paxton
/
mailcow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[Web] Remove XMPP options 

[Web] Add Rspamd preset #4
[Web] Do not show failed SASL logins (and also remove them from db)
master
andryyy 2021-06-30 10:13:29 +02:00
parent 13223245f2
commit 8b08d09ca2
No known key found for this signature in database
GPG Key ID: 8EC34FF2794E25EF
22 changed files with 49 additions and 762 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
data/conf/ejabberd/autogen/.gitkeep
View File

239
data/conf/ejabberd/ejabberd.yml
View File

@ -1,239 +0,0 @@
loglevel: info
auth_method: [external]
auth_use_cache: false
extauth_program: /var/www/authentication/authenticator
include_config_file:
/ejabberd/ejabberd_api.yml
include_config_file:
/ejabberd/ejabberd_acl.yml
include_config_file:
/ejabberd/ejabberd_hosts.yml:
allow_only:
- hosts
include_config_file:
/ejabberd/ejabberd_macros.yml:
allow_only:
- define_macro
define_macro:
'TLS_CIPHERS': "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256"
'TLS_OPTIONS':
- "no_sslv3"
- "no_tlsv1"
- "no_tlsv1_1"
- "cipher_server_preference"
- "no_compression"
c2s_ciphers: 'TLS_CIPHERS'
s2s_ciphers: 'TLS_CIPHERS'
c2s_protocol_options: 'TLS_OPTIONS'
s2s_protocol_options: 'TLS_OPTIONS'
s2s_use_starttls: required
new_sql_schema: true
sql_type: sqlite
sql_database: /sqlite/sqlite.db
default_db: sql
certfiles:
- /ejabberd_ssl/cert.pem
- /ejabberd_ssl/key.pem
listen:
-
port: 5222
ip: "::"
module: ejabberd_c2s
max_stanza_size: 262144
shaper: c2s_shaper
access: c2s
starttls_required: true
-
port: 5269
ip: "::"
module: ejabberd_s2s_in
max_stanza_size: 524288
-
port: EJABBERD_HTTPS
ip: "::"
module: ejabberd_http
tls: true
request_handlers:
/captcha: ejabberd_captcha
/upload: mod_http_upload
/ws: ejabberd_http_ws
-
port: 5280
ip: "::"
module: ejabberd_http
request_handlers:
/api: mod_http_api
-
port: 5282
ip: "::"
module: ejabberd_http
request_handlers:
/xmpp: ejabberd_web_admin
-
module: ejabberd_http
port: 5281
ip: "::"
request_handlers:
/.well-known/acme-challenge: ejabberd_acme
-
port: 1883
ip: "::"
module: mod_mqtt
backlog: 1000
acme:
auto: true
acl:
admin:
user:
- "admin": "localhost"
local:
user_regexp: ""
loopback:
ip:
- 127.0.0.0/8
- ::1/128
access_rules:
local:
allow: local
c2s:
deny: blocked
allow: all
announce:
allow: admin
configure:
allow: admin
muc_create:
allow: local
pubsub_createnode:
allow: local
trusted_network:
allow: loopback
api_permissions:
"console commands":
from:
- ejabberd_ctl
who: all
what: "*"
"admin access":
who:
access:
allow:
- acl: loopback
- acl: admin
what:
- "*"
- "!stop"
- "!start"
shaper:
normal:
rate: 3000
burst_size: 20000
fast: 100000
shaper_rules:
max_user_sessions: 10
max_user_offline_messages:
1000: admin
1000: all
c2s_shaper:
none: admin
normal: all
s2s_shaper: fast
modules:
mod_adhoc: {}
mod_admin_extra: {}
mod_announce:
access: announce
mod_avatar: {}
mod_blocking: {}
mod_caps: {}
mod_carboncopy: {}
mod_client_state: {}
mod_configure: {}
mod_disco: {}
mod_fail2ban: {}
mod_http_api: {}
mod_http_upload_quota:
max_days: 30
mod_http_upload:
docroot: /var/www/upload
custom_headers:
"Access-Control-Allow-Origin": "https://@HOST@"
"Access-Control-Allow-Methods": "GET,HEAD,PUT,OPTIONS"
"Access-Control-Allow-Headers": "Content-Type"
thumbnail: true
jid_in_url: node
file_mode: "0600"
dir_mode: "0700"
mod_last: {}
mod_mam:
clear_archive_on_room_destroy: true
default: never
compress_xml: true
request_activates_archiving: true
mod_mqtt: {}
mod_muc:
access:
- allow
access_admin:
- allow: admin
access_create: muc_create
access_persistent: muc_create
access_mam:
- allow
default_room_options:
mam: false
persistent: false
mod_muc_admin: {}
mod_offline:
access_max_user_messages: max_user_offline_messages
mod_ping: {}
mod_privacy: {}
mod_private: {}
mod_proxy65:
access: local
max_connections: 5
mod_pubsub:
access_createnode: pubsub_createnode
plugins:
- flat
- pep
force_node_config:
## Avoid buggy clients to make their bookmarks public
storage:bookmarks:
access_model: whitelist
mod_push: {}
mod_push_keepalive: {}
mod_register:
## Only accept registration requests from the "trusted"
## network (see access_rules section above).
## Think twice before enabling registration from any
## address. See the Jabber SPAM Manifesto for details:
## https://github.com/ge0rg/jabber-spam-fighting-manifesto
ip_access: trusted_network
mod_roster:
versioning: true
mod_s2s_dialback: {}
mod_stream_mgmt:
resend_on_timeout: if_offline
mod_stun_disco: {}
mod_vcard: {}
mod_vcard_xupdate: {}
mod_version:
show_os: false

8
data/conf/nginx/includes/site-defaults.conf
View File

@ -118,14 +118,6 @@
proxy_redirect off; proxy_redirect off;
} }
location /xmpp/ {
proxy_pass http://ejabberd:5282/xmpp/;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_redirect off;
}
location ~* ^/Autodiscover/Autodiscover.xml { location ~* ^/Autodiscover/Autodiscover.xml {
fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass phpfpm:9002; fastcgi_pass phpfpm:9002;

4
data/web/css/site/edit.css
View File

@ -37,10 +37,6 @@
-webkit-transform:rotateX(180deg); -webkit-transform:rotateX(180deg);
transform:rotateX(180deg); transform:rotateX(180deg);
} }
.input-group-addon-xmpp {
background-color: #fff;
border: 0px solid #fff;
}
#sender_acl_disabled { #sender_acl_disabled {
display:none; display:none;
margin-top:10px; margin-top:10px;

3
data/web/css/site/user.css
View File

@ -123,9 +123,6 @@ border-bottom-width: 3px;
border-radius: 4px; border-radius: 4px;
top: 3px; top: 3px;
} }
.xmpp-logo-user {
width:64px;
}
.recent-login-success { .recent-login-success {
margin-top:2px; margin-top:2px;
margin-right:10px; margin-right:10px;

