Cloudron Forum

The bug is fixed now! But I still don't get the per-app overview. When I choose all apps and services, I still see the tops only. So, doable, sure, but maybe someone else wants this feature as well, so we can leave this open.

Hello @fanvyr @fanvyr said in Error accessing Dashboard after update from 8.x to 9.x? Read this: Originally didn't want to publish it Please continue reporting if you find something that is off. Each report helps us improve and has great value.

@d19dotca said in Sharing custom SpamAssassin Rules: @imc67 said in Sharing custom SpamAssassin Rules: @msbt said in Sharing custom SpamAssassin Rules: Thanks a bunch for the list @d19dotca! Quick question about the rest of the setup though: Do you still have entries in the Email ACL DNSBL Zones or is that empty because everything is handled in the custom rules? Like those: zen.spamhaus.org bl.mailspike.net noptr.spamrats.com dnsbl.sorbs.net Or is that empty on your side? I think this is still a relevant question, @d19dotca your spam-rules are amazing, however you are "calling" ACL DSNBL's that are not default in a Cloudron install (https://docs.cloudron.io/email/#dnsbl) so I guess that they are not working until you add them? I asked ChatGPT to analyse your latest rules and it advised to add the below ones to the DNSLBL Zones ACL (https://my.domain.com/#/email-settings). Is that in your opinion correct to make them all work? zen.spamhaus.org bl.mailspike.net noptr.spamrats.com all.spamrats.com backscatter.spameatingmonkey.net bl.spameatingmonkey.net netbl.spameatingmonkey.net So just to clarify… if you add those to the DNSBL list in Cloudron mail settings, it will completely reject mail that has a hit on any of those services. That mail setting in Cloudron is used by Dovecot/Haraka, not SpamAssassin. The reason you don’t want all those DNSBLs there is because not all of them are super accurate (some are too aggressive), which is why they’re in the SpamAssassin rules instead. Basically the DNSBL list for Cloudron should only be if you want anything that has a hit to be outright rejected and never arrive in your mailbox (not even the junk folder). I prefer to keep that to just Abusix and SpamHaus myself because they have proven to be very accurate in the sense that they return no false positives, so they’re “safe” in rejecting only the most obvious of spam. Then everything else that passes through that part will simply be scanned by SpamAssassin against the other DNSBLs in the custom rules and are therefore not rejected but just categorized as either spam or ham. It’s safer that way. But also totally up to you. If you trust the other DNSBLs, then certainly feel free to add them to the Cloudron DNSBL list, but just know that doing so will most likely result in rejected/dropped messages that you’ll never know about until you look at the mail sever logs. Ultimately… the DNSBLs in the custom SpamAssassin rule set doesn’t really have anything to do with the DNSBL setting used in Cloudron, as they are different levels of filtering and unrelated to each other. Hopefully that makes sense. I’m just waking up while writing this so let me know if I can clarify further as I may not be explaining myself perfectly, lol. WOW thank you very very much for this extraordinary clarification! I expected a necessary connection between the two but it isn’t. Thanks for your great work and explanation!

@fanvyr it's intentional to ship the source code. We want users to have a copy of not just the build but also the source code and the build tools. If one knows how, they can trivially change the source files and build dist. Personally, I would love to see this in all the stuff I use I like this kind of freedom, to be able to inspect, change and learn. (And also, many of our service providers, simply maintain patches which they apply on top of the release and rebuild. So, it's much easier for them).

How about we simply get a list of hardened items and apply the ones that make sense for Cloudron?

I've been following the instructions in threads cited below, and it looks like notify_push is up and running configure nginx https://forum.cloudron.io/post/48343 run notify_push via script https://forum.cloudron.io/post/48298

Thanks for reporting. Fixed in https://git.cloudron.io/platform/box/-/commit/5107cd28c4a0b8b362e9ee5da7151a9271db9fa3 . It won't collapse anymore and you can select it. The link to http://www.barracudanetworks.com/reputation/?pr=1&ip= ... itself is broken, gets forwarded to https://www.barracuda.com/ which results in a 404. Working link is https://www.barracudacentral.org/lookups but I didn't manage to add the IP as parameter This is actually the raw TXT record that is in their DNS. It would not be safe to render it as a link, since it is random external data. But also their DNS simply has raw links like above which are i guess broken. For example: # host -t TXT 70.188.231.171.b.barracudacentral.org 127.0.0.150 Using domain server: Name: 127.0.0.150 Address: 127.0.0.150#53 Aliases: 70.188.231.171.b.barracudacentral.org descriptive text "http://www.barracudanetworks.com/reputation/?pr=1&ip=171.231.188.70"

added support for both of these to https://aidevops.sh, so you don’t have to think about it, all woven in to use when relevant

@firmansi https://git.cloudron.io/packages/n8n-app/-/merge_requests/126 . The tests are being fixed. Should be ready in the coming days.

Guess it will have MFA when we get OIDC working with Cloudron as well.

@brambuijs said in Cannot restore backup Nextcloud: Tried commenting it out but there where many files missing especially from spreed Are the files missing in the backup itself? i.e check for the files in your backup provider. Wondering if this is some problem in the backup or restore (or maybe both) . If you can write to support@cloudron.io referencing this thread, I can take a look to see where the problem is. Thanks!

Thanks for reporting! This was an oversight and is now fixed for next release https://git.cloudron.io/platform/box/-/commit/a2dd45fd69d3174b1cbac15c70bd075105dc07a1