4 years ago · c7e17c7fd1
--- a/data/Dockerfiles/olefy/Dockerfile
+++ b/data/Dockerfiles/olefy/Dockerfile
@@ -7,9 +7,10 @@ WORKDIR /app
 
				 RUN apk add --virtual .build-deps gcc python3-dev musl-dev libffi-dev openssl-dev \
			
 
				   && apk add --update --no-cache python3 openssl tzdata libmagic \
			
 
				   && pip3 install --upgrade pip \
			
 
				-  && pip3 install --upgrade oletools asyncio python-magic \
			
 
				-  && apk del .build-deps \
			
 
				-  && sed -i 's/decompress_stream(bytearray(compressed_code))/bytes2str(decompress_stream(bytearray(compressed_code)))/g' /usr/lib/python3.8/site-packages/oletools/olevba.py
			
 
				+  && pip3 install --upgrade asyncio python-magic \
			
 
				+  && pip3 install --upgrade https://github.com/HeinleinSupport/oletools/archive/master.zip \
			
 
				+  && apk del .build-deps
			
 
				+#  && sed -i 's/decompress_stream(bytearray(compressed_code))/bytes2str(decompress_stream(bytearray(compressed_code)))/g' /usr/lib/python3.8/site-packages/oletools/olevba.py
			
 
				 
			
 
				 ADD https://raw.githubusercontent.com/HeinleinSupport/olefy/master/olefy.py /app/
			
 
				 
			
--- a/data/assets/nextcloud/nextcloud.conf
+++ b/data/assets/nextcloud/nextcloud.conf
@@ -12,9 +12,10 @@ server {
 
				 
			
 
				   ssl_certificate /etc/ssl/mail/cert.pem;
			
 
				   ssl_certificate_key /etc/ssl/mail/key.pem;
			
 
				-  ssl_protocols TLSv1.2;
			
 
				-  ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
			
 
				+  ssl_protocols TLSv1.2 TLSv1.3;
			
 
				   ssl_prefer_server_ciphers on;
			
 
				+  ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305;
			
 
				+  ssl_ecdh_curve X25519:X448:secp384r1:secp256k1;
			
 
				   ssl_session_cache shared:SSL:50m;
			
 
				   ssl_session_timeout 1d;
			
 
				   ssl_session_tickets off;
			
--- a/data/conf/rspamd/local.d/multimap.conf
+++ b/data/conf/rspamd/local.d/multimap.conf
@@ -53,8 +53,7 @@ GLOBAL_SMTP_FROM_BL {
 
				   type = "from";
			
 
				   map = "${LOCAL_CONFDIR}/custom/global_smtp_from_blacklist.map";
			
 
				   regexp = true;
			
 
				-  prefilter = true;
			
 
				-  action = "reject";
			
 
				+  score = 2050;
			
 
				 }
			
 
				 
			
 
				 GLOBAL_MIME_FROM_WL {
			
@@ -72,8 +71,7 @@ GLOBAL_MIME_FROM_BL {
 
				   filter = "email:addr";
			
 
				   map = "${LOCAL_CONFDIR}/custom/global_mime_from_blacklist.map";
			
 
				   regexp = true;
			
 
				-  prefilter = true;
			
 
				-  action = "reject";
			
 
				+  score = 2050;
			
 
				 }
			
 
				 
			
 
				 GLOBAL_RCPT_WL {
			
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -498,7 +498,7 @@ services:
 
				             - solr
			
 
				 
			
 
				     olefy-mailcow:
			
 
				-      image: mailcow/olefy:1.4
			
 
				+      image: mailcow/olefy:1.5
			
 
				       restart: always
			
 
				       environment:
			
 
				         - TZ=${TZ}