Zhang Huangbin avatar Zhang Huangbin committed 6d37186

Increase password length to 8 characters in Roundcube password plugin.
Fix typo error in policyd SQL command.
Restrict to access Cluebringer webui from 127.0.0.1 by default.

Comments (0)

Files changed (7)

iRedMail/conf/core

         grep '^#EOF$' ${CONFIG_FILE} >/dev/null
 
         if [ X"$?" == X"0" ]; then
-            echo -e "\tFound."
+            echo -e " [FOUND]"
             ECHO_QUESTION -n "Use it for mail server setting? [y|N]"
             read ANSWER
 

iRedMail/functions/cluebringer.sh

 -- DELETE FROM policy_group_members WHERE Member IN ('@example.com', '@example.org', '10.0.0.0/8');
 
 -- Enable greylisting on all inbound emails by default.
-INSERT INTO `greylisting` (`PolicyID`, `Name`, `UseGreylisting`, `GreylistPeriod`, `Track`, `GreylistAuthValidity`, `GreylistUnAuthValidity`, `UseAutoWhitelist`, `AutoWhitelistPeriod`, `AutoWhitelistCount`, `AutoWhitelistPercentage`, `UseAutoBlacklist`, `AutoBlacklistPeriod`, `AutoBlacklistCount`, `AutoBlacklistPercentage`, `Comment`, `Disabled`) VALUES (1, 'Greylisting Inbound Emails', 1, 240, 'SenderIP:/24', 604800, 86400, 1, 604800, 100, 90, 1, 604800, 100, 20, '', 0);
+INSERT INTO greylisting (PolicyID, Name, UseGreylisting, GreylistPeriod, Track, GreylistAuthValidity, GreylistUnAuthValidity, UseAutoWhitelist, AutoWhitelistPeriod, AutoWhitelistCount, AutoWhitelistPercentage, UseAutoBlacklist, AutoBlacklistPeriod, AutoBlacklistCount, AutoBlacklistPercentage, Comment, Disabled) VALUES (1, 'Greylisting Inbound Emails', 1, 240, 'SenderIP:/24', 604800, 86400, 1, 604800, 100, 90, 1, 604800, 100, 20, '', 0);
 EOF
 
     rm -rf ${tmp_sql} 2>/dev/null
 
     cat > ${CLUEBRINGER_HTTPD_CONF} <<EOF
 ${CONF_MSG}
+#
+# SECURITY WARNING:
+#
+# Since libapache2-mod-auth-mysql doesn't support advance SQL query, both
+# global admins and normal domain admins are able to login to this webui.
+
 # Note: Please refer to ${HTTPD_SSL_CONF} for SSL/TLS setting.
-#Alias /cluebringer ${CLUEBRINGER_HTTPD_ROOT}/
 
 <Directory ${CLUEBRINGER_HTTPD_ROOT}/>
     DirectoryIndex index.php
     Options ExecCGI
     Order allow,deny
-    allow from all
-    #allow from 127.0.0.1
+    allow from 127.0.0.1
+    #allow from all
 
     AuthName "Authorization Required"
 EOF

iRedMail/functions/iredadmin.sh

     perl -pi -e 's#(</VirtualHost>)#Alias /iredadmin/static "$ENV{HTTPD_SERVERROOT}/iredadmin/static/"\n${1}#' ${HTTPD_SSL_CONF}
 
     cat > ${HTTPD_CONF_DIR}/iredadmin.conf <<EOF
-#
-# Note: Uncomment below two lines if you want to make iRedAdmin accessable via HTTP.
-#
-#WSGIScriptAlias /iredadmin ${HTTPD_SERVERROOT}/iredadmin/iredadmin.py/
-#Alias /iredadmin/static ${HTTPD_SERVERROOT}/iredadmin/static/
-
 WSGISocketPrefix /var/run/wsgi
 WSGIDaemonProcess iredadmin user=${IREDADMIN_HTTPD_USER} threads=15
 WSGIProcessGroup ${IREDADMIN_HTTPD_GROUP}

iRedMail/functions/phpldapadmin.sh

     cat > ${HTTPD_CONF_DIR}/phpldapadmin.conf <<EOF
 ${CONF_MSG}
 # Note: Please refer to ${HTTPD_SSL_CONF} for SSL/TLS setting.
-#Alias /phpldapadmin "${PLA_HTTPD_ROOT_SYMBOL_LINK}/"
-#Alias /ldap "${PLA_HTTPD_ROOT_SYMBOL_LINK}/"
 <Directory "${PLA_HTTPD_ROOT_SYMBOL_LINK}/">
     Options -Indexes
 </Directory>

iRedMail/functions/phpmyadmin.sh

     cat > ${HTTPD_CONF_DIR}/phpmyadmin.conf <<EOF
 ${CONF_MSG}
 # Note: Please refer to ${HTTPD_SSL_CONF} for SSL/TLS setting.
-#Alias /phpmyadmin "${PHPMYADMIN_HTTPD_ROOT_SYMBOL_LINK}"
 <Directory "${PHPMYADMIN_HTTPD_ROOT_SYMBOL_LINK}/">
     Options -Indexes
 </Directory>

iRedMail/functions/policy_server.sh

     if [ X"${DISTRO_CODENAME}" != X"oneiric" ]; then
         . ${FUNCTIONS_DIR}/policyd.sh
 
-        ECHO_INFO "Configure Policyd (postfix policy server, version 1.x)."
+        ECHO_INFO "Configure Policyd (postfix policy server, version 1.8)."
         check_status_before_run policyd_user
         check_status_before_run policyd_config
     else

iRedMail/functions/roundcubemail.sh

     cp config.inc.php.dist config.inc.php
 
     perl -pi -e 's#(.*password_confirm_current.*=).*#${1} true;#' config.inc.php
-    perl -pi -e 's#(.*password_minimum_length.*=).*#${1} 6;#' config.inc.php
+    perl -pi -e 's#(.*password_minimum_length.*=).*#${1} 8;#' config.inc.php
     perl -pi -e 's#(.*password_require_nonalpha.*=).*#${1} false;#' config.inc.php
 
     if [ X"${BACKEND}" == X"MySQL" ]; then
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.