee remove g.deduct_limit in api auth endpoint 2022-03-21 14:23:20 +01:00
Adrià Casajús
06a1363e92
Updated MR comments 2022-03-21 12:03:11 +01:00
Adrià Casajús
cdea0f5ee2
Rename header 2022-03-21 10:43:19 +01:00
Adrià Casajús
44dd06fabf
Added spoofed email test 2022-03-21 10:43:18 +01:00
Adrià Casajús
c9cbaeb460
format 2022-03-21 10:43:17 +01:00
Adrià Casajús
e8013f8e0c
Initial parse of rpamd extra headers 2022-03-21 10:43:17 +01:00
Son
0931642d11 use 10.0.0.0 network instead of 240.0.0.0 2022-03-20 10:38:58 +01:00
Son
fa2f83dbf4 fix and refactor 2022-03-16 10:24:59 +01:00
Son
7e0992b767 add mime version header for transactional email 2022-03-14 19:23:38 +01:00
Son Nguyen Kim
79154378f2
Merge pull request #836 from cquintana92/feature/allow-to-edit-manual-subscription
Allow to edit manual subscription
2022-03-14 18:07:07 +01:00
Carlos Quintana
ed58e811d1
Allow to edit manual subscription 2022-03-14 16:47:30 +01:00
Adrià Casajús
479a7420cb
Useful time format 2022-03-14 15:40:50 +01:00
Adrià Casajús
b463ba8f41
Added filter 2022-03-14 15:33:09 +01:00
Adrià Casajús
bf177ac5ba
Remove unused 2022-03-14 15:29:17 +01:00
Adrià Casajús
9b16143e59
Show nicer admin logs 2022-03-14 15:28:53 +01:00
Adrià Casajús
553d8976be
Added extend subscription log 2022-03-14 15:07:51 +01:00
Adrià Casajús
549c6ec7d3
Comment changes 2022-03-11 11:37:14 +01:00
Adrià Casajús
4368fd323f
Less changes 2022-03-10 18:13:33 +01:00
Adrià Casajús
d0860cd54d
Merge remote-tracking branch 'origin/master' into new/admin-audit-trail
* origin/master: (35 commits)
  reduce nb of commit
  show "more" only when a notification has a title. Show either title or message. Use bold font when a notification isn't read
  create a notification when an alias is disabled
  mark a notification as read when user arrives on the notification page
  Use plausible outbound link tracking
  add more log
  fix discover page
  fix
  fix "local variable 'alias_id' referenced before assignment"
  make sure to close session in monitoring
  use Date instead of date for header value
  lessen alias automatic disable check
  refactor
  return the block reason in should_disable()
  add adhoc upgrade on admin
  add extend subscription for 1 month to admin
  disable edition on admin
  comment out some admin pages
  fix migration
  fix duplicated stats
  ...
2022-03-10 18:10:13 +01:00
Adrià Casajús
733efc387c
Updated admin view 2022-03-10 17:49:30 +01:00