Added domain alias handling to quarantine mails and added recipients row to quarantine mail display

If a mail is sent to a domain alias domain and rejected, mailcow does not currently store the mail in quarantine.
This commit adds domain alias handling to the reject code and should fix this behavior.

Also added displaying of recipient addresses into the quarantine mail dialog to be able to see what mail address was "leaked".
master
Howaner 2019-05-01 00:56:12 +02:00
parent 91af3d5c5a
commit 17918b3e21
11 changed files with 67 additions and 5 deletions

View File

@ -131,6 +131,14 @@ foreach (json_decode($rcpts, true) as $rcpt) {
));
$gotos = $stmt->fetch(PDO::FETCH_ASSOC)['goto'];
}
if (empty($gotos)) {
$stmt = $pdo->prepare("SELECT `target_domain` FROM `alias_domain` WHERE `alias_domain` = :rcpt AND `active` = '1'");
$stmt->execute(array(':rcpt' => $parsed_rcpt['domain']));
$goto_branch = $stmt->fetch(PDO::FETCH_ASSOC)['target_domain'];
if ($goto_branch) {
$gotos = $parsed_rcpt['local'] . '@' . $goto_branch;
}
}
$gotos_array = explode(',', $gotos);
$loop_c = 0;
@ -159,8 +167,18 @@ foreach (json_decode($rcpts, true) as $rcpt) {
$stmt = $pdo->prepare("SELECT `goto` FROM `alias` WHERE `address` = :goto AND `active` = '1'");
$stmt->execute(array(':goto' => $goto));
$goto_branch = $stmt->fetch(PDO::FETCH_ASSOC)['goto'];
if ($goto_branch) {
error_log("QUARANTINE: quarantine pipe: goto address " . $goto . " is a alias branch for " . $goto_branch);
$goto_branch_array = explode(',', $goto_branch);
} else {
$stmt = $pdo->prepare("SELECT `target_domain` FROM `alias_domain` WHERE `alias_domain` = :domain AND `active` AND '1'");
$stmt->execute(array(':domain' => $parsed_goto['domain']));
$goto_branch = $stmt->fetch(PDO::FETCH_ASSOC)['target_domain'];
if ($goto_branch) {
error_log("QUARANTINE: quarantine pipe: goto domain " . $parsed_gto['domain'] . " is a domain alias branch for " . $goto_branch);
$goto_branch_array = array($parsed_gto['local'] . '@' . $goto_branch);
}
}
}
}
// goto item was processed, unset

View File

@ -49,3 +49,11 @@ table.footable>tbody>tr.footable-empty>td {
border-radius: 50%;
display: inline-block;
}
span.mail-address-item {
background-color: #f5f5f5;
border-radius: 4px;
border: 1px solid #ccc;
padding: 2px 7px;
margin-right: 7px;
}

View File

@ -5,6 +5,7 @@ require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/prerequisites.inc.php';
if (!isset($_SESSION['mailcow_cc_role'])) {
exit();
}
function rrmdir($src) {
$dir = opendir($src);
while(false !== ( $file = readdir($dir)) ) {
@ -21,6 +22,13 @@ function rrmdir($src) {
closedir($dir);
rmdir($src);
}
function addAddresses(&$list, $mail, $headerName) {
$addresses = $mail->getAddresses($headerName);
foreach ($addresses as $address) {
$list[] = array('address' => $address['address'], 'type' => $headerName);
}
}
if (!empty($_GET['id']) && ctype_alnum($_GET['id'])) {
$tmpdir = '/tmp/' . $_GET['id'] . '/';
$mailc = quarantine('details', $_GET['id']);
@ -36,6 +44,16 @@ if (!empty($_GET['id']) && ctype_alnum($_GET['id'])) {
$html2text = new Html2Text\Html2Text();
// Load msg to parser
$mail_parser->setText($mailc['msg']);
// Get mail recipients
{
$recipientsList = array();
addAddresses($recipientsList, $mail_parser, 'to');
addAddresses($recipientsList, $mail_parser, 'cc');
addAddresses($recipientsList, $mail_parser, 'bcc');
$data['recipients'] = $recipientsList;
}
// Get text/plain content
$data['text_plain'] = $mail_parser->getMessageBody('text');
// Get html content and convert to text

View File

@ -87,8 +87,16 @@ jQuery(function($){
$('#qid_detail_text').text(data.text_plain);
$('#qid_detail_text_from_html').text(data.text_html);
$('#qid_detail_recipients').html('');
if (typeof data.recipients !== 'undefined') {
$.each(data.recipients, function(index, value) {
var displayStr = value.address + (value.type != 'to' ? (' (' + value.type.toUpperCase() + ')') : '');
$('#qid_detail_recipients').append('<span class="mail-address-item")>' + displayStr + '</span>');
});
}
var qAtts = $("#qid_detail_atts");
if (typeof data.attachments !== 'undefined') {
qAtts = $("#qid_detail_atts");
qAtts.text('');
$.each(data.attachments, function(index, value) {
qAtts.append(

