When editing an alias, the select list is not prefilled with the alias destination.

The exact error message when starting Dovecot from the latest build:

doveconf: Error: Couldn't load plugin /usr/lib/dovecot/settings/libmanagesieve_login_settings.so: Module is for different ABI version 2.2.ABIv22(2.2.22) (we have 2.2.ABIv20(2.2.20))
doveconf: Error: Couldn't load plugin /usr/lib/dovecot/settings/libmanagesieve_settings.so: Module is for different ABI version 2.2.ABIv22(2.2.22) (we have 2.2.ABIv20(2.2.20))
doveconf: Error: Couldn't load plugin /usr/lib/dovecot/settings/libpigeonhole_settings.so: Module is for different ABI version 2.2.ABIv22(2.2.22) (we have 2.2.ABIv20(2.2.20))
doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: protocols: Unknown protocol: sieve

It seems that the APK shipped is not compatible anymore and should be rebuilt.

When creating admins and managers, the current version uses a tag list, which is fine but misleading.

Using drop-down lists, with autocompletion if required, is a lot mor appropriate.

Hi,

I got Freeposte up and running but the antivirus docker has this error's:

LibClamAV Warning: Cannot dlopen libclamunrar_iface: file not found - unrar support unavailable
LibClamAV Error: cli_loaddbdir(): No supported database files found in /data
ERROR: Can't open file or directory

How I can solve this ?

Regards,

User settings mostly consist of spam filtering settings : enabling spam filtering and setting the sensitivity.

These are currently not taken into account as they should be. This will be implemented as pigeonhole extdata attributes and sieve logic.

Two APKs are still being shipped as is in binary:

• dovecot-plugin-antispam (because Alpine's build system did not rebuild and bump the API version)
• dovecot-plugin-extdata (there is a proposed patched to include it into Alpine: https://patchwork.alpinelinux.org/patch/1976/)

In addition to being ugly, these cause a lot of headaches when Dovecot ABI version is incremented.

We should:

• suggest a way for Alpine to make sure the plugins properly when Dovecot is upgraded,
• make sure that the Extdata plugin gets included at least in testing.

The Dovecot Antispam (http://wiki2.dovecot.org/Plugins/Antispam) plugin should be enabled and configured for Amavis to update its database based on user feedback.

In it's current state the postfix config fails with the message:
postfix/master[28]: fatal: relayhost parameter setting must not contain multiple values: {{ RELAYHOST }}

After running docker-compose up -d, I just executed a manage.py to create an administrator account and I found it always unexpectedly shows up warnings (as of below). I am able to successfully logged in. However, I could not access the Manage Domains page in admin console.

# docker exec -it freeposte_admin_1 python manage.py admin admin example.net admin

/usr/local/lib/python3.5/site-packages/sqlalchemy/ext/declarative/api.py:173: SAWarning: Unmanaged access of declarative attribute domain_name from non-mapped class Email
  (desc.fget.__name__, cls.__name__))
/usr/local/lib/python3.5/site-packages/sqlalchemy/ext/declarative/api.py:173: SAWarning: Unmanaged access of declarative attribute email from non-mapped class Email
  (desc.fget.__name__, cls.__name__))

After a while investigation, I found that there is an error upgrading from initial database schema.

sqlalchemy.exc.OperationalError: (sqlite3.OperationalError) Cannot add a NOT NULL column with default value NULL [SQL: 'ALTER TABLE alias ADD COLUMN wildcard BOOLEAN NOT NULL']

Hope that might contribute to this project.

First, great job with this project!

I configured SES in the postfix container. Then, in my freeposte.db I see with SQLite that I have forward_enabled = 1 and forward_destination filled with my gmail account, but not working. When I send an email, it not forwarded... can you help me?

Many Docker admins are used to running latest on production and simply updating whenever a new image is available (even using Watchtower).

Because we often commit to master which then builds to latest, this leads to many updates, sometimes unstable (which is of course undesireble, especially for something as critical as email). It would be nice to have a separate unstable or testing Docker tag, either built from the master Git branch or a separate unstable Git branch.

I am not used to this kind of workflow and will look at how large projects handle the matter. Any feedback or opinion is welcome, I would like to switch to a proper workflow before release 1.2.

