mirror of
https://github.com/mailcow/mailcow-dockerized.git
synced 2025-01-24 05:16:55 +02:00
Better white/blacklist handling
This commit is contained in:
parent
9775b354f4
commit
a7a597fead
@ -2176,206 +2176,6 @@ function get_spam_score($username) {
|
||||
}
|
||||
}
|
||||
}
|
||||
function set_whitelist($postarray) {
|
||||
global $lang;
|
||||
global $pdo;
|
||||
$username = $_SESSION['mailcow_cc_username'];
|
||||
$whitelist_from = trim(strtolower($postarray['whitelist_from']));
|
||||
$whitelist_from = preg_replace("/\.\*/", "*", $whitelist_from);
|
||||
if (!filter_var($username, FILTER_VALIDATE_EMAIL)) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => sprintf($lang['danger']['username_invalid'])
|
||||
);
|
||||
return false;
|
||||
}
|
||||
if (!ctype_alnum(str_replace(array('@', '.', '-', '*'), '', $whitelist_from))) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => sprintf($lang['danger']['whitelist_from_invalid'])
|
||||
);
|
||||
return false;
|
||||
}
|
||||
try {
|
||||
$stmt = $pdo->prepare("SELECT `object` FROM `filterconf`
|
||||
WHERE `option` = 'whitelist_from'
|
||||
AND `object` = :username
|
||||
AND `value` = :whitelist_from");
|
||||
$stmt->execute(array(':username' => $username, ':whitelist_from' => $whitelist_from));
|
||||
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
|
||||
}
|
||||
catch(PDOException $e) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => 'MySQL: '.$e
|
||||
);
|
||||
return false;
|
||||
}
|
||||
if ($num_results != 0) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => sprintf($lang['danger']['whitelist_exists'])
|
||||
);
|
||||
return false;
|
||||
}
|
||||
try {
|
||||
$stmt = $pdo->prepare("INSERT INTO `filterconf` (`object`, `option` ,`value`)
|
||||
VALUES (:username, 'whitelist_from', :whitelist_from)");
|
||||
$stmt->execute(array(
|
||||
':username' => $username,
|
||||
':whitelist_from' => $whitelist_from
|
||||
));
|
||||
}
|
||||
catch (PDOException $e) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => 'MySQL: '.$e
|
||||
);
|
||||
return false;
|
||||
}
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'success',
|
||||
'msg' => sprintf($lang['success']['mailbox_modified'], $username)
|
||||
);
|
||||
}
|
||||
function delete_whitelist($postarray) {
|
||||
global $lang;
|
||||
global $pdo;
|
||||
$username = $_SESSION['mailcow_cc_username'];
|
||||
$prefid = $postarray['wlid'];
|
||||
if (!filter_var($username, FILTER_VALIDATE_EMAIL)) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => sprintf($lang['danger']['username_invalid'])
|
||||
);
|
||||
return false;
|
||||
}
|
||||
if (!is_numeric($prefid)) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => sprintf($lang['danger']['whitelist_from_invalid'])
|
||||
);
|
||||
return false;
|
||||
}
|
||||
try {
|
||||
$stmt = $pdo->prepare("DELETE FROM `filterconf` WHERE `object` = :username AND `prefid` = :prefid");
|
||||
$stmt->execute(array(
|
||||
':username' => $username,
|
||||
':prefid' => $prefid
|
||||
));
|
||||
}
|
||||
catch (PDOException $e) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => 'MySQL: '.$e
|
||||
);
|
||||
return false;
|
||||
}
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'success',
|
||||
'msg' => sprintf($lang['success']['mailbox_modified'], $username)
|
||||
);
|
||||
}
|
||||
function set_blacklist($postarray) {
|
||||
global $lang;
|
||||
global $pdo;
|
||||
$username = $_SESSION['mailcow_cc_username'];
|
||||
$blacklist_from = trim(strtolower($postarray['blacklist_from']));
