add better mail security

2026-01-19 08:57:23 +01:00 · 2026-01-19 08:57:23 +01:00 · f670bec1b1
commit f670bec1b1
parent a7585e1bc9
63 changed files with 2569 additions and 491 deletions
--- a/mailcow/data/web/lang/lang.en-gb.json
+++ b/mailcow/data/web/lang/lang.en-gb.json
@ -134,6 +134,7 @@
        "admin_domains": "Domain assignments",
        "admins": "Administrators",
        "admins_ldap": "LDAP Administrators",
+        "admin_quicklink": "Hide Quicklink to Admin Login Page",
        "advanced_settings": "Advanced settings",
        "allowed_methods": "Access-Control-Allow-Methods",
        "allowed_origins": "Access-Control-Allow-Origin",
@ -161,6 +162,7 @@
        "credentials_transport_warning": "<b>Warning</b>: Adding a new transport map entry will update the credentials for all entries with a matching next hop column.",
        "customer_id": "Customer ID",
        "customize": "Customize",
+        "login_page": "Login Page",
        "destination": "Destination",
        "dkim_add_key": "Add ARC/DKIM key",
        "dkim_domains_selector": "Selector",
@ -179,6 +181,7 @@
        "domain": "Domain",
        "domain_admin": "Domain administrator",
        "domain_admins": "Domain administrators",
+        "domainadmin_quicklink": "Hide Quicklink to Domainadmin Login Page",
        "domain_s": "Domain/s",
        "duplicate": "Duplicate",
        "duplicate_dkim": "Duplicate DKIM record",
@ -202,6 +205,8 @@
        "f2b_whitelist": "Whitelisted networks/hosts",
        "filter": "Filter",
        "filter_table": "Filter table",
+        "force_sso_text": "If an external OIDC provider is configured, this option hides the default mailcow login forms and only shows the Single Sign-On button",
+        "force_sso": "Disable mailcow Login and show only Single Sign-On",
        "forwarding_hosts": "Forwarding Hosts",
        "forwarding_hosts_add_hint": "You can either specify IPv4/IPv6 addresses, networks in CIDR notation, host names (which will be resolved to IP addresses), or domain names (which will be resolved to IP addresses by querying SPF records or, in their absence, MX records).",
        "forwarding_hosts_hint": "Incoming messages are unconditionally accepted from any hosts listed here. These hosts are then not checked against DNSBLs or subjected to greylisting. Spam received from them is never rejected, but optionally it can be filed into the Junk folder. The most common use for this is to specify mail servers on which you have set up a rule that forwards incoming emails to your mailcow server.",
@ -229,6 +234,7 @@
        "iam_host": "Host",
        "iam_host_info": "Enter one or more LDAP hosts, separated by commas.",
        "iam_import_users": "Import Users",
+        "iam_login_provisioning": "Auto-create users on login",
        "iam_mapping": "Attribute Mapping",
        "iam_bindpass": "Bind Password",
        "iam_periodic_full_sync": "Periodic Full Sync",
@ -317,6 +323,7 @@
        "quarantine_release_format_att": "As attachment",
        "quarantine_release_format_raw": "Unmodified original",
        "quarantine_retention_size": "Retentions per mailbox:<br><small>0 indicates <b>inactive</b>.</small>",
+        "quicklink_text": "Show or hide quick links to other login pages under the login form",
        "quota_notification_html": "Notification email template:<br><small>Leave empty to restore default template.</small>",
        "quota_notification_sender": "Notification email sender",
        "quota_notification_subject": "Notification email subject",
@ -398,6 +405,7 @@
        "upload": "Upload",
        "username": "Username",
        "user_link": "User-Link",
+        "user_quicklink": "Hide Quicklink to User Login Page",
        "validate_license_now": "Validate GUID against license server",
        "verify": "Verify",
        "yes": "&#10003;"
@ -809,6 +817,10 @@
        "forgot_password": "> Forgot Password?",
        "invalid_pass_reset_token": "The reset password token is invalid or has expired.<br>Please request a new password reset link.",
        "login": "Login",
+        "login_linkstext": "Not the correct login?",
+        "login_usertext": "Log in as user",
+        "login_domainadmintext": "Log in as domain admin",
+        "login_admintext": "Log in as admin",
        "login_user": "User Login",
        "login_dadmin": "Domain-Administrator Login",
        "login_admin": "Administrator Login",
@ -1105,6 +1117,7 @@
        "bcc_edited": "BCC map entry %s edited",
        "bcc_saved": "BCC map entry saved",
        "cors_headers_edited": "CORS settings have been saved",
+        "custom_login_modified": "Login customisation was saved successfully",
        "db_init_complete": "Database initialization completed",
        "delete_filter": "Deleted filters ID %s",
        "delete_filters": "Deleted filters: %s",