42
data/web/debug.php
View File

@ -6,7 +6,6 @@ require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/header.inc.php';
$_SESSION['return_to'] = $_SERVER['REQUEST_URI']; $_SESSION['return_to'] = $_SERVER['REQUEST_URI'];
$solr_status = (preg_match("/^([yY][eE][sS]|[yY])+$/", $_ENV["SKIP_SOLR"])) ? false : solr_status(); $solr_status = (preg_match("/^([yY][eE][sS]|[yY])+$/", $_ENV["SKIP_SOLR"])) ? false : solr_status();
$clamd_status = (preg_match("/^([yY][eE][sS]|[yY])+$/", $_ENV["SKIP_CLAMD"])) ? false : true; $clamd_status = (preg_match("/^([yY][eE][sS]|[yY])+$/", $_ENV["SKIP_CLAMD"])) ? false : true;
$xmpp_status = xmpp_control('status');
?> ?>
<div class="container"> <div class="container">
@ -96,47 +95,6 @@ $xmpp_status = xmpp_control('status');
</div> </div>
</div> </div>
</div> </div>
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title"><?=$lang['debug']['xmpp_status'];?></h3>
</div>
<div class="panel-body">
<div class="row">
<div class="col-sm-3">
<p><img class="img-responsive" alt="XMPP Logo" width="128px" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAIAAAACACAMAAAD04JH5AAAAGXRFWHRTb2Z0d2FyZQB3d3cuaW5rc2NhcGUub3Jnm+48GgAAAAlwSFlzAAAJcwAACXMB+Yg9ogAAAqNQTFRFR3BMEERaAAAAAAAAAAAAAAAAAAAAAAAAdIFfAAAABBEVAAAAAAAAAAAAAAAAFYSszZA8BxUkAAAAAAAAAAAAmsplAAAAn81nFYi7AAAAAAAAF3utAAAA52wfEpbK4mcg5WYgncxnD3OmAAAAnsxnAAAAAAAA5mwg520gEZbJAAAA0FYjoM5m6W0fEpfLAAAAR5VD3WkjEWGRE26fnctn6W0fE6ban85noc9o5mwhAAAAAAAAFHeq6m0fAAAAoM5nAAAAATtsATlqoc5mAjlrAjhqATdqATxt6W0eEp/SE6LXEmOUDmibE5DDzVokEmaXUZlIATVm6W0f52wgE5/T42simL5fulouAAAADnuvslw4FIm8m8loS45P6W0eAAAAAjxtE6/kD5zRADJiATJjD5zR52sgwFYprlMxDnCiK2SIEmCSD4C0nMpnTZZGnVxBEnaom8hnoc1nBFCDEq/kP4tQBk2AErLnFqrcATBhwlQoEHutkL9oSIddTZJHQZc7F3CiSpBHE7TpFLPouVMo4mUfgbVdQYxDoG05AAAAoM5n6W0fQ5Y52VQeCnirDYi8ATdpDpHGBUx+BEl7Az9xBEV3A0J0BVKFBU+BBlaIEqreR5k8BlyOBlmLEq3iEaDUEpzREqPXAjxtEZbKB1+SEqbbE7TpCGKVEZnNErDlCGaYCWmcC3OmCW+iTJtBDH+zCWyf5WcfC3yw6GsfDIO24WAe3lseDYzA21YeATFiVqJC1lYhm8tlFY3AGZPEd7VTicFcYqlIf7pWG3GdS5tNxV0vlshiOodqSJlYIYamJKLDa69NkMVfj2RQ0og0FoS1o8pkMZ+Qj3dnQaBtPXeTSG+CMaedmnBaZoKIY2RpHXeJKpCEzFsqn15DP4qmtqBLcmZPJnTRbgAAAIh0Uk5TAAbkZszdL0MDiAyNtvxsDwoUJjobFqj0/YFZ/vd0iDEUmUdOi/DWgvIle/2onK/s/tggL777edowW5Wb42R1XucvQkfDpGRUQFE60HNi7Kngi8/oncBXnIef/vHpgODF8Pnjd9XJH9tW9vuOymrtwI91N73t/m6v/ui6vNajOyvNsNXReP3jaggoHboAAAkwSURBVHja7Vr5XxVlFx/26QreyxIgIDsKgliAGEpaCiKbKO675b6m72tme71vy+cKRLYX2aItVkQRkQKK0tVUjKi0N+215U9pnmXm2WbunXuZe6vP535/uszMOec753yfc54ZRpKCCCKIIP4uCPmr483fvCk2cNFrqhbzx2r6+vqq5wYk/N2LH+zr28QfndsH8ODiEj9Ht83fDCPNF2g9j1FV40c5zK1Ww9QIzJ7XsLH6br9Ej920mQQRQ2w8RqFqvs3i6PLc6mPHXiIRRMVXvcTg/r3rLCzF9m2rWfcbxWuqX2FwW2trx6LlshXRM7YNtLUVMt5frhIvO/gyA4VAa+u5b8rm3Dqm4I4FKxb2tAGw7hfrCPRFBojAYQVl++/wMXpmxdT8lpYWRIB1f1C82v4CA0JAwYzced4WQ86Y3NyCgAiw7nXWmfzv12h0AAJfH9aQVORFMRwVU5e0aEAEGO+v6t3Prldp3MYRUJBlmsDEFhrdkADjvUm3S71OAxI4yxDINU3gTpHAAOP9oO6IevMohfMWEyiknR/VnzhNb1K4HxC4YkkJegGBC5Tvo/X6ZjXvUbgICPQzBIrGQmA17bxB38z+IQVIoMNHApMZAl8BAr/SzksN7Jo+JvgFEGg9TRMoM01gKkPgFCBwg/Jdb2SX/QnBx610J0LtyDcCsA2c2kn5bjDsXpWfE3QJyyDJNIFmsQ18QjzvsBsaNnxKcAkQGGJEYLoV5gsavEkcf77K2NC+o1ODjgr/ZXYI6WiQOO4sdWO67zkNSIXf0gTmmN0AMARgBW5ofjsfdmdaQAh80SGIwGwrrBAl4CKOs93arvpCgyiCMl8WAeqDxO1u97YFn2n4PxQB3QmSZB8WAewCI8RttgfjVV+q+KxVmMjmtkaO6UIFrmled3uyLkluR/iy/bxQgz2mCCwQKlDYriHbo3k6vvJku1iDIu8nAajAqREtfrFnc/uakxjt/LbMpAiahQpcVl2eLDBh33gE4+RVYSTPM2G/VVwDqscj6ab2s1vUyy8LvSjLy80A2o9eVx3eazdVw4LjCCeOn+e3RWYG4jI+AQOD2OHxWpONJP0Exg+CDD2Pg8zpfBP4WXVXbHaYhWx5B+GEMJOzvKoAkuAg9mayAAB1b2PAFHTR68DhzRqAg/Bn1VmtZB7l7yK83cWvxDmensiEBAxjX0u9erLb8j6CkIIyLwYRSgD25EUB4Eo48AaCoAL38yAzn38iGkZ+DtV5+XRb+xbC/2AKTpttx5P5BPyI/ZR7/XCf/hGC8IzmbmfoWMIn4BDy8oAPrxce+ABiGPaCb8zti+7ke8B15OS/dh8I2P+DjK9yUznJOAXyerYJDlxALg4USL6g4ADM3qEu7hEl10wC0BQYhh7uqfMpviTX3UN02G8iBY71rAJPIQV+1OjzO65atIQucTos8tyFoQJvHoLm5ZLvKIc9ZBjsTDq+9dQLqB7QAzdCv0HrpdJYgHoyX4QyT00QtQDUgcf2slMuh3PkKrcxWK73PKTN4R5YgAvvAMvisb5sldPhKD3ProS1og7lZrYAA8PArtiCl71ge3IcyoDqyFluFNgDCjBwHW5BLHnhna5spgZ/4NoRvz3dms/uw34EWzBr4itVGBwcPMLJYAa7M5GXsS1wtWIyWGzZC//GMwousXuTIoMpiAQIDJbKVsWX5do1Z84kAyF2nNPdGy2YzgrwsnJ5umQl6tYkJ4+CodClzcUk0o4yl7AC/C05ObnR0viSXFA5OnqZZUBksIzpQAPXRkfXZEtWo2Q3ZtCvLcYimReAGr+y1A//dQtZlZrKMcjlhjCM/1Nq6sN2yS9oFBjsYQQIJ4ASf58s+QmllakulsE8KSOfu//KbMl/sDd1usBq7FeVmLR8Pa3/wmudT/j5v88NO1ygI3Wpu4Pvv6Pi33S59vn9Q4TSJ1wX6Y6EGMD+s9rl1/Rrq2GX66IyGztwV/4eMOgG8UdcTXYpICit/wVIcei0mgM4f27UZ0sBgiw37ARC6FeF8J0yfnbusksBREkTXYbTv4/Ul0qBheO+n8B6HMLr8ZFbAxw/o7mlZ+SiooQO/Lywdl4gw8sTYfvtHoFKwAsyyxGw+FvR+O3pbSv8g6rDjDsCVP3J+Ti8svbuK3kUrMgriEJWIJRQsYQKHyvJUgikMASXZNJ+2c/hF9wOiw8Hzwot2Lq9QAtfg8a0drk/tVcBwnf3gr67bTtz6rFFoC0MAQ5r9/tJjZlK7bt7vwLRF64QY8jrIIf+s+cOJ/lBC46KZU/3wh2PEj3T4CIb5KAU48q5R/ZYymHi7U/DO29b+NB29yqTH3tyL3ybMHT2mVzrBFmoSG7hQ09lmPT4+LNPLgIfQlmXhIxMX7Zvjwf6K02hHFIQQQTxj0J8FESc7qG4KIwE2iRSPWojF2uIVC+N5U7ER+p/wR2V5gRIi9eOTIEHnBGKp3FOjGjKIiFNPRqp/BXq5DFtFuQQJZxwThqv1yNTYpCZmoMUJ/lbI+CMIgaznO4JKLaR+gSUG9FjEEbumGQkD/igCIRrl8fFeCTgnCQbEHBO0avCBBwDlDQyD1UE3TEh4MxRr452eiYAEqZPIFRXB+O0/CQgfzEpEk9gEk5evFOHwLQwjNmJMeqNIgLR6pkpG5BNgu74SkQnE2MnoR/jGWbonsPQoQ3UIY1ABPG1Ep6ZqRKYQJ7uI+CBeP09Fc7rXVyhEIE4KItQ+NV5Doo/3pAAumCWSEBK5NXMMAinMjuTq41tpUZLhimKiTQmkGJIINodAUlNPiiEzBOwwczkxaorZqZkSADncqVIIDJNs9F9/0LEPZtXpw3HHSeFwHB5CTyBmAgVuEmFqQTy1BOhePXaPMYnEiQEUObT4martRjvYRnGGS3DcIP4eBlMc9KCJwSwtBKnqWr0QCDaqBM6UyRTyzCMJ0C3H+DDPYHwWCMCK93GN2pENqYBh8sigbRwCtFhIWQY3UWd2DBLvwlIM8VWjBkQAmQEQSfGy5CMWX4ZGgLHj0DjOj6NYkARiM3DZZKsJoDjh6pNOgclOyaHJYC3CTFxVhO4xUmNX3o8p+WwBGyhqBdYTCDuFgRKHnIKOjTBJuXAH3gORoHfeFsVD0+ApE0BP2Ybeo4KbnqDCCIII/wJlFbTu+je//0AAAAASUVORK5CYII=" /></p>
</div>
<div class="col-sm-9">
<?php
if ($xmpp_status !== false) {
?>
<p><?=$lang['debug']['online_users'];?>: <?=(empty($xmpp_status['onlineusers'])) ? '-' : $xmpp_status['onlineusers'];?></p>
<p><?=$lang['debug']['started_at'];?>: <span class="parse_s_ago"><?=$xmpp_status['uptimeseconds'];?></span></p>
<?php
if (!empty($xmpp_status['muc_online_rooms'])) {
?>
<p>MUCs:</p>
<ol>
<?php
foreach ($xmpp_status['muc_online_rooms'] as $room) {
?>
<li><a href="xmpp:<?=$room;?>?message"><?=$room;?></a></li>
<?php
}
?>
</ol>
<?php
}
}
else {
?>
<p><?=$lang['debug']['xmpp_dead'];?></p>
<?php
}
?>
</div>
</div>
</div>
</div>
<div class="panel panel-default"> <div class="panel panel-default">
<div class="panel-heading"> <div class="panel-heading">
<h3 class="panel-title"><?=$lang['debug']['containers_info'];?></h3> <h3 class="panel-title"><?=$lang['debug']['containers_info'];?></h3>