|
||||
$blacklist_from = preg_replace("/\.\*/", "*", $blacklist_from);
|
||||
if (!filter_var($username, FILTER_VALIDATE_EMAIL)) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => sprintf($lang['danger']['username_invalid'])
|
||||
);
|
||||
return false;
|
||||
}
|
||||
if (!ctype_alnum(str_replace(array('@', '.', '-', '*'), '', $blacklist_from))) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => sprintf($lang['danger']['blacklist_from_invalid'])
|
||||
);
|
||||
return false;
|
||||
}
|
||||
try {
|
||||
$stmt = $pdo->prepare("SELECT `object` FROM `filterconf`
|
||||
WHERE `option` = 'blacklist_from'
|
||||
AND `object` = :username
|
||||
AND `value` = :blacklist_from");
|
||||
$stmt->execute(array(':username' => $username, ':blacklist_from' => $blacklist_from));
|
||||
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
|
||||
}
|
||||
catch(PDOException $e) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => 'MySQL: '.$e
|
||||
);
|
||||
return false;
|
||||
}
|
||||
if ($num_results != 0) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => sprintf($lang['danger']['blacklist_exists'])
|
||||
);
|
||||
return false;
|
||||
}
|
||||
try {
|
||||
$stmt = $pdo->prepare("INSERT INTO `filterconf` (`object`, `option` ,`value`)
|
||||
VALUES (:username, 'blacklist_from', :blacklist_from)");
|
||||
$stmt->execute(array(
|
||||
':username' => $username,
|
||||
':blacklist_from' => $blacklist_from
|
||||
));
|
||||
}
|
||||
catch (PDOException $e) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => 'MySQL: '.$e
|
||||
);
|
||||
return false;
|
||||
}
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'success',
|
||||
'msg' => sprintf($lang['success']['mailbox_modified'], $username)
|
||||
);
|
||||
}
|
||||
function delete_blacklist($postarray) {
|
||||
global $lang;
|
||||
global $pdo;
|
||||
$username = $_SESSION['mailcow_cc_username'];
|
||||
$prefid = $postarray['blid'];
|
||||
if (!filter_var($username, FILTER_VALIDATE_EMAIL)) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => sprintf($lang['danger']['username_invalid'])
|
||||
);
|
||||
return false;
|
||||
}
|
||||
if (!is_numeric($prefid)) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => sprintf($lang['danger']['blacklist_from_invalid'])
|
||||
);
|
||||
return false;
|
||||
}
|
||||
try {
|
||||
$stmt = $pdo->prepare("DELETE FROM `filterconf` WHERE `object` = :username AND `prefid` = :prefid");
|
||||
$stmt->execute(array(
|
||||
':username' => $username,
|
||||
':prefid' => $prefid
|
||||
));
|
||||
}
|
||||
catch (PDOException $e) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => 'MySQL: '.$e
|
||||
);
|
||||
return false;
|
||||
}
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'success',
|
||||
'msg' => sprintf($lang['success']['mailbox_modified'], $username)
|
||||
);
|
||||
}
|
||||
function set_spam_score($postarray) {
|
||||
global $lang;
|
||||
global $pdo;
|
||||
@ -2429,6 +2229,107 @@ function set_spam_score($postarray) {
|
||||
'msg' => sprintf($lang['success']['mailbox_modified'], $username)
|
||||
);
|
||||
}
|
||||
function set_policy_list($postarray) {
|
||||
global $lang;
|
||||
global $pdo;
|
||||
|
||||
(isset($postarray['domain'])) ? $object = $postarray['domain'] : $object = $_SESSION['mailcow_cc_username'];
|
||||
($postarray['object_list'] == "bl") ? $object_list = "blacklist_from" : $object_list = "whitelist_from";
|
||||
$object_from = preg_replace('/\.+/', '.', rtrim(preg_replace("/\.\*/", "*", trim(strtolower($postarray['object_from']))), '.'));