My default preferences (mostly because I do not know any other workflow, so please argue with me!):

• Git master branch for daily commits
• Per-major version Git branch for backported fixes
• Per feature or bugfix Git branch or pull requests for new features or bugfixes

I am also wondering what would be the best workflow to manage backported fixes and features, provided that they are not always on separate branches (some quick fixes are committed directly to master).

I believe Freeposte.io should have an automated testset for future upgrades. The kind of tests that we could easily script:

• sending messages to a user (SMTP + IMAP) ;
• sending messages to various kinds of aliases ;
• sending messages to a user with forward enabled ;
• sending messages to a user with auto-reply enabled ;
• sending obvious spam messages ;
• sending messages with a malicious attachment ;
• checking the SSL configuration ;
• connecting as various users through IMAP ;
• creating personal sieve scripts ;
• checking DKIM signatures.

More complex tests that will probably require some framework:

• using the Web admin interface ;
• checking the results of actions against the admin interface ;
• using the Webmail ;
• checking the results of actions against the Webmail.

Currently no authentication is implemented. Multiple issues will have to be tackled:

• complete permission scheme or simple admin role plus admins per domain?
• how to store user passwords (shared format between Flask-admin and dovecot)?
• how should the initial use be created?

Access control has become a mess in the pas months and would need some proper design, definitions and refactoring. It is still readble for now but will probably become a burden in the near future if the issue is not addressed soon.

I strongly dislike the security measures/ practices which are implemented. In a default Email Server setup, the admin interface is reachable from the web, which wasn't audited for security and is prone to bugs.

Admittedly, I am a proponent of security over usability when it comes to servers. Although freeposte is supposed to be a all-inclusive and easy-setup emailserver stack, The default setup should enforce stronger security requirements:

1. The admin interface should not be exposed to the web at all; Instead, it should bind to the localhost and be accessed by forwarding the server port to the client machine over SSH (changes/setup do not occur frequently). This ensures an encrypted channel and prevents any exploitability in the web interface.
2. Roundcube should be disabled by default. Any Webinterface introduces security risks, especially if there are no auto-updates and clients should prefer to connect using IMAPS.
3. Enforcing usage of certificates. Obtaining the necessary certificates using e.g. certbot is free and easy, and should be integrated in the default setup process. For now, disabling any unencrypted protocol by default is a best practice measure to ensure users know what they're doing.

Many assets are still loaded from remote hosts, mostly due to Flask-Bootstrap and AdminLTE.

Additionally, using BOOTSTRAP_SERVE_LOCAL = True fails when loading jQuery or Bootstrap stylesheets.

I get the following error when deleting a global admin:

admin_1     | Traceback (most recent call last):
admin_1     |   File "/usr/local/lib/python3.5/site-packages/gunicorn/workers/sync.py", line 135, in handle
admin_1     |     self.handle_request(listener, req, client, addr)
admin_1     |   File "/usr/local/lib/python3.5/site-packages/gunicorn/workers/sync.py", line 176, in handle_request
admin_1     |     respiter = self.wsgi(environ, resp.start_response)
admin_1     |   File "/usr/local/lib/python3.5/site-packages/flask/app.py", line 2000, in __call__
admin_1     |     return self.wsgi_app(environ, start_response)
admin_1     |   File "/usr/local/lib/python3.5/site-packages/flask/app.py", line 1991, in wsgi_app
admin_1     |     response = self.make_response(self.handle_exception(e))
admin_1     |   File "/usr/local/lib/python3.5/site-packages/flask/app.py", line 1567, in handle_exception
admin_1     |     reraise(exc_type, exc_value, tb)
admin_1     |   File "/usr/local/lib/python3.5/site-packages/flask/_compat.py", line 33, in reraise
admin_1     |     raise value
admin_1     |   File "/usr/local/lib/python3.5/site-packages/flask/app.py", line 1988, in wsgi_app
admin_1     |     response = self.full_dispatch_request()
admin_1     |   File "/usr/local/lib/python3.5/site-packages/flask/app.py", line 1641, in full_dispatch_request
admin_1     |     rv = self.handle_user_exception(e)
admin_1     |   File "/usr/local/lib/python3.5/site-packages/flask/app.py", line 1544, in handle_user_exception
admin_1     |     reraise(exc_type, exc_value, tb)
admin_1     |   File "/usr/local/lib/python3.5/site-packages/flask/_compat.py", line 33, in reraise
admin_1     |     raise value
admin_1     |   File "/usr/local/lib/python3.5/site-packages/flask/app.py", line 1639, in full_dispatch_request
admin_1     |     rv = self.dispatch_request()
admin_1     |   File "/usr/local/lib/python3.5/site-packages/flask/app.py", line 1625, in dispatch_request
admin_1     |     return self.view_functions[rule.endpoint](**req.view_args)
admin_1     |   File "/app/freeposte/admin/utils.py", line 18, in wrapper
admin_1     |     "confirm.html", action=action.format(*args, **kwargs),
admin_1     | KeyError: 'admin '