40
data/web/edit.php
View File

@ -272,7 +272,6 @@ if (isset($_SESSION['mailcow_cc_role'])) {
<input type="hidden" value="0" name="active"> <input type="hidden" value="0" name="active">
<input type="hidden" value="0" name="backupmx"> <input type="hidden" value="0" name="backupmx">
<input type="hidden" value="0" name="gal"> <input type="hidden" value="0" name="gal">
<input type="hidden" value="0" name="xmpp">
<input type="hidden" value="0" name="relay_all_recipients"> <input type="hidden" value="0" name="relay_all_recipients">
<input type="hidden" value="0" name="relay_unknown_only"> <input type="hidden" value="0" name="relay_unknown_only">
<div class="form-group" data-acl="<?=$_SESSION['acl']['domain_desc'];?>"> <div class="form-group" data-acl="<?=$_SESSION['acl']['domain_desc'];?>">
@ -356,26 +355,6 @@ if (isset($_SESSION['mailcow_cc_role'])) {
</div> </div>
</div> </div>
<hr> <hr>
<div class="form-group" data-acl="<?=$_SESSION['acl']['xmpp_prefix'];?>">
<label class="control-label col-sm-2" for="xmpp_prefix"><?=$lang['edit']['xmpp_prefix'];?></label>
<div class="col-md-10">
<div class="input-group">
<input type="text" class="form-control" id="xmpp-prefix" name="xmpp_prefix" value="<?=(!empty($result['xmpp_prefix'])) ? htmlspecialchars($result['xmpp_prefix'], ENT_QUOTES, 'UTF-8') : 'im';?>" required>
<span class="input-group-addon">.<?=htmlspecialchars($domain, ENT_QUOTES, 'UTF-8');?></span>
</div>
<small class="help-block"><?=sprintf($lang['edit']['xmpp_prefix_info'], getenv('MAILCOW_HOSTNAME'));?></small>
<p><?=$lang['edit']['xmpp_example_jid'];?>: <code>username@<span class="xmpp-prefix-preview"></span>.<?=htmlspecialchars($domain, ENT_QUOTES, 'UTF-8');?></code></p>
</div>
</div>
<div class="form-group" data-acl="<?=$_SESSION['acl']['xmpp_mailbox_access'];?>">
<div class="col-sm-offset-2 col-sm-10">
<div class="checkbox">
<label><input type="checkbox" value="1" name="xmpp" <?=(isset($result['xmpp']) && $result['xmpp']=="1") ? "checked" : null;?>> <?=$lang['edit']['xmpp'];?></label>
<small class="help-block"><?=$lang['edit']['xmpp_info'];?></small>
</div>
</div>
</div>
<hr>
<div class="form-group"> <div class="form-group">
<div class="col-sm-offset-2 col-sm-10"> <div class="col-sm-offset-2 col-sm-10">
<div class="checkbox"> <div class="checkbox">
@ -649,8 +628,6 @@ if (isset($_SESSION['mailcow_cc_role'])) {
<input type="hidden" value="0" name="force_pw_update"> <input type="hidden" value="0" name="force_pw_update">
<input type="hidden" value="0" name="sogo_access"> <input type="hidden" value="0" name="sogo_access">
<input type="hidden" value="0" name="protocol_access"> <input type="hidden" value="0" name="protocol_access">
<input type="hidden" value="0" name="xmpp_access">
<input type="hidden" value="0" name="xmpp_admin">
<div class="form-group"> <div class="form-group">
<label class="control-label col-sm-2" for="name"><?=$lang['edit']['full_name'];?></label> <label class="control-label col-sm-2" for="name"><?=$lang['edit']['full_name'];?></label>
<div class="col-sm-10"> <div class="col-sm-10">
@ -859,23 +836,6 @@ if (isset($_SESSION['mailcow_cc_role'])) {
</div> </div>
</div> </div>
<hr> <hr>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<div class="checkbox">
<label><input type="checkbox" data-acl="<?=$_SESSION['acl']['xmpp_mailbox_access'];?>" value="1" name="xmpp_access" <?=(isset($result['attributes']['xmpp_access']) && $result['attributes']['xmpp_access']=="1") ? "checked" : null;?>> <?=$lang['edit']['xmpp_access'];?></label>
<small class="help-block"><?=$lang['edit']['xmpp_access_info'];?></small>
</div>
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<div class="checkbox">
<label><input data-acl="<?=$_SESSION['acl']['xmpp_admin'];?>" type="checkbox" value="1" name="xmpp_admin" <?=(isset($result['attributes']['xmpp_admin']) && $result['attributes']['xmpp_admin']=="1") ? "checked" : null;?>> <?=$lang['edit']['xmpp_admin'];?></label>
<small class="help-block"><?=$lang['edit']['xmpp_admin_info'];?></small>
</div>
</div>
</div>
<hr>
<div class="form-group"> <div class="form-group">
<div class="col-sm-offset-2 col-sm-10"> <div class="col-sm-offset-2 col-sm-10">
<select name="active" class="form-control"> <select name="active" class="form-control">