|
||||
if (!filter_var($object, FILTER_VALIDATE_EMAIL) && !is_valid_domain_name($object)) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => sprintf($lang['danger']['username_invalid'])
|
||||
);
|
||||
return false;
|
||||
}
|
||||
if (is_valid_domain_name($object)) {
|
||||
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $object)) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => sprintf($lang['danger']['access_denied'])
|
||||
);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
if (isset($postarray['prefid'])) {
|
||||
if (!is_numeric($postarray['prefid'])) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => sprintf($lang['danger']['access_denied'])
|
||||
);
|
||||
return false;
|
||||
}
|
||||
try {
|
||||
$stmt = $pdo->prepare("DELETE FROM `filterconf` WHERE `object` = :object AND `prefid` = :prefid");
|
||||
$stmt->execute(array(
|
||||
':object' => $object,
|
||||
':prefid' => $postarray['prefid']
|
||||
));
|
||||
}
|
||||
catch (PDOException $e) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => 'MySQL: '.$e
|
||||
);
|
||||
return false;
|
||||
}
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'success',
|
||||
'msg' => sprintf($lang['success']['mailbox_modified'], $object)
|
||||
);
|
||||
return true;
|
||||
}
|
||||
if (!ctype_alnum(str_replace(array('@', '.', '-', '*'), '', $object_from))) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => sprintf($lang['danger']['policy_list_from_invalid'])
|
||||
);
|
||||
return false;
|
||||
}
|
||||
try {
|
||||
$stmt = $pdo->prepare("SELECT `object` FROM `filterconf`
|
||||
WHERE (`option` = 'whitelist_from' OR `option` = 'blacklist_from')
|
||||
AND `object` = :object
|
||||
AND `value` = :object_from");
|
||||
$stmt->execute(array(':object' => $object, ':object_from' => $object_from));
|
||||
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
|
||||
}
|
||||
catch(PDOException $e) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => 'MySQL: '.$e
|
||||
);
|
||||
return false;
|
||||
}
|
||||
if ($num_results != 0) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => sprintf($lang['danger']['policy_list_from_exists'])
|
||||
);
|
||||
return false;
|
||||
}
|
||||
try {
|
||||
$stmt = $pdo->prepare("INSERT INTO `filterconf` (`object`, `option` ,`value`)
|
||||
VALUES (:object, :object_list, :object_from)");
|
||||
$stmt->execute(array(
|
||||
':object' => $object,
|
||||
':object_list' => $object_list,
|
||||
':object_from' => $object_from
|
||||
));
|
||||
}
|
||||
catch (PDOException $e) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => 'MySQL: '.$e
|
||||
);
|
||||
return false;
|
||||
}
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'success',
|
||||
'msg' => sprintf($lang['success']['mailbox_modified'], $object)
|
||||
);
|
||||
}
|
||||
function set_tls_policy($postarray) {
|
||||
global $lang;
|
||||
global $pdo;
|
||||
|
@ -4,7 +4,7 @@
|
||||
<meta charset="utf-8">
|
||||
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||
<title>mailcow UI - <?php echo gethostname() ?></title>
|
||||
<title>mailcow UI</title>
|
||||
<!--[if lt IE 9]>
|
||||
<script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script>
|
||||
<script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
|
||||
|
@ -51,17 +51,8 @@ if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == "user
|
||||
if (isset($_POST["trigger_set_spam_score"])) {
|
||||
set_spam_score($_POST);
|
||||
}
|
||||
if (isset($_POST["trigger_set_whitelist"])) {
|
||||
