mailcow-dockerized

mirror of https://github.com/mailcow/mailcow-dockerized.git synced 2026-03-03 21:36:23 +00:00

Author	SHA1	Message	Date
FreddleSpl0it	609ce6b0d6	Merge pull request #6976 from mailcow/fix/autodiscover-passwordless feat: Implement passwordless autodiscover endpoint	2026-03-03 13:25:16 +01:00
FreddleSpl0it	af61e2d303	[Web] Add fail2ban logging to passwordless autodiscover endpoint	2026-03-03 13:24:44 +01:00
FreddleSpl0it	c6e3f517e1	Merge pull request #7047 from jonprocter/staging Document qitem endpoint in openapi.yaml for editing quarantine mails	2026-03-03 13:11:43 +01:00
FreddleSpl0it	c033cd6254	Merge pull request #7077 from mailcow/feat/force-tfa [Web] Add forced 2FA setup and password update enforcement	2026-03-03 13:01:16 +01:00
FreddleSpl0it	96d4802cb2	[Web] Switch QR code generation from external API to local library and fix composer.json/lock mismatch	2026-02-24 11:02:47 +01:00
FreddleSpl0it	ad5b94af5e	[Web] Add forced 2FA setup and password update enforcement	2026-02-24 10:44:33 +01:00
milkmaker	7fce984cac	[Web] Updated lang.lv-lv.json (#7069 ) Co-authored-by: Edgars Andersons <Edgars+Mailcow+Weblate@gaitenis.id.lv>	2026-02-19 22:15:32 +01:00
milkmaker	885ba2510e	Translations update from Weblate (#7055 ) * [Web] Updated lang.cs-cz.json Co-authored-by: Filip Hajny <filip@hajny.net> Co-authored-by: milkmaker <milkmaker@mailcow.de> * [Web] Updated lang.ru-ru.json Co-authored-by: Habetdin <15926758+Habetdin@users.noreply.github.com> --------- Co-authored-by: Filip Hajny <filip@hajny.net> Co-authored-by: Habetdin <15926758+Habetdin@users.noreply.github.com>	2026-02-09 01:52:35 +01:00
Jonathan Procter	fb1686065d	Add endpoint for editing quarantine mails Added endpoint to edit quarantine items with actions to release or learn as ham. Functionality already existed but was undocumented.	2026-02-03 21:31:32 +00:00
milkmaker	a70c23065c	Translations update from Weblate (#7040 ) * [Web] Updated lang.vi-vn.json Co-authored-by: Phu D. Nguyen <sillycat@duck.com> * [Web] Updated lang.zh-tw.json Co-authored-by: Proton Chang <protonmo@gmail.com> * [Web] Updated lang.si-si.json Co-authored-by: Matjaž Tekavec <matjaz@moj-svet.si> --------- Co-authored-by: Phu D. Nguyen <sillycat@duck.com> Co-authored-by: Proton Chang <protonmo@gmail.com> Co-authored-by: Matjaž Tekavec <matjaz@moj-svet.si>	2026-02-01 22:44:52 +01:00
FreddleSpl0it	caaa4a414d	[Web] Fix datatables search after PR #7022	2026-01-29 10:26:44 +01:00
FreddleSpl0it	2e8897c2cf	Merge branch 'staging' into fix/autodiscover-passwordless	2026-01-28 11:10:28 +01:00
FreddleSpl0it	c1d4f04c22	Merge branch 'staging' into feat/restrict-alias-sending	2026-01-28 10:02:03 +01:00
FreddleSpl0it	82276cd1ca	Merge pull request #7022 from mailcow/feat/eas-dav-access [Web] Allow admins to limit EAS and DAV access for mailbox users	2026-01-28 09:54:47 +01:00
FreddleSpl0it	56ea4302ed	[Web] Allow admins to limit EAS and DAV access for mailbox users	2026-01-28 09:49:33 +01:00
FreddleSpl0it	c06112b26e	[Postfix] Configurable send permissions for alias addresses	2026-01-27 09:05:51 +01:00
FreddleSpl0it	978bff9dbc	Merge pull request #6867 from DiscoNova/feat/possible-to-disable-logins-from-autoprotocol-domains [Web] Disable login UI on autoprotocol domains	2026-01-27 08:08:12 +01:00
FreddleSpl0it	95d61e8aa2	Merge pull request #6980 from bluewalk/feat/issue-6489 Configurable displayName(s) - Fixes issue #6489	2026-01-27 08:02:20 +01:00