22
data/web/inc/ajax/dns_diagnostics.php
View File

@ -126,28 +126,6 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
'CNAME', 'CNAME',
$mailcow_hostname $mailcow_hostname
); );
if ($domain_details['xmpp'] === 1 && isset($domain_details['xmpp_prefix'])) {
$records[] = array(
$domain_details['xmpp_prefix'] . '.' . $domain,
'CNAME',
$mailcow_hostname
);
$records[] = array(
'*.' . $domain_details['xmpp_prefix'] . '.' . $domain,
'CNAME',
$mailcow_hostname
);
$records[] = array(
'_xmpp-client._tcp.' . $domain_details['xmpp_prefix'] . '.' . $domain,
'SRV',
$mailcow_hostname . ' ' . array_pop(explode(':', getenv('XMPP_C2S_PORT')))
);
$records[] = array(
'_xmpp-server._tcp.' . $domain_details['xmpp_prefix'] . '.' . $domain,
'SRV',
$mailcow_hostname . ' ' . array_pop(explode(':', getenv('XMPP_S2S_PORT')))
);
}
} }
$records[] = array( $records[] = array(

4
data/web/inc/functions.inc.php
View File

@ -262,7 +262,6 @@ function last_login($action, $username, $sasl_limit_days = 7) {
LEFT OUTER JOIN `app_passwd` on `sasl_logs`.`app_password` = `app_passwd`.`id` LEFT OUTER JOIN `app_passwd` on `sasl_logs`.`app_password` = `app_passwd`.`id`
WHERE `username` = :username WHERE `username` = :username
AND HOUR(TIMEDIFF(NOW(), `datetime`)) < :sasl_limit_days AND HOUR(TIMEDIFF(NOW(), `datetime`)) < :sasl_limit_days
AND `success` = 1
GROUP BY `real_rip`, `service`, `app_password` GROUP BY `real_rip`, `service`, `app_password`
ORDER BY `datetime` DESC;'); ORDER BY `datetime` DESC;');
$stmt->execute(array(':username' => $username, ':sasl_limit_days' => ($sasl_limit_days * 24))); $stmt->execute(array(':username' => $username, ':sasl_limit_days' => ($sasl_limit_days * 24)));
@ -333,8 +332,7 @@ function last_login($action, $username, $sasl_limit_days = 7) {
case 'reset': case 'reset':
if (filter_var($username, FILTER_VALIDATE_EMAIL) && hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) { if (filter_var($username, FILTER_VALIDATE_EMAIL) && hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {
$stmt = $pdo->prepare('DELETE FROM `sasl_logs` $stmt = $pdo->prepare('DELETE FROM `sasl_logs`
WHERE `username` = :username WHERE `username` = :username');
AND `success` = 1;');
$stmt->execute(array(':username' => $username)); $stmt->execute(array(':username' => $username));
} }
if ($_SESSION['mailcow_cc_role'] == "admin" || $username == $_SESSION['mailcow_cc_username']) { if ($_SESSION['mailcow_cc_role'] == "admin" || $username == $_SESSION['mailcow_cc_username']) {