set_whitelist($_POST);
|
||||
}
|
||||
if (isset($_POST["trigger_delete_whitelist"])) {
|
||||
delete_whitelist($_POST);
|
||||
}
|
||||
if (isset($_POST["trigger_set_blacklist"])) {
|
||||
set_blacklist($_POST);
|
||||
}
|
||||
if (isset($_POST["trigger_delete_blacklist"])) {
|
||||
delete_blacklist($_POST);
|
||||
if (isset($_POST["trigger_set_policy_list"])) {
|
||||
set_policy_list($_POST);
|
||||
}
|
||||
if (isset($_POST["trigger_set_tls_policy"])) {
|
||||
set_tls_policy($_POST);
|
||||
|
@ -22,10 +22,8 @@ $lang['danger']['object_is_not_numeric'] = 'Wert %s ist nicht numerisch';
|
||||
$lang['success']['domain_added'] = 'Domain %s wurde angelegt';
|
||||
$lang['danger']['alias_empty'] = 'Alias-Adresse darf nicht leer sein';
|
||||
$lang['danger']['goto_empty'] = 'Ziel-Adresse darf nicht leer sein';
|
||||
$lang['danger']['blacklist_exists'] = 'Ein Backlist-Eintrag mit diesem Wert existiert bereits';
|
||||
$lang['danger']['blacklist_from_invalid'] = 'Backlist-Eintrag hat ungültiges Format';
|
||||
$lang['danger']['whitelist_exists'] = 'Ein Whitelist-Eintrag mit diesem Wert existiert bereits';
|
||||
$lang['danger']['whitelist_from_invalid'] = 'Whitelist-Eintrag hat ungültiges Format';
|
||||
$lang['danger']['policy_list_from_exists'] = 'Ein Eintrag mit diesem Wert existiert bereits';
|
||||
$lang['danger']['policy_list_from_invalid'] = 'Eintrag hat ungültiges Format';
|
||||
$lang['danger']['alias_invalid'] = 'Alias-Adrese ist ungültig';
|
||||
$lang['danger']['goto_invalid'] = 'Ziel-Adrese ist ungültig';
|
||||
$lang['danger']['alias_domain_invalid'] = 'Alias-Domain ist ungültig';
|
||||
|
@ -22,8 +22,8 @@ $lang['danger']['object_is_not_numeric'] = "Value %s is not numeric";
|
||||
$lang['success']['domain_added'] = "Added domain %s";
|
||||
$lang['danger']['alias_empty'] = "Alias address must not be empty";
|
||||
$lang['danger']['goto_empty'] = "Goto address must not be empty";
|
||||
$lang['danger']['blacklist_exists'] = "A blacklist record with that name exists";
|
||||
$lang['danger']['blacklist_from_invalid'] = "Blacklist record has invalid format";
|
||||
$lang['danger']['policy_list_from_exists'] = "A record with given name exists";
|
||||
$lang['danger']['policy_list_from_invalid'] = "Record has invalid format";
|
||||
$lang['danger']['whitelist_exists'] = "A whitelist record with that name exists";
|
||||
$lang['danger']['whitelist_from_invalid'] = "Whitelist record has invalid format";
|
||||
$lang['danger']['alias_invalid'] = "Alias address is invalid";
|
||||
@ -122,6 +122,7 @@ $lang['user']['spamfilter_table_rule'] = 'Rule';
|
||||
$lang['user']['spamfilter_table_action'] = 'Action';
|
||||
$lang['user']['spamfilter_table_empty'] = 'No data to display';
|
||||
$lang['user']['spamfilter_table_remove'] = 'remove';
|
||||
$lang['user']['spamfilter_table_add'] = 'Add item';
|
||||
$lang['user']['spamfilter_default_score'] = 'Spam score:';
|
||||
$lang['user']['spamfilter_green'] = 'Green: this message is not spam';
|
||||
$lang['user']['spamfilter_yellow'] = 'Yellow: this message may be spam, will be tagged as spam and moved to your junk folder';
|
||||
|
@ -143,6 +143,7 @@ if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == 'user
|
||||
data-slider-max="30"
|
||||
data-slider-step="0.5"
|
||||
data-slider-range="true"
|
||||
data-slider-tooltip='always'
|
||||
data-slider-id="slider1"
|
||||
data-slider-value="[<?=get_spam_score($_SESSION['mailcow_cc_username']);?>]"
|
||||
data-slider-step="1" />
|
||||