View File

@ -498,6 +498,7 @@ $lang['quarantine']['show_item'] = "Mostrar";
$lang['quarantine']['check_hash'] = "Comprovar el hash del fitxer a VT";
$lang['quarantine']['qitem'] = "Element en quarantena";
$lang['quarantine']['subj'] = "Assumpte";
$lang['quarantine']['recipients'] = "Recipients";
$lang['quarantine']['text_plain_content'] = "Contingut (text/plain)";
$lang['quarantine']['text_from_html_content'] = "Contingut (a partir del HTML)";
$lang['quarantine']['atts'] = "Adjunts";

View File

@ -712,6 +712,7 @@ $lang['quarantine']['show_item'] = "Zobrazit položku";
$lang['quarantine']['check_hash'] = "Hledat hash @ VT souboru";
$lang['quarantine']['qitem'] = "Položka v karanténě";
$lang['quarantine']['subj'] = "Předmět";
$lang['quarantine']['recipients'] = "Příjemci";
$lang['quarantine']['text_plain_content'] = "Obsah (text/plain)";
$lang['quarantine']['text_from_html_content'] = "Obsah (konvertované html)";
$lang['quarantine']['atts'] = "Přílohy";

View File

@ -732,6 +732,7 @@ $lang['quarantine']['show_item'] = "Details";
$lang['quarantine']['check_hash'] = "Checksumme auf VirusTotal suchen";
$lang['quarantine']['qitem'] = "Quarantäneeintrag";
$lang['quarantine']['subj'] = "Betreff";
$lang['quarantine']['recipients'] = "Empfänger";
$lang['quarantine']['text_plain_content'] = "Inhalt (text/plain)";
$lang['quarantine']['text_from_html_content'] = "Inhalt (html, konvertiert)";
$lang['quarantine']['atts'] = "Anhänge";

View File

@ -754,6 +754,7 @@ $lang['quarantine']['show_item'] = "Show item";
$lang['quarantine']['check_hash'] = "Search file hash @ VT";
$lang['quarantine']['qitem'] = "Quarantine item";
$lang['quarantine']['subj'] = "Subject";
$lang['quarantine']['recipients'] = "Recipients";
$lang['quarantine']['text_plain_content'] = "Content (text/plain)";
$lang['quarantine']['text_from_html_content'] = "Content (converted html)";
$lang['quarantine']['atts'] = "Attachments";

View File

@ -494,6 +494,7 @@ $lang['quarantine']['show_item'] = "Parādīt vienumus";
$lang['quarantine']['check_hash'] = "Meklēt faila hašu @ VT";
$lang['quarantine']['qitem'] = "Karantīnas vienumi";
$lang['quarantine']['subj'] = "Priekšmets";
$lang['quarantine']['recipients'] = "Adresāts";
$lang['quarantine']['text_plain_content'] = "Saturs (teksts/vienkāršs)";
$lang['quarantine']['text_from_html_content'] = "Saturs (konvertēts html)";
$lang['quarantine']['atts'] = "Pielikumi";

View File

@ -731,6 +731,7 @@ $lang['quarantine']['show_item'] = "Laat item zien";
$lang['quarantine']['check_hash'] = "Zoek bestandshash op in VT";
$lang['quarantine']['qitem'] = "Quarantaine-item";
$lang['quarantine']['subj'] = "Onderwerp";
$lang['quarantine']['recipients'] = "Ontvangers";
$lang['quarantine']['text_plain_content'] = "Inhoud (tekst)";
$lang['quarantine']['text_from_html_content'] = "Inhoud (geconverteerde html)";
$lang['quarantine']['atts'] = "Bijlagen";

View File

@ -17,6 +17,10 @@ if (!isset($_SESSION['mailcow_cc_role'])) {
<label for="qid_detail_subj"><h4><?=$lang['quarantine']['subj'];?>:</h4></label>
<p id="qid_detail_subj"></p>
</div>
<div class="form-group">
<label for="qid_detail_recipients"><h4><?=$lang['quarantine']['recipients'];?>:</h4></label>
<p id="qid_detail_recipients"></p>
</div>
<div class="form-group">
<label for="qid_detail_text"><h4><?=$lang['quarantine']['text_plain_content'];?>:</h4></label>
<pre id="qid_detail_text"></pre>