FreddleSpl0it	ec8dd1a54f	Merge pull request #6990 from psuet/mobileconfig-with-password-complexity fix: Password for mobileconfig that conforms to password-complexity policy	2026-01-27 07:56:35 +01:00
milkmaker	382ee34d0e	[Web] Updated lang.hu-hu.json (#7020 ) Co-authored-by: Sándor <me-github@sandros.hu>	2026-01-26 20:15:47 +01:00
milkmaker	0999c9e9ab	Translations update from Weblate (#7014 ) * [Web] Updated lang.zh-cn.json Co-authored-by: 雨 <luotianyi@luotianyi.me> * [Web] Updated lang.pl-pl.json Co-authored-by: Monika Bark <rychert.monika@wp.pl> Co-authored-by: milkmaker <milkmaker@mailcow.de> --------- Co-authored-by: 雨 <luotianyi@luotianyi.me> Co-authored-by: Monika Bark <rychert.monika@wp.pl>	2026-01-23 22:02:55 +01:00
milkmaker	e727620bd3	Translations update from Weblate (#7002 ) * [Web] Updated lang.zh-cn.json Co-authored-by: ガラスのような夢 <i@msdnicrosoft.work> * [Web] Updated lang.pl-pl.json Co-authored-by: Monika Bark <rychert.monika@wp.pl> --------- Co-authored-by: ガラスのような夢 <i@msdnicrosoft.work> Co-authored-by: Monika Bark <rychert.monika@wp.pl>	2026-01-07 17:23:31 +01:00
Paul Sütterlin	70101d1187	fix: Password for mobileconfig that conforms to password-complexity policy	2026-01-01 16:57:21 +01:00
bluewalk	c060c205d3	Fixes issue #6489	2025-12-21 16:56:16 +01:00
DerLinkman	5ca900749c	autodiscover: use generalized error logging instead of specific to prevent user enumeration	2025-12-18 16:54:45 +01:00
DerLinkman	ec77406dba	Fix autodiscover.php: Use random error IDs and fix SQL type casting - Replace hardcoded error IDs with random values (1-10 billion range) for better debugging - Cast SimpleXMLElement email to string before SQL query to prevent type errors - Qualify ambiguous 'active' column with table names in JOIN query - Add proper error XML response for database errors instead of die() - Ensure all error paths return complete XML documents	2025-12-17 14:27:38 +01:00
DerLinkman	ee15721550	feat: implement passwordless autodiscover endpoint - Remove HTTP Basic Authentication requirement from autodiscover.php - Extract email address from XML request body instead of AUTH headers - Validate mailbox existence and active status before returning config - Improve security by eliminating password transmission - Add comprehensive error handling for invalid/inactive mailboxes - Follow industry standards (Microsoft, Google, Apple) - Maintain backward compatibility with existing email clients - Keep full logging functionality in Redis AUTODISCOVER_LOG This change enhances security while improving user experience and follows modern email client configuration best practices.	2025-12-17 13:39:05 +01:00
Copilot	038b2efb75	Add MTA-STS support for alias domains (#6972 ) * Initial plan * Add MTA-STS support for alias domains Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com> * Improve domain normalization and code style in mta-sts.php Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com> * Add error handling for idn_to_ascii in mta-sts.php Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com> * Add database error handling for alias domain query Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com> * Add ACME certificate support for MTA-STS on alias domains Query alias_domain table to find aliases with MTA-STS enabled target domains and request certificates for mta-sts.<alias-domain> subdomains. Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com> * compose: bump image tag to 1.95 * Add MTA-STS DNS records display for alias domains in UI When viewing an alias domain's DNS diagnostics, check if the target domain has MTA-STS enabled and display the required DNS records for the alias domain. Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com> Co-authored-by: DerLinkman <niklas.meyer@servercow.de>	2025-12-15 16:29:21 +01:00