@ -189,11 +190,11 @@ if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == 'user
|
||||
<form class="form-inline" method="post">
|
||||
<div class="col-xs-6"><code><?=$whitelistRow['value'];?></code></div>
|
||||
<div class="col-xs-6">
|
||||
<input type="hidden" name="wlid" value="<?=$whitelistRow['prefid'];?>">
|
||||
<input type="hidden" name="prefid" value="<?=$whitelistRow['prefid'];?>">
|
||||
<?php
|
||||
if ($whitelistRow['username'] != array_pop(explode('@', $username))):
|
||||
?>
|
||||
<input type="hidden" id="trigger_delete_whitelist" name="trigger_delete_whitelist">
|
||||
<input type="hidden" name="trigger_set_policy_list">
|
||||
<a href="#n" onclick="$(this).closest('form').submit()"><?=$lang['user']['spamfilter_table_remove'];?></a>
|
||||
<?php
|
||||
else:
|
||||
@ -213,10 +214,11 @@ if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == 'user
|
||||
<div class="row">
|
||||
<form class="form-inline" method="post">
|
||||
<div class="col-xs-6">
|
||||
<input type="text" class="form-control input-sm" name="whitelist_from" id="whitelist_from" placeholder="*@example.org" required>
|
||||
<input type="text" class="form-control input-sm" name="object_from" id="object_from" placeholder="*@example.org" required>
|
||||
<input type="hidden" name="object_list" value="wl">
|
||||
</div>
|
||||
<div class="col-xs-6">
|
||||
<button type="submit" id="trigger_set_whitelist" name="trigger_set_whitelist" class="btn btn-xs btn-default"><?=$lang['user']['spamfilter_table_add'];?></button>
|
||||
<button type="submit" id="trigger_set_policy_list" name="trigger_set_policy_list" class="btn btn-xs btn-default"><?=$lang['user']['spamfilter_table_add'];?></button>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
@ -253,11 +255,11 @@ if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == 'user
|
||||
<form class="form-inline" method="post">
|
||||
<div class="col-xs-6"><code><?=$blacklistRow['value'];?></code></div>
|
||||
<div class="col-xs-6">
|
||||
<input type="hidden" name="blid" value="<?=$blacklistRow['prefid'];?>">
|
||||
<input type="hidden" name="prefid" value="<?=$blacklistRow['prefid'];?>">
|
||||
<?php
|
||||
if ($blacklistRow['username'] != array_pop(explode('@', $username))):
|
||||
?>
|
||||
<input type="hidden" id="trigger_delete_blacklist" name="trigger_delete_blacklist">
|
||||
<input type="hidden" name="trigger_set_policy_list">
|
||||
<a href="#n" onclick="$(this).closest('form').submit()"><?=$lang['user']['spamfilter_table_remove'];?></a>
|
||||
<?php
|
||||
else:
|
||||
@ -276,10 +278,11 @@ if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == 'user
|
||||
<div class="row">
|
||||
<form class="form-inline" method="post">
|
||||
<div class="col-xs-6">
|
||||
<input type="text" class="form-control input-sm" name="blacklist_from" id="blacklist_from" placeholder="*@example.org" required>
|
||||
<input type="text" class="form-control input-sm" name="object_from" id="object_from" placeholder="*@example.org" required>
|
||||
<input type="hidden" name="object_list" value="bl">
|
||||
</div>
|
||||
<div class="col-xs-6">
|
||||
<button type="submit" id="trigger_set_blacklist" name="trigger_set_blacklist" class="btn btn-xs btn-default"><?=$lang['user']['spamfilter_table_add'];?></button>
|
||||
<button type="submit" id="trigger_set_policy_list" name="trigger_set_policy_list" class="btn btn-xs btn-default"><?=$lang['user']['spamfilter_table_add'];?></button>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
|
Loading…
x
Reference in New Issue
Block a user