Provide a way to auto-generate and renew the TLS certificate if none is provided or if it is expired.

I am wondering if freeposte.io can create and manage mailing lists ?

If it's not possible yet, I may help to develop this feature :)

Gives admins the ability to make a public announcement to all server users, in the form of an e-mail.

When the configured auto-reply body is a multiline string, the resulting reply email has an empty body.

First, thank's for your great work.
I want to find an open alternative of poste.io and I found your project.

But I've a problem with the imap container (Dovecot):

Aug 02 19:52:32 imap(*******@******): Error: Couldn't load required plugin /usr/lib/dovecot/lib90_antispam_plugin.so: Module is for different ABI version 2.2.ABIv24(2.2.24) (we have 2.2.ABIv25(2.2.25))
Aug 02 19:52:32 imap(*******@******): Error: Internal error occurred. Refer to server log for more information.

So, I've this message every time I try to access to Roundcube (and I've got this message with Roundcube: Connection to storage server failed.)

How could I repair that ?

Best regards,

I am currently setting up a demo/tests server with public access. Any suggestions on how-to manage the machine?

My main questions for now:

• how often should I reset the data?
• how should I reset the data (some imutable filesystem?)
• where should I publish the public accounts if any?
• how could I prevent repeated vandalism?

I am thinking about including Watchtower in docker-compose.yml in order to send notifications to the administrator address about new available images.

A configuration variable could also be set to enable automatic updates for users who know what they are doing.

First of all - great job on this project. I've actually been looking for months for a future proof alternative to a simple mail solution and all the stock solutions like Axigen and Zimbra are terrible overkill for my use case. Poste.io showed up on my radar and I really like what it's doing, but it's too obviously developed closed source by a single developer to rely on it with a business regrettably, besides $349 being terribly overpriced for a beta product. It's also fundamentally flawed in trying to put all services into one big container instead of deploying scalable microservices. Your project has great potential and I think with some proper exposure it could really gain traction as a de facto Dockerized mail stack.

I do however also think the current approach is too monolithic. I have no Python developers in my company, and that blocks us from customizing and extending the admin, while I would love to help there. It would be great if, instead of an admin, you would expose a REST API instead so anyone can write their own admin instead. Same kinda goes for Roundcube, I don't think it belongs in the mail stack itself (I'd prefer Rainloop myself which is also FOSS if unbranded). It would be good to separate webmail and the current admin to optional 'extension' packages.

An added advantage would be that it would become pretty trivial to add a CLI interface for the hardcore sysadmins as well in another container.

When building from the latest alpine image, the imap container fails during startup with:

Fatal: service(auth-worker) Group doesn't exist: dovecot (See service auth-worker { unix_listener /run/dovecot/auth-worker { group } } setting)

We should upgrade Roundcube and test with version 1.2.1.

How to create a catchall alias from the admin interface? '*' doesn't work, and neither does an empty string. Is this even a feature here? If not, why, and if it is, how do I set it up?

Mostly when updating a user object, we are experiencing some very bad SQLite locking issues since around commit ccb37ad.

I have little experience with SQLite locks from SQLAlchemy, will dig into it before releasing 1.0.

Daemons embedded in Freeposte have many configuration options, most of which are not tunable through the usual Freeposte interface. It would be interesting to be able to tune them using specific freeposte.env entries or configuration files.

Hi, I would like to forward to many destinations, but I don't see that option in the administration interface, when I fill the box with various email addresses (separated by spaces or commas), not working for me.

For another hand, I think that there are a bug in edit alias page, because when I try to add many email addresses and I save the configuration with Create button, when I check the aliases again, only one appear.

