Commit message (Collapse) | Author | Age | Files | |
---|---|---|---|---|
* | Allow outgoing HKP and WHOIS traffic on the LDAP provider. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | Allow outgoing SSH traffic. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | Add wildcard Pin version in apt preferences. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | Don't instal smartd on KVM guests. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | Upgrade the common package list. | Guilhem Moulin | 2015-06-07 | 2 |
| | ||||
* | Add a 'root' alias to root@fripost.org. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | Upgrade samhain config to Jessie. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | Upgrade custom logcheck-database to Jessie. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | Fix tab damage. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | Upgrade rkhunter config to Jessie. | Guilhem Moulin | 2015-06-07 | 2 |
| | ||||
* | Upgrade amavis config to Jessie. | Guilhem Moulin | 2015-06-07 | 4 |
| | ||||
* | Upgrade Postfix config to Jessie (MSA & outgoing proxy). | Guilhem Moulin | 2015-06-07 | 3 |
| | ||||
* | Upgrade Dovecot config to Jessie. | Guilhem Moulin | 2015-06-07 | 13 |
| | ||||
* | Configure the list manager (Sympa). | Guilhem Moulin | 2015-06-07 | 25 |
| | ||||
* | Upgrade the LDAP config to Jessie. | Guilhem Moulin | 2015-06-07 | 5 |
| | ||||
* | More logcheck-database tweaks. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | Enable the use of git:// clients. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | Disable rsyslog's rate-limiting. | Guilhem Moulin | 2015-06-07 | 1 |
| | | | | The default for rsyslog v7, but not for rsyslog v5. | |||
* | More logcheck-database tweaks. | Guilhem Moulin | 2015-06-07 | 3 |
| | ||||
* | Don't make Roundcube add a 'X-Sender' header with the sender's identity. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | typo | Guilhem Moulin | 2015-06-07 | 3 |
| | ||||
* | Roundcube's 'password' plugin. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | More logcheck-database tweaks. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | Key usage 'keyCertSign' is required for self-signed certificates. | Guilhem Moulin | 2015-06-07 | 2 |
| | ||||
* | Add a keyring and alternative contact to the LDAP DIT. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | More logcheck-database tweaks. | Guilhem Moulin | 2015-06-07 | 3 |
| | ||||
* | wibble | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | More logcheck-database tweaks. | Guilhem Moulin | 2015-06-07 | 3 |
| | ||||
* | Remove reject_unknown_sender_domain from the MDA and outgoing SMTP. | Guilhem Moulin | 2015-06-07 | 2 |
| | | | | | | | | | | We already removed it from the MX:es (see 32e605d4); we need to remove it from the MDA and outgoing SMTP as well, otherwise mails could bounce or get stuck in the middle (the're rejected with 450: deferred by default). However we can keep the restriction on the entry points (MSA and webmail). | |||
* | More logcheck-database tweaks. | Guilhem Moulin | 2015-06-07 | 2 |
| | ||||
* | Amavis is logging to syslog with severity 'notice'. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | typo | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | Don't install intel-microcode on Xen guests. | Guilhem Moulin | 2015-06-07 | 3 |
| | | | | It should be installed on the dom0 instead. | |||
* | Don't install smartd on Xen guests. | Guilhem Moulin | 2015-06-07 | 2 |
| | | | | S.M.A.R.T makes little sense for virtual HDDs. | |||
* | Don't merge amavis' logs into /var/log/syslog. | Guilhem Moulin | 2015-06-07 | 1 |
| | | | | | As they contain user information, we keep it in /var/log/mail.log only. These logs are kept for 3 days "only", as per our policy. | |||
* | Install auditd. | Guilhem Moulin | 2015-06-07 | 3 |
| | ||||
* | Split templates / files in lookup tables. | Guilhem Moulin | 2015-06-07 | 8 |
| | ||||
* | More logcheck-database tweaks. | Guilhem Moulin | 2015-06-07 | 2 |
| | ||||
* | wibble | Guilhem Moulin | 2015-06-07 | 2 |
| | ||||
* | Replace Postgrey with postscreen. | Guilhem Moulin | 2015-06-07 | 12 |
| | | | | | | | | | | | See http://www.postfix.org/POSTSCREEN_README.html and http://rob0.nodns4.us/postscreen.html It's infortunate that smtpd(8) cannot be chrooted any longer, which means that we have to un-chroot cleanup(8) as well. Indeed, currently smtpd(8) uses $virtual_alias_maps for recipient validation; later cleanup(8) uses it again for rewriting. So these processes need to be both chrooted, or both not. | |||
* | Verify the validity of users before that of aliases. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | wibble | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | Fix NTP configuration. | Guilhem Moulin | 2015-06-07 | 3 |
| | | | | We've yet to get authenticated time, though. | |||
* | More logcheck-database tweaks. | Guilhem Moulin | 2015-06-07 | 2 |
| | ||||
* | Add an index on the 'fripostCanAddDomain' LDAP attribute. | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | More logcheck-database tweaks. | Guilhem Moulin | 2015-06-07 | 3 |
| | ||||
* | Remove reject_unknown_sender_domain from the MX. | Guilhem Moulin | 2015-06-07 | 1 |
| | | | | | There are false-positive with that, for instead due to SOA records pointing to non-existing subdomains. | |||
* | wibble | Guilhem Moulin | 2015-06-07 | 1 |
| | ||||
* | Hash certs using a lookup in the template instead of add a new task. | Guilhem Moulin | 2015-06-07 | 4 |
| | ||||
* | Ensure have a TLS policy for each of our host we want to relay to. | Guilhem Moulin | 2015-06-07 | 2 |
| |