DerLinkman	1fe4cd03e9	ui: fix global filters ui tickbox reappearing (#6966 )	2025-12-12 16:01:18 +01:00
milkmaker	12e02e67ff	Translations update from Weblate (#6965 ) * [Web] Updated lang.fr-fr.json Co-authored-by: Keo <contact@kbl.netlib.re> * [Web] Updated lang.pt-pt.json Co-authored-by: Germano Pires Ferreira <germanopires@gmail.com> Co-authored-by: milkmaker <milkmaker@mailcow.de> * [Web] Updated lang.pl-pl.json Co-authored-by: Monika Bark <rychert.monika@wp.pl> --------- Co-authored-by: Keo <contact@kbl.netlib.re> Co-authored-by: Germano Pires Ferreira <germanopires@gmail.com> Co-authored-by: Monika Bark <rychert.monika@wp.pl>	2025-12-12 15:21:04 +01:00
Copilot	3ebf2c2d2d	Prevent duplicate/plaintext login announcement rendering (#6963 ) * Initial plan * Fix duplicate login announcement display Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com>	2025-12-12 12:34:20 +01:00
Ashitaka	1ab6af21e3	Merge pull request #6905 from Ashitaka57/6646-pbkdf2-sha512-verify-hash Support for PBKDF2-SHA512 hash algorithm in verify_hash() (FreeIPA compatibility) (issue 6646)	2025-12-10 11:41:06 +01:00
Khurram Malik	f8eed8c786	fix(api): add missing break in CORS switch block causing save to hang (#6926 )	2025-12-09 11:54:20 +01:00
milkmaker	79171ea6f5	[Web] Updated lang.fr-fr.json (#6943 ) Co-authored-by: Neuronnexion <support@nnx.com>	2025-12-05 14:40:45 +01:00
milkmaker	4e3294b273	[Web] Updated lang.fr-fr.json (#6941 ) [Web] Updated lang.fr-fr.json [Web] Updated lang.fr-fr.json Co-authored-by: Neuronnexion <support@nnx.com>	2025-12-03 23:31:37 +01:00
milkmaker	6c106b4e4d	[Web] Updated lang.fr-fr.json (#6936 ) Co-authored-by: Neuronnexion <support@nnx.com>	2025-12-02 16:40:36 +01:00
milkmaker	b873812588	[Web] Updated lang.gr-gr.json (#6930 ) Co-authored-by: ChD Computers <chdcomputers@gmail.com>	2025-11-29 13:20:02 +01:00
milkmaker	514fefd2ed	Translations update from Weblate (#6924 ) * [Web] Updated lang.ca-es.json Co-authored-by: Pere Montpeó <peremontpeo@gmail.com> Co-authored-by: milkmaker <milkmaker@mailcow.de> * [Web] Updated lang.gr-gr.json Co-authored-by: Chris <chrismfz@gmail.com> Co-authored-by: milkmaker <milkmaker@mailcow.de> * [Web] Updated lang.cs-cz.json Co-authored-by: Filip Hajny <filip@hajny.net> * [Web] Updated lang.pl-pl.json [Web] Updated lang.pl-pl.json Co-authored-by: Monika Bark <rychert.monika@wp.pl> Co-authored-by: milkmaker <milkmaker@mailcow.de> --------- Co-authored-by: Pere Montpeó <peremontpeo@gmail.com> Co-authored-by: Chris <chrismfz@gmail.com> Co-authored-by: Filip Hajny <filip@hajny.net> Co-authored-by: Monika Bark <rychert.monika@wp.pl>	2025-11-24 16:50:03 +01:00
