go/mailpit
1
0
Fork 0
mirror of https://github.com/axllent/mailpit.git synced 2026-06-09 22:04:39 +02:00
Code Issues Releases Activity
1,848 Commits 2 Branches 189 Tags
develop
Commit Graph

1848 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ralph Slooten a68499fa4e Don't print allowed CORS origins when there are none (empty) 2026-05-28 22:07:29 +12:00
Ralph Slooten 5c03d89109 Merge tag 'v1.30.1' into develop 
Release v1.30.1
 2026-05-28 22:00:36 +12:00
Ralph Slooten 16a8f9632c Merge branch 'release/v1.30.1' v1.30.1 2026-05-28 22:00:31 +12:00
Ralph Slooten 84821d13f9 Release v1.30.1 2026-05-28 22:00:30 +12:00
Ralph Slooten ed26e0a879 Chore: Update caniemail test database 2026-05-28 21:58:51 +12:00
Ralph Slooten 7ddf44822e Chore: Update node dependencies 2026-05-28 21:58:28 +12:00
Ralph Slooten baf06b0499 Chore: Update Go dependencies 2026-05-28 21:55:04 +12:00
Ralph Slooten 2ce675cc10 Security: Disable GitHub Actions credential persistence for checkout steps 2026-05-28 21:41:18 +12:00
Ralph Slooten c1c98442df Security: Do not use npm cache to prevent cache poisoning 2026-05-28 21:36:01 +12:00
Ralph Slooten 3fb1b5e59c Chore: Update Github Action workflows 2026-05-28 21:28:47 +12:00
Ralph Slooten 83a183157d Security: Pin Github Actions workflow versions using full commit SHA 2026-05-28 19:55:08 +12:00
Ralph Slooten 5754c821d3 Security: Extend request body size cap to all JSON API endpoints (GHSA-28pq-6qxg-wg5r) 
The fix for GHSA-fpxj-m5q8-fphw only capped POST /api/v1/send.
Four sibling endpoints (SetReadStatus, DeleteMessages, SetMessageTags,
ReleaseMessage) decoded json.NewDecoder(r.Body) with no size limit,
allowing an unauthenticated attacker to drive unbounded memory growth
via a large IDs array.

Apply a 5 MB cap in middleWareFunc so all current and future API
handlers inherit it automatically. POST /api/v1/send is exempt via a
bodyLimitKey context value set in sendAPIAuthMiddleware, preserving
its existing config.MaxMessageSize (default 50 MB) limit.

Also fix TestAPIv1SendMaxMessageSize, which was broken by a Go 1.26
change: json.Decoder now wraps reader errors in *json.SyntaxError
rather than returning *http.MaxBytesError directly, causing the
errors.As check to miss it and return 400 instead of 413. Reading
the body with io.ReadAll before decoding surfaces the raw error,
restoring correct 413 behaviour on Go 1.25 and 1.26.
 2026-05-28 19:41:32 +12:00
Ralph Slooten fdf3cde030 Explicitly ignore errors on search text extraction 2026-05-26 16:47:55 +12:00
Ralph Slooten 24f898ac67 Chore: Change log level to Info for database vacuuming message (#688) 2026-05-26 16:46:42 +12:00
Ralph Slooten 93d2222d62 Chore: Enhance schema application logging (#688) 2026-05-24 11:40:39 +12:00
Ralph Slooten 67a7ca83ff Update comments for clarity 
Resolves #687
 2026-05-20 18:01:11 +12:00
Olle Jonsson 4e150d81e4 Fix the Build & release badge (#685) 2026-05-18 20:26:54 +12:00
Ralph Slooten 2cc5168e97 Merge tag 'v1.30.0' into develop 
Release v1.30.0
 2026-05-14 16:59:31 +12:00
Ralph Slooten af8756a32c Merge branch 'release/v1.30.0' v1.30.0 2026-05-14 16:59:29 +12:00
Ralph Slooten a9058f40db Release v1.30.0 2026-05-14 16:59:29 +12:00
Ralph Slooten 3b65ee936a Chore: Update caniemail test database 2026-05-14 16:40:11 +12:00
Ralph Slooten bb81b62357 Chore: Update node dependencies 2026-05-14 16:38:54 +12:00
Ralph Slooten e27d30bda7 Chore: Update Go dependencies 2026-05-14 16:37:56 +12:00
Ralph Slooten cae0f638af Enhance sendmail functionality with message size limit and input validation 2026-05-14 16:36:27 +12:00
Ralph Slooten 786f263d32 Chore: Add message ingest max-message-size flag and refactor message handling 2026-05-14 16:24:58 +12:00
Ralph Slooten 8041eac509 Cleanup 2026-05-14 16:23:29 +12:00
Ralph Slooten b7e4146dbf Chore: Add message dump max-message-size flag and refactor message handling 2026-05-14 16:23:21 +12:00
Ralph Slooten 5ec074208c Use httpClient for HTTP requests in loadIDs and saveMessages functions 2026-05-14 15:13:52 +12:00
Ralph Slooten b82960928a Fix typo 2026-05-14 15:13:43 +12:00
Ralph Slooten 4ab532b9aa Security: Fix concurrent map read & write in proxy CSS rewriter (GHSA-w4vj-r5pg-3722) 2026-05-14 15:02:07 +12:00
Ralph Slooten 35079d182c Security: Fix for path traversal & arbitrary file write in mailpit dump --http via attacker-controlled message IDs (GHSA-qx5x-85p8-vg4j) 
This fix also adds HTTP data limits to prevent excessively large files being transmitted by an attacker-controlled server (fake Mailpit).
 2026-05-14 15:02:07 +12:00
Ralph Slooten 04c779994b Security: Block internal IP access by default in HTML check (GHSA-j3fj-qppj-fmmc) 
This addresses an incomplete fix for GHSA-6jxm-fv7w-rw5j which did not restrict access to internal IP addresses.
 2026-05-14 15:02:07 +12:00
Ralph Slooten bcd1bc71ee Security: Include CGNAT (Carrier-Grade NAT) in internal IP checks (GHSA-j3fj-qppj-fmmc) 
CGNAT (Carrier-Grade NAT) is a technique used by ISPs to conserve IPv4 addresses. Instead of assigning a unique public IP to every customer, the ISP places many customers behind a shared NAT, then gives them all addresses from the reserved 100.64.0.0/10 range (RFC 6598) on their internal network.