This can be solved (workaround) with the new config override feature (#29, #31), changing virtual_alias_maps parameter of main.cf with a table map file:

/freeposte/overrides/postfix.cf

virtual_alias_maps = hash:/etc/postfix/virtual_alias.map

/freeposte/overrides/virtual_alias.map

[email protected] [email protected], [email protected], [email protected], [email protected]

Messages categorized as Junk by rspamd are not marked as read when moved to the Junk folder.

Most configuration is currently harcoded, which is ok because fine tuning should only be available to advanced users (who can easily mount a configuration file to override some settings).

However, some mandatory settings should be exported as environment variables and documented :

• mail server name
• mail server hostname
• postmaster
• security keys

So this might be a problem just for myself, but I perform hourly backups of containers.

The filter directory has clamav dumping .tmp files within this folder. This causes a huge amount of wasted space on these files that aren't really needed for the operation of the container or rebooting a container. I'm not sure currently since I've not tested if configuring clamav to use /tmp for this will place them there or within /var/lib/rspamd

Files are similar to:
$PATH/filter/clamav-bbcb0575bd5d03b21ebe06ea847906a8.tmp
$PATH/filter/clamav-a6d3a1c3f188f8761b7fe6dd4dee5e9c.tmp
[...]

In the fetchmail configuration, entries seem duplicated.

In docker for postfix apk add postfix-pcre

In the following conf /etc/postfix/master.cf for submission add:
-o cleanup_service_name=authclean
authclean unix n - n - 0 cleanup
-o header_checks=pcre:/etc/postfix/outgoing_mail_header_filters

Add /etc/postfix/outgoing_mail_header_filters for postmap using something similar to:
https://raw.githubusercontent.com/mail-in-a-box/mailinabox/master/conf/postfix_outgoing_mail_header_filters

While logged in as a user with a long email address, the sidebar subtitle breaks the layout because the email address overflows.

When deleting a domain with users and/or aliaes, instead of cascade deletion, the domain i removed and not-null contraints are violated:

sqlalchemy.exc.IntegrityError: (sqlite3.IntegrityError) NOT NULL constraint failed: user.domain_name [SQL: 'UPDATE user SET updated_at=?, domain_name=? WHERE user.email = ?'] [parameters: ('2016-07-31', None, '[email protected]')]

There are two possible fixes:

• refusing to delete a domain with users or aliases (which would make sense for safety)
• force cascade deletion (unsafe but straightforward)

Rmilter now filters all incoming and outgoing mail. It should be able to apply DKIM signatures.

Most administrative actions use simple requests with no CSRF check. Those should be added to prevent some attack schemes.

The fetchmail configuration file is currently displayed in logs, including passwords. This should not happen.

Fetchmail errors are currently only logged to Docker and never displayed to the end user. Authentication failures for instance might go unnoticed.

As suggested by @XYUnknown in #40, the TLS configuration should be upgraded.

Some great and consistent documentation: https://bettercrypto.org/static/applied-crypto-hardening.pdf

Some users will prefer to send outgoing emails through a relay host, because of networking constraints or reputation issues.

A global configuration option should be added that offers to send outgoing emails through a relay host.

Default fetchmail configuration does not enforce certificate checks when using TLS.

fetchmail: Server certificate verification error: unable to get local issuer certificate
fetchmail: Broken certification chain at: /C=US/O=Equifax/OU=Equifax Secure Certificate Authority
fetchmail: This could mean that the server did not provide the intermediate CA's certificate(s), which is nothing fetchmail could do anything about.  For details, please see the README.SSL-SERVER document that ships with fetchmail.
fetchmail: This could mean that the root CA's signing certificate is not in the trusted CA certificate location, or that c_rehash needs to be run on the certificate directory. For details, please see the documentation of --sslcertpath and --sslcertfile in the manual page.
fetchmail: Warning: the connection is insecure, continuing anyways. (Better use --sslcertck!)

Some of the containers currently fail to shutdown gracefully when docker stop is executed. The way signals are handled is probably not forwarding the termination signal.

We should include a database migration system before the next schema update.

When the SQLite database changes, for instance when a new row is inserted for a domain, postfix does not seem to reload the contents and keeps on failing with Relay access denied.

Same goes when a domain is deleted, postfix accepts the incoming email, then tries to relay it because the domain is not actually referenced in the database (it seems like smtp is not aware of the change while qmgr is somehow).

Other services relying on SQLite are just fine (dovecot).