46
data/web/inc/functions.mailbox.inc.php
View File

@ -450,7 +450,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
} }
$domain = idn_to_ascii(strtolower(trim($_data['domain'])), 0, INTL_IDNA_VARIANT_UTS46); $domain = idn_to_ascii(strtolower(trim($_data['domain'])), 0, INTL_IDNA_VARIANT_UTS46);
$description = $_data['description']; $description = $_data['description'];
$xmpp_prefix = preg_replace('/[^\da-z-]/i', '', $_data['xmpp_prefix']);
if (empty($description)) { if (empty($description)) {
$description = $domain; $description = $domain;
} }
@ -497,7 +496,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$relay_unknown_only = intval($_data['relay_unknown_only']); $relay_unknown_only = intval($_data['relay_unknown_only']);
$backupmx = intval($_data['backupmx']); $backupmx = intval($_data['backupmx']);
$gal = intval($_data['gal']); $gal = intval($_data['gal']);
$xmpp = intval($_data['xmpp']);
if ($relay_all_recipients == 1) { if ($relay_all_recipients == 1) {
$backupmx = '1'; $backupmx = '1';
} }
@ -551,8 +549,8 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$stmt->execute(array( $stmt->execute(array(
':domain' => '%@' . $domain ':domain' => '%@' . $domain
)); ));
$stmt = $pdo->prepare("INSERT INTO `domain` (`domain`, `description`, `aliases`, `mailboxes`, `defquota`, `maxquota`, `quota`, `backupmx`, `gal`, `xmpp`, `xmpp_prefix`, `active`, `relay_unknown_only`, `relay_all_recipients`) $stmt = $pdo->prepare("INSERT INTO `domain` (`domain`, `description`, `aliases`, `mailboxes`, `defquota`, `maxquota`, `quota`, `backupmx`, `gal`, `active`, `relay_unknown_only`, `relay_all_recipients`)
VALUES (:domain, :description, :aliases, :mailboxes, :defquota, :maxquota, :quota, :backupmx, :gal, :xmpp, :xmpp_prefix, :active, :relay_unknown_only, :relay_all_recipients)"); VALUES (:domain, :description, :aliases, :mailboxes, :defquota, :maxquota, :quota, :backupmx, :gal, :active, :relay_unknown_only, :relay_all_recipients)");
$stmt->execute(array( $stmt->execute(array(
':domain' => $domain, ':domain' => $domain,
':description' => $description, ':description' => $description,
@ -563,8 +561,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
':quota' => $quota, ':quota' => $quota,
':backupmx' => $backupmx, ':backupmx' => $backupmx,
':gal' => $gal, ':gal' => $gal,
':xmpp' => $xmpp,
':xmpp_prefix' => $xmpp_prefix,
':active' => $active, ':active' => $active,
':relay_unknown_only' => $relay_unknown_only, ':relay_unknown_only' => $relay_unknown_only,
':relay_all_recipients' => $relay_all_recipients ':relay_all_recipients' => $relay_all_recipients
@ -960,8 +956,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$imap_access = (isset($_data['imap_access'])) ? intval($_data['imap_access']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['imap_access']); $imap_access = (isset($_data['imap_access'])) ? intval($_data['imap_access']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['imap_access']);
$pop3_access = (isset($_data['pop3_access'])) ? intval($_data['pop3_access']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['pop3_access']); $pop3_access = (isset($_data['pop3_access'])) ? intval($_data['pop3_access']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['pop3_access']);
$smtp_access = (isset($_data['smtp_access'])) ? intval($_data['smtp_access']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['smtp_access']); $smtp_access = (isset($_data['smtp_access'])) ? intval($_data['smtp_access']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['smtp_access']);
$xmpp_access = (isset($_data['xmpp_access'])) ? intval($_data['xmpp_access']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['xmpp_access']);
$xmpp_admin = (isset($_data['xmpp_admin'])) ? intval($_data['xmpp_admin']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['xmpp_admin']);
$quarantine_notification = (isset($_data['quarantine_notification'])) ? strval($_data['quarantine_notification']) : strval($MAILBOX_DEFAULT_ATTRIBUTES['quarantine_notification']); $quarantine_notification = (isset($_data['quarantine_notification'])) ? strval($_data['quarantine_notification']) : strval($MAILBOX_DEFAULT_ATTRIBUTES['quarantine_notification']);
$quarantine_category = (isset($_data['quarantine_category'])) ? strval($_data['quarantine_category']) : strval($MAILBOX_DEFAULT_ATTRIBUTES['quarantine_category']); $quarantine_category = (isset($_data['quarantine_category'])) ? strval($_data['quarantine_category']) : strval($MAILBOX_DEFAULT_ATTRIBUTES['quarantine_category']);
$quota_b = ($quota_m * 1048576); $quota_b = ($quota_m * 1048576);
@ -974,8 +968,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
'imap_access' => strval($imap_access), 'imap_access' => strval($imap_access),
'pop3_access' => strval($pop3_access), 'pop3_access' => strval($pop3_access),
'smtp_access' => strval($smtp_access), 'smtp_access' => strval($smtp_access),
'xmpp_access' => strval($xmpp_access),
'xmpp_admin' => strval($xmpp_admin),
'passwd_update' => time(), 'passwd_update' => time(),
'mailbox_format' => strval($MAILBOX_DEFAULT_ATTRIBUTES['mailbox_format']), 'mailbox_format' => strval($MAILBOX_DEFAULT_ATTRIBUTES['mailbox_format']),
'quarantine_notification' => strval($quarantine_notification), 'quarantine_notification' => strval($quarantine_notification),
@ -2145,8 +2137,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$is_now = mailbox('get', 'domain_details', $domain); $is_now = mailbox('get', 'domain_details', $domain);
if (!empty($is_now)) { if (!empty($is_now)) {
$gal = (isset($_data['gal'])) ? intval($_data['gal']) : $is_now['gal']; $gal = (isset($_data['gal'])) ? intval($_data['gal']) : $is_now['gal'];
$xmpp = (isset($_data['xmpp']) && !empty($_SESSION['acl']['xmpp_domain_access']) && $_SESSION['acl']['xmpp_domain_access'] == "1") ? intval($_data['xmpp']) : $is_now['xmpp'];
$xmpp_prefix = (!empty($_data['xmpp_prefix']) && !empty($_SESSION['acl']['xmpp_prefix']) && $_SESSION['acl']['xmpp_prefix'] == "1") ? $_data['xmpp_prefix'] : $is_now['xmpp_prefix'];
$description = (!empty($_data['description']) && isset($_SESSION['acl']['domain_desc']) && $_SESSION['acl']['domain_desc'] == "1") ? $_data['description'] : $is_now['description']; $description = (!empty($_data['description']) && isset($_SESSION['acl']['domain_desc']) && $_SESSION['acl']['domain_desc'] == "1") ? $_data['description'] : $is_now['description'];
(int)$relayhost = (isset($_data['relayhost']) && isset($_SESSION['acl']['domain_relayhost']) && $_SESSION['acl']['domain_relayhost'] == "1") ? intval($_data['relayhost']) : intval($is_now['relayhost']); (int)$relayhost = (isset($_data['relayhost']) && isset($_SESSION['acl']['domain_relayhost']) && $_SESSION['acl']['domain_relayhost'] == "1") ? intval($_data['relayhost']) : intval($is_now['relayhost']);
} }
@ -2158,18 +2148,13 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
); );
continue; continue;
} }
$xmpp_prefix = preg_replace('/[^\da-z-]/i', '', $xmpp_prefix);
$stmt = $pdo->prepare("UPDATE `domain` SET $stmt = $pdo->prepare("UPDATE `domain` SET
`description` = :description, `description` = :description,
`gal` = :gal, `gal` = :gal
`xmpp` = :xmpp,
`xmpp_prefix` = :xmpp_prefix
WHERE `domain` = :domain"); WHERE `domain` = :domain");
$stmt->execute(array( $stmt->execute(array(
':description' => $description, ':description' => $description,
':gal' => $gal, ':gal' => $gal,
':xmpp' => $xmpp,
':xmpp_prefix' => $xmpp_prefix,
':domain' => $domain ':domain' => $domain
)); ));
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
@ -2184,7 +2169,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$active = (isset($_data['active'])) ? intval($_data['active']) : $is_now['active']; $active = (isset($_data['active'])) ? intval($_data['active']) : $is_now['active'];
$backupmx = (isset($_data['backupmx'])) ? intval($_data['backupmx']) : $is_now['backupmx']; $backupmx = (isset($_data['backupmx'])) ? intval($_data['backupmx']) : $is_now['backupmx'];
$gal = (isset($_data['gal'])) ? intval($_data['gal']) : $is_now['gal']; $gal = (isset($_data['gal'])) ? intval($_data['gal']) : $is_now['gal'];
$xmpp = (isset($_data['xmpp'])) ? intval($_data['xmpp']) : $is_now['xmpp'];
$relay_all_recipients = (isset($_data['relay_all_recipients'])) ? intval($_data['relay_all_recipients']) : $is_now['relay_all_recipients']; $relay_all_recipients = (isset($_data['relay_all_recipients'])) ? intval($_data['relay_all_recipients']) : $is_now['relay_all_recipients'];
$relay_unknown_only = (isset($_data['relay_unknown_only'])) ? intval($_data['relay_unknown_only']) : $is_now['relay_unknown_only']; $relay_unknown_only = (isset($_data['relay_unknown_only'])) ? intval($_data['relay_unknown_only']) : $is_now['relay_unknown_only'];
$relayhost = (isset($_data['relayhost'])) ? intval($_data['relayhost']) : $is_now['relayhost']; $relayhost = (isset($_data['relayhost'])) ? intval($_data['relayhost']) : $is_now['relayhost'];
@ -2194,7 +2178,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$maxquota = (!empty($_data['maxquota'])) ? $_data['maxquota'] : ($is_now['max_quota_for_mbox'] / 1048576); $maxquota = (!empty($_data['maxquota'])) ? $_data['maxquota'] : ($is_now['max_quota_for_mbox'] / 1048576);
$quota = (!empty($_data['quota'])) ? $_data['quota'] : ($is_now['max_quota_for_domain'] / 1048576); $quota = (!empty($_data['quota'])) ? $_data['quota'] : ($is_now['max_quota_for_domain'] / 1048576);