This means traffic from multiple customers exits through a small pool of public IPs - a second layer of NAT on top of whatever NAT the customer's own router does (hence "double NAT").
 2026-05-14 15:01:36 +12:00
Ralph Slooten 136bdde953 Security: Set a default 50MB p/m limit to prevent DoS via unlimited SMTP DATA and /api/v1/send body sizes (GHSA-fpxj-m5q8-fphw) 
This is a configurable limit (in MB's) which can optionally be disabled by setting it to 0.
 2026-05-12 17:22:00 +12:00
Ralph Slooten 499a543963 Feature: New loading indicator, reduce flash during message transitions (#682) 2026-05-12 15:27:12 +12:00
Ralph Slooten 8b4c9d1267 Update AppAbout.vue: Enhance version notification display for stable and development builds 2026-05-10 10:41:38 +12:00
Ralph Slooten 1cabac31ad Update README.md: Adjust email processing rates and clarify email pruning methods 2026-05-10 10:24:29 +12:00
Ralph Slooten da7b82378c Build: Tag Docker edge build with next patch versions 2026-05-09 17:55:03 +12:00
Ralph Slooten 0702241fa5 Fix test expectations and handle Strip function return values in html2text tests 2026-05-09 17:26:15 +12:00
Ralph Slooten 8d72191704 Prevent duplicate extraction calls in the extract function 2026-05-09 17:22:51 +12:00
Ralph Slooten 052afdf929 Rename variable for clarity in extract function 2026-05-09 17:22:07 +12:00
Ralph Slooten c1fbbffded Refactor html2text.Strip to return an error and handle it in storage and tools packages 2026-05-09 17:21:36 +12:00
Ralph Slooten 6e2c42d2bc Improve error handling in autoForwardMessage and ensure proper client closure in createForwardingSMTPClient 2026-05-09 17:16:52 +12:00
Ralph Slooten da8eb3ece8 Fix: Validate SMTP XCLIENT args before processing 2026-05-09 17:13:22 +12:00
Ralph Slooten 4502cdc358 Handle error in writePump when sending ping messages 2026-05-09 17:06:14 +12:00
Ralph Slooten fbb63c89dd Chore: Simplify writePump by using WriteMessage and remove unnecessary newline handling 2026-05-09 17:05:22 +12:00
Ralph Slooten 71bd44bbb5 Chore: Ensure websocket connection is closed on client unregistration 2026-05-09 17:02:48 +12:00
Ralph Slooten b997fff7eb Chore: Refactor Hub to use atomic clientCount for safe concurrent client tracking 2026-05-09 17:01:47 +12:00
Ralph Slooten 034a480a39 Chore: Refactor addMessageTag function to remove mutex and ensure safe concurrent inserts 2026-05-09 16:48:05 +12:00
Ralph Slooten f575b53854 Chore: Refactor pruneMessages function to eliminate duplicate ID checks using a map 2026-05-09 16:43:40 +12:00