milkmaker	9832006141	Translations update from Weblate (#6916 ) * [Web] Updated lang.si-si.json Co-authored-by: Matjaž Tekavec <matjaz@moj-svet.si> * [Web] Updated lang.ru-ru.json Co-authored-by: Habetdin <15926758+Habetdin@users.noreply.github.com> * [Web] Updated lang.pl-pl.json [Web] Updated lang.pl-pl.json [Web] Updated lang.pl-pl.json Co-authored-by: Monika Bark <rychert.monika@wp.pl> Co-authored-by: Peter <magic@kthx.at> Co-authored-by: milkmaker <milkmaker@mailcow.de> --------- Co-authored-by: Matjaž Tekavec <matjaz@moj-svet.si> Co-authored-by: Habetdin <15926758+Habetdin@users.noreply.github.com> Co-authored-by: Monika Bark <rychert.monika@wp.pl> Co-authored-by: Peter <magic@kthx.at>	2025-11-17 23:23:07 +01:00
Josh	0413d26855	Allow making spam aliases permanent (#6888 ) * Allow making spam aliases permanent * added german translation * updated Spamalias Twig + Rename in Spam Alias * compose: update image tags to align to vendor version --------- Co-authored-by: DerLinkman <niklas.meyer@servercow.de>	2025-11-13 16:05:01 +01:00
milkmaker	2e1d98cc7c	[Web] Updated lang.pl-pl.json (#6908 ) [Web] Updated lang.pl-pl.json [Web] Updated lang.pl-pl.json Co-authored-by: Monika Bark <rychert.monika@wp.pl>	2025-11-10 21:06:13 +01:00
milkmaker	07d7e3dc30	[Web] Updated lang.pl-pl.json (#6906 ) [Web] Updated lang.pl-pl.json [Web] Updated lang.pl-pl.json [Web] Updated lang.pl-pl.json [Web] Updated lang.pl-pl.json [Web] Updated lang.pl-pl.json [Web] Updated lang.pl-pl.json [Web] Updated lang.pl-pl.json [Web] Updated lang.pl-pl.json [Web] Updated lang.pl-pl.json [Web] Updated lang.pl-pl.json Co-authored-by: Monika Bark <rychert.monika@wp.pl>	2025-11-09 23:03:00 +01:00
milkmaker	b0f5aee628	[Web] Updated lang.pl-pl.json (#6898 ) Co-authored-by: Monika Bark <rychert.monika@wp.pl>	2025-11-05 17:37:26 +01:00
Josh	9912e41f78	[Web] Correct order of Dansk/Danish in UI (#6887 )	2025-11-03 21:07:20 +01:00
milkmaker	04200c99a4	Translations update from Weblate (#6880 ) * [Web] Updated lang.vi-vn.json Co-authored-by: Nguyễn Thái Dũng <nguyenthaidung.work+mailcow.email@gmail.com> Co-authored-by: milkmaker <milkmaker@mailcow.de> * [Web] Updated lang.nb-no.json Co-authored-by: Runar Ingebrigtsen <runar@rin.no> --------- Co-authored-by: Nguyễn Thái Dũng <nguyenthaidung.work+mailcow.email@gmail.com> Co-authored-by: Runar Ingebrigtsen <runar@rin.no>	2025-10-27 20:00:29 +01:00
Markku Post	95e0608749	[Web] Disable login on autodiscover/autoconfig domains Autodiscover and autoconfig domains (autodiscover., autoconfig.) are intended solely for client autoconfiguration endpoints and should not display the mailcow login page. This change check the hostname and disables unauthenticated users from seeing the login page on those domains; HTTP 404 response is returned when necessary.	2025-10-24 06:03:40 +03:00
milkmaker	fbcb8cbeb9	[Web] Updated lang.vi-vn.json (#6861 ) Co-authored-by: Nguyễn Thái Dũng <nguyenthaidung.work+mailcow.email@gmail.com>	2025-10-21 18:03:22 +02:00
milkmaker	23fb5e2fca	Add Vietnamese language (#6854 ) * [Web] Updated lang.vi-vn.json [Web] Added lang.vi-vn.json Co-authored-by: Nguyễn Thái Dũng <nguyenthaidung.work+mailcow.email@gmail.com> Co-authored-by: Peter <magic@kthx.at> Co-authored-by: milkmaker <milkmaker@mailcow.de> * Add Vietnamese language --------- Co-authored-by: Nguyễn Thái Dũng <nguyenthaidung.work+mailcow.email@gmail.com> Co-authored-by: Peter <magic@kthx.at>	2025-10-20 18:35:00 +02:00
FreddleSpl0it	b85837c803	[Web] Add password verification when setting recovery email	2025-10-13 12:05:17 +02:00
FreddleSpl0it	c17d80a6fd	Merge pull request #6821 from tjmills-dev/feat/show-app-passwd-logins Show app passwords for successful logins on user page	2025-10-13 11:41:39 +02:00

1 2 3 4 5 ...

2865 Commits