$description = (!empty($_data['description'])) ? $_data['description'] : $is_now['description']; $description = (!empty($_data['description'])) ? $_data['description'] : $is_now['description'];
$xmpp_prefix = (!empty($_data['xmpp_prefix'])) ? $_data['xmpp_prefix'] : $is_now['xmpp_prefix'];
if ($relay_all_recipients == '1') { if ($relay_all_recipients == '1') {
$backupmx = '1'; $backupmx = '1';
} }
@ -2211,7 +2194,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
); );
continue; continue;
} }
$xmpp_prefix = preg_replace('/[^\da-z-]/i', '', $xmpp_prefix);
// todo: should be using api here // todo: should be using api here
$stmt = $pdo->prepare("SELECT $stmt = $pdo->prepare("SELECT
COUNT(*) AS count, COUNT(*) AS count,
@ -2299,8 +2281,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
`relay_unknown_only` = :relay_unknown_only, `relay_unknown_only` = :relay_unknown_only,
`backupmx` = :backupmx, `backupmx` = :backupmx,
`gal` = :gal, `gal` = :gal,
`xmpp` = :xmpp,
`xmpp_prefix` = :xmpp_prefix,
`active` = :active, `active` = :active,
`quota` = :quota, `quota` = :quota,
`defquota` = :defquota, `defquota` = :defquota,
@ -2315,8 +2295,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
':relay_unknown_only' => $relay_unknown_only, ':relay_unknown_only' => $relay_unknown_only,
':backupmx' => $backupmx, ':backupmx' => $backupmx,
':gal' => $gal, ':gal' => $gal,
':xmpp' => $xmpp,
':xmpp_prefix' => $xmpp_prefix,
':active' => $active, ':active' => $active,
':quota' => $quota, ':quota' => $quota,
':defquota' => $defquota, ':defquota' => $defquota,
@ -2365,8 +2343,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
(int)$imap_access = (isset($_data['imap_access']) && isset($_SESSION['acl']['protocol_access']) && $_SESSION['acl']['protocol_access'] == "1") ? intval($_data['imap_access']) : intval($is_now['attributes']['imap_access']); (int)$imap_access = (isset($_data['imap_access']) && isset($_SESSION['acl']['protocol_access']) && $_SESSION['acl']['protocol_access'] == "1") ? intval($_data['imap_access']) : intval($is_now['attributes']['imap_access']);
(int)$pop3_access = (isset($_data['pop3_access']) && isset($_SESSION['acl']['protocol_access']) && $_SESSION['acl']['protocol_access'] == "1") ? intval($_data['pop3_access']) : intval($is_now['attributes']['pop3_access']); (int)$pop3_access = (isset($_data['pop3_access']) && isset($_SESSION['acl']['protocol_access']) && $_SESSION['acl']['protocol_access'] == "1") ? intval($_data['pop3_access']) : intval($is_now['attributes']['pop3_access']);
(int)$smtp_access = (isset($_data['smtp_access']) && isset($_SESSION['acl']['protocol_access']) && $_SESSION['acl']['protocol_access'] == "1") ? intval($_data['smtp_access']) : intval($is_now['attributes']['smtp_access']); (int)$smtp_access = (isset($_data['smtp_access']) && isset($_SESSION['acl']['protocol_access']) && $_SESSION['acl']['protocol_access'] == "1") ? intval($_data['smtp_access']) : intval($is_now['attributes']['smtp_access']);
(int)$xmpp_admin = (isset($_data['xmpp_admin']) && isset($_SESSION['acl']['xmpp_admin']) && $_SESSION['acl']['xmpp_admin'] == "1") ? intval($_data['xmpp_admin']) : intval($is_now['attributes']['xmpp_admin']);
(int)$xmpp_access = (isset($_data['xmpp_access']) && isset($_SESSION['acl']['xmpp_mailbox_access']) && $_SESSION['acl']['xmpp_mailbox_access'] == "1") ? intval($_data['xmpp_access']) : intval($is_now['attributes']['xmpp_access']);
(int)$relayhost = (isset($_data['relayhost']) && isset($_SESSION['acl']['mailbox_relayhost']) && $_SESSION['acl']['mailbox_relayhost'] == "1") ? intval($_data['relayhost']) : intval($is_now['attributes']['relayhost']); (int)$relayhost = (isset($_data['relayhost']) && isset($_SESSION['acl']['mailbox_relayhost']) && $_SESSION['acl']['mailbox_relayhost'] == "1") ? intval($_data['relayhost']) : intval($is_now['attributes']['relayhost']);
(int)$quota_m = (isset_has_content($_data['quota'])) ? intval($_data['quota']) : ($is_now['quota'] / 1048576); (int)$quota_m = (isset_has_content($_data['quota'])) ? intval($_data['quota']) : ($is_now['quota'] / 1048576);
$name = (!empty($_data['name'])) ? ltrim(rtrim($_data['name'], '>'), '<') : $is_now['name']; $name = (!empty($_data['name'])) ? ltrim(rtrim($_data['name'], '>'), '<') : $is_now['name'];
@ -2639,8 +2615,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
`attributes` = JSON_SET(`attributes`, '$.sogo_access', :sogo_access), `attributes` = JSON_SET(`attributes`, '$.sogo_access', :sogo_access),
`attributes` = JSON_SET(`attributes`, '$.imap_access', :imap_access), `attributes` = JSON_SET(`attributes`, '$.imap_access', :imap_access),
`attributes` = JSON_SET(`attributes`, '$.pop3_access', :pop3_access), `attributes` = JSON_SET(`attributes`, '$.pop3_access', :pop3_access),
`attributes` = JSON_SET(`attributes`, '$.xmpp_admin', :xmpp_admin),
`attributes` = JSON_SET(`attributes`, '$.xmpp_access', :xmpp_access),
`attributes` = JSON_SET(`attributes`, '$.relayhost', :relayhost), `attributes` = JSON_SET(`attributes`, '$.relayhost', :relayhost),
`attributes` = JSON_SET(`attributes`, '$.smtp_access', :smtp_access) `attributes` = JSON_SET(`attributes`, '$.smtp_access', :smtp_access)
WHERE `username` = :username"); WHERE `username` = :username");
@ -2653,8 +2627,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
':imap_access' => $imap_access, ':imap_access' => $imap_access,
':pop3_access' => $pop3_access, ':pop3_access' => $pop3_access,
':smtp_access' => $smtp_access, ':smtp_access' => $smtp_access,
':xmpp_admin' => $xmpp_admin,
':xmpp_access' => $xmpp_access,
':relayhost' => $relayhost, ':relayhost' => $relayhost,
':username' => $username ':username' => $username
)); ));
@ -3413,8 +3385,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
`relay_unknown_only`, `relay_unknown_only`,
`backupmx`, `backupmx`,
`gal`, `gal`,
`xmpp`,
`xmpp_prefix`,
`active` `active`
FROM `domain` WHERE `domain`= :domain"); FROM `domain` WHERE `domain`= :domain");
$stmt->execute(array( $stmt->execute(array(
@ -3473,8 +3443,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$domaindata['backupmx'] = $row['backupmx']; $domaindata['backupmx'] = $row['backupmx'];
$domaindata['backupmx_int'] = $row['backupmx']; $domaindata['backupmx_int'] = $row['backupmx'];
$domaindata['gal'] = $row['gal']; $domaindata['gal'] = $row['gal'];
$domaindata['xmpp'] = $row['xmpp'];
$domaindata['xmpp_prefix'] = $row['xmpp_prefix'];
$domaindata['gal_int'] = $row['gal']; $domaindata['gal_int'] = $row['gal'];
$domaindata['rl'] = $rl; $domaindata['rl'] = $rl;
$domaindata['active'] = $row['active']; $domaindata['active'] = $row['active'];
@ -3520,8 +3488,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
`mailbox`.`domain`, `mailbox`.`domain`,
`mailbox`.`local_part`, `mailbox`.`local_part`,
`mailbox`.`quota`, `mailbox`.`quota`,
`domain`.`xmpp` AS `domain_xmpp`,
`domain`.`xmpp_prefix` AS `domain_xmpp_prefix`,
`quota2`.`bytes`, `quota2`.`bytes`,
`attributes`, `attributes`,
`quota2`.`messages` `quota2`.`messages`
@ -3540,8 +3506,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
`mailbox`.`domain`, `mailbox`.`domain`,
`mailbox`.`local_part`, `mailbox`.`local_part`,
`mailbox`.`quota`, `mailbox`.`quota`,
`domain`.`xmpp` AS `domain_xmpp`,
`domain`.`xmpp_prefix` AS `domain_xmpp_prefix`,
`quota2replica`.`bytes`, `quota2replica`.`bytes`,
`attributes`, `attributes`,
`quota2replica`.`messages` `quota2replica`.`messages`
@ -3560,10 +3524,8 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$mailboxdata['active'] = $row['active']; $mailboxdata['active'] = $row['active'];
$mailboxdata['active_int'] = $row['active']; $mailboxdata['active_int'] = $row['active'];
$mailboxdata['domain'] = $row['domain']; $mailboxdata['domain'] = $row['domain'];
$mailboxdata['domain_xmpp'] = $row['domain_xmpp'];
$mailboxdata['relayhost'] = $row['relayhost']; $mailboxdata['relayhost'] = $row['relayhost'];
$mailboxdata['name'] = $row['name']; $mailboxdata['name'] = $row['name'];
$mailboxdata['domain_xmpp_prefix'] = $row['domain_xmpp_prefix'];
$mailboxdata['local_part'] = $row['local_part']; $mailboxdata['local_part'] = $row['local_part'];
$mailboxdata['quota'] = $row['quota']; $mailboxdata['quota'] = $row['quota'];
$mailboxdata['messages'] = $row['messages']; $mailboxdata['messages'] = $row['messages'];
@ -3587,7 +3549,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
// Determine last logins // Determine last logins
$stmt = $pdo->prepare("SELECT MAX(`datetime`) AS `datetime`, `service` FROM `sasl_logs` $stmt = $pdo->prepare("SELECT MAX(`datetime`) AS `datetime`, `service` FROM `sasl_logs`
WHERE `username` = :mailbox WHERE `username` = :mailbox
AND `success` = 1
GROUP BY `service` DESC"); GROUP BY `service` DESC");
$stmt->execute(array(':mailbox' => $_data)); $stmt->execute(array(':mailbox' => $_data));
$SaslLogsData = $stmt->fetchAll(PDO::FETCH_ASSOC); $SaslLogsData = $stmt->fetchAll(PDO::FETCH_ASSOC);
@ -4376,6 +4337,5 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
} }
if ($_action != 'get' && in_array($_type, array('domain', 'alias', 'alias_domain', 'mailbox', 'resource'))) { if ($_action != 'get' && in_array($_type, array('domain', 'alias', 'alias_domain', 'mailbox', 'resource'))) {
update_sogo_static_view(); update_sogo_static_view();
xmpp_rebuild_configs();
} }
} }

299
data/web/inc/functions.xmpp.inc.php
View File

@ -1,299 +0,0 @@
<?php
function xmpp_control($_action, $_data = null) {
global $lang;
$_data_log = $_data;
switch ($_action) {
case 'reload':
$curl = curl_init();
curl_setopt($curl, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);
curl_setopt($curl, CURLOPT_URL, 'http://ejabberd:5280/api/reload_config');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
$response = curl_exec($curl);
curl_close($curl);
if ($response === "0") {
$_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'xmpp_reloaded'
);
}
else {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'xmpp_reload_failed'
);
}
break;
case 'restart':
$curl = curl_init();
curl_setopt($curl, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);
curl_setopt($curl, CURLOPT_URL, 'http://ejabberd:5280/api/restart');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
$response = curl_exec($curl);
curl_close($curl);
if ($response === "0") {
$_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'xmpp_restarted'
);
}
else {
// If no host is available, the container might be in sleeping state, we need to restart the container
$response = json_decode(docker('post', 'ejabberd-mailcow', 'restart'), true);
if (isset($response['type']) && $response['type'] == "success") {
$_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'xmpp_restarted'
);
}
else {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'xmpp_restart_failed'
);
}
}
break;
case 'status':
if ($_SESSION['mailcow_cc_role'] != "admin") {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'access_denied'
);
return false;
}
foreach (array(
'onlineusers' => 'stats?name=onlineusers',
'uptimeseconds' => 'stats?name=uptimeseconds',
'muc_online_rooms' => 'muc_online_rooms?service=global'
) as $stat => $url) {
$curl = curl_init();
curl_setopt($curl, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);
curl_setopt($curl, CURLOPT_URL, 'http://ejabberd:5280/api/' . $url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
$response_json = json_decode(curl_exec($curl), true);
if (isset($response_json['stat'])) {
$response_data[$stat] = $response_json['stat'];
}
else {
$response_data[$stat] = $response_json;
}
curl_close($curl);
// Something went wrong
if ($response_data[$stat] === false) {
$response_data[$stat] = '?';
}
}
return $response_data;
break;
}
}
function xmpp_rebuild_configs() {
global $pdo;
global $lang;
$_data_log = $_data;
try {
$xmpp_domains = array();
$stmt = $pdo->query('SELECT CONCAT(`xmpp_prefix`, ".", `domain`) AS `xmpp_host`, `domain` FROM `domain` WHERE `xmpp` = 1');
$xmpp_domain_rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
foreach ($xmpp_domain_rows as $xmpp_domain_row) {
$xmpp_domains[$xmpp_domain_row['domain']] = array('xmpp_host' => $xmpp_domain_row['xmpp_host']);
$stmt = $pdo->query('SELECT CONCAT(`local_part`, "@", CONCAT(`domain`.`xmpp_prefix`, ".", `domain`.`domain`)) AS `xmpp_username` FROM `mailbox`
JOIN `domain`
WHERE `domain`.`xmpp` = 1
AND JSON_VALUE(`attributes`, "$.xmpp_admin") = 1');
$xmpp_admin_rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
foreach ($xmpp_admin_rows as $xmpp_admin_row) {
$xmpp_domains[$xmpp_domain_row['domain']]['xmpp_admins'][] = $xmpp_admin_row['xmpp_username'];
}
}
touch('/ejabberd/ejabberd_hosts.yml');
touch('/ejabberd/ejabberd_acl.yml');
touch('/etc/nginx/conf.d/ZZZ-ejabberd.conf');
$ejabberd_hosts_md5 = md5_file('/ejabberd/ejabberd_hosts.yml');
$ejabberd_acl_md5 = md5_file('/ejabberd/ejabberd_acl.yml');
$ejabberd_site_md5 = md5_file('/etc/nginx/conf.d/ZZZ-ejabberd.conf');
if (!empty($xmpp_domains)) {
// Handle hosts file
$hosts_handle = fopen('/ejabberd/ejabberd_hosts.yml', 'w');
if (!$hosts_handle) {
throw new Exception($lang['danger']['file_open_error']);
}
fwrite($hosts_handle, '# Autogenerated by mailcow' . PHP_EOL);
fwrite($hosts_handle, 'hosts:' . PHP_EOL);
foreach ($xmpp_domains as $domain => $domain_values) {
fwrite($hosts_handle, ' - ' . $xmpp_domains[$domain]['xmpp_host'] . PHP_EOL);
}
fclose($hosts_handle);
// Handle ACL file
$acl_handle = fopen('/ejabberd/ejabberd_acl.yml', 'w');
if (!$acl_handle) {
throw new Exception($lang['danger']['file_open_error']);
}
fwrite($acl_handle, '# Autogenerated by mailcow' . PHP_EOL);
fwrite($acl_handle, 'append_host_config:' . PHP_EOL);
foreach ($xmpp_domains as $domain => $domain_values) {
fwrite($acl_handle, ' ' . $xmpp_domains[$domain]['xmpp_host'] . ':' . PHP_EOL);
fwrite($acl_handle, ' acl:' . PHP_EOL);
fwrite($acl_handle, ' admin:' . PHP_EOL);
fwrite($acl_handle, ' user:' . PHP_EOL);
foreach ($xmpp_domains[$domain]['xmpp_admins'] as $xmpp_admin) {
fwrite($acl_handle, ' - ' . $xmpp_admin . PHP_EOL);
}
}
fclose($acl_handle);
// Handle Nginx site
$site_handle = @fopen('/etc/nginx/conf.d/ZZZ-ejabberd.conf', 'r+');
if ($site_handle !== false) {
ftruncate($site_handle, 0);
fclose($site_handle);
}
$site_handle = fopen('/etc/nginx/conf.d/ZZZ-ejabberd.conf', 'w');
if (!$site_handle) {
throw new Exception($lang['danger']['file_open_error']);
}
fwrite($site_handle, '# Autogenerated by mailcow' . PHP_EOL);
foreach ($xmpp_domains as $domain => $domain_values) {
$site_config = <<<EOF
server {
root /web;
include /etc/nginx/conf.d/listen_ssl.active;
include /etc/nginx/conf.d/listen_plain.active;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_certificate /etc/ssl/mail/cert.pem;
ssl_certificate_key /etc/ssl/mail/key.pem;
server_name %s conference.%s proxy.%s pubsub.%s upload.%s;
if (\$request_uri ~* "%%0A|%%0D") {
return 403;
}
set_real_ip_from 10.0.0.0/8;
set_real_ip_from 172.16.0.0/12;
set_real_ip_from 192.168.0.0/16;
set_real_ip_from fc00::/7;
real_ip_header X-Forwarded-For;
real_ip_recursive on;
location / {
proxy_pass http://ejabberd:5281/;
proxy_set_header Host \$http_host;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP \$remote_addr;
proxy_redirect off;
}
}
EOF;
fwrite($site_handle, sprintf($site_config,
$xmpp_domains[$domain]['xmpp_host'],
$xmpp_domains[$domain]['xmpp_host'],
$xmpp_domains[$domain]['xmpp_host'],
$xmpp_domains[$domain]['xmpp_host'],
$xmpp_domains[$domain]['xmpp_host']
));
}
fclose($site_handle);
}
else {
// Write empty hosts file
$hosts_handle = fopen('/ejabberd/ejabberd_hosts.yml', 'w');
if (!$hosts_handle) {
throw new Exception($lang['danger']['file_open_error']);
}
fwrite($hosts_handle, '# Autogenerated by mailcow' . PHP_EOL);
fclose($hosts_handle);
// Write empty ACL file
$acl_handle = fopen('/ejabberd/ejabberd_acl.yml', 'w');
if (!$acl_handle) {
throw new Exception($lang['danger']['file_open_error']);
}
fwrite($acl_handle, '# Autogenerated by mailcow' . PHP_EOL);
fclose($acl_handle);
// Write empty Nginx site
$acl_handle = fopen('/etc/nginx/conf.d/ZZZ-ejabberd.conf', 'w');
if (!$acl_handle) {
throw new Exception($lang['danger']['file_open_error']);
}
fwrite($acl_handle, '# Autogenerated by mailcow' . PHP_EOL);
fclose($acl_handle);
}
if (md5_file('/ejabberd/ejabberd_acl.yml') != $ejabberd_acl_md5) {
xmpp_control('restart');
$_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'xmpp_maps_updated'
);
}
elseif (md5_file('/ejabberd/ejabberd_hosts.yml') != $ejabberd_hosts_md5) {
xmpp_control('reload');
$_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'xmpp_maps_updated'
);
}
if (md5_file('/etc/nginx/conf.d/ZZZ-ejabberd.conf') != $ejabberd_site_md5) {
$response = json_decode(docker('post', 'nginx-mailcow', 'exec', array("cmd" => "reload", "task" => "nginx"), 'Content-type: application/json'), true);
if (isset($response['type']) && $response['type'] == "success") {
$_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'nginx_reloaded'
);
}
else {
if (!empty($response['msg'])) {
$error = $response['msg'];
}
else {
$error = '-';
}
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('nginx_reload_failed', htmlspecialchars($error))
);
}
}
}
catch (Exception $e) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('xmpp_map_write_error', htmlspecialchars($e->getMessage()))
);
}
}

30
data/web/inc/init_db.inc.php
View File

@ -3,7 +3,7 @@ function init_db_schema() {
try { try {
global $pdo; global $pdo;
$db_version = "07062021_2320"; $db_version = "30062021_0910";
$stmt = $pdo->query("SHOW TABLES LIKE 'versions'"); $stmt = $pdo->query("SHOW TABLES LIKE 'versions'");
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC)); $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
@ -240,8 +240,6 @@ function init_db_schema() {
"gal" => "TINYINT(1) NOT NULL DEFAULT '1'", "gal" => "TINYINT(1) NOT NULL DEFAULT '1'",
"relay_all_recipients" => "TINYINT(1) NOT NULL DEFAULT '0'", "relay_all_recipients" => "TINYINT(1) NOT NULL DEFAULT '0'",
"relay_unknown_only" => "TINYINT(1) NOT NULL DEFAULT '0'", "relay_unknown_only" => "TINYINT(1) NOT NULL DEFAULT '0'",
"xmpp" => "TINYINT(1) NOT NULL DEFAULT '0'",
"xmpp_prefix" => "VARCHAR(255) DEFAULT 'im'",
"created" => "DATETIME(0) NOT NULL DEFAULT NOW(0)", "created" => "DATETIME(0) NOT NULL DEFAULT NOW(0)",
"modified" => "DATETIME ON UPDATE CURRENT_TIMESTAMP", "modified" => "DATETIME ON UPDATE CURRENT_TIMESTAMP",
"active" => "TINYINT(1) NOT NULL DEFAULT '1'" "active" => "TINYINT(1) NOT NULL DEFAULT '1'"
@ -513,7 +511,6 @@ function init_db_schema() {
"sasl_logs" => array( "sasl_logs" => array(
"cols" => array( "cols" => array(
"id" => "INT NOT NULL AUTO_INCREMENT", "id" => "INT NOT NULL AUTO_INCREMENT",
"success" => "TINYINT(1) NOT NULL DEFAULT '0'",
"service" => "VARCHAR(32) NOT NULL DEFAULT ''", "service" => "VARCHAR(32) NOT NULL DEFAULT ''",
"app_password" => "INT", "app_password" => "INT",
"username" => "VARCHAR(255) NOT NULL", "username" => "VARCHAR(255) NOT NULL",
@ -527,7 +524,6 @@ function init_db_schema() {
"key" => array( "key" => array(
"username" => array("username"), "username" => array("username"),
"service" => array("service"), "service" => array("service"),
"success" => array("success"),
"datetime" => array("datetime"), "datetime" => array("datetime"),
"real_rip" => array("real_rip") "real_rip" => array("real_rip")
) )
@ -598,10 +594,6 @@ function init_db_schema() {
"alias_domains" => "TINYINT(1) NOT NULL DEFAULT '0'", "alias_domains" => "TINYINT(1) NOT NULL DEFAULT '0'",
"mailbox_relayhost" => "TINYINT(1) NOT NULL DEFAULT '1'", "mailbox_relayhost" => "TINYINT(1) NOT NULL DEFAULT '1'",
"domain_relayhost" => "TINYINT(1) NOT NULL DEFAULT '1'", "domain_relayhost" => "TINYINT(1) NOT NULL DEFAULT '1'",
"xmpp_prefix" => "TINYINT(1) NOT NULL DEFAULT '0'",
"xmpp_domain_access" => "TINYINT(1) NOT NULL DEFAULT '0'",
"xmpp_mailbox_access" => "TINYINT(1) NOT NULL DEFAULT '0'",
"xmpp_admin" => "TINYINT(1) NOT NULL DEFAULT '0'",
"domain_desc" => "TINYINT(1) NOT NULL DEFAULT '0'" "domain_desc" => "TINYINT(1) NOT NULL DEFAULT '0'"
), ),
"keys" => array( "keys" => array(
@ -1007,6 +999,7 @@ function init_db_schema() {
} }
} }
} }
// Migrate tls_enforce_* options // Migrate tls_enforce_* options
if ($table == 'mailbox') { if ($table == 'mailbox') {
$stmt = $pdo->query("SHOW TABLES LIKE 'mailbox'"); $stmt = $pdo->query("SHOW TABLES LIKE 'mailbox'");
@ -1023,6 +1016,20 @@ function init_db_schema() {
} }
} }
} }
// Remove deprecated success = 0 entries before migrating sasl_logs
if ($table == 'sasl_logs') {
$stmt = $pdo->query("SHOW TABLES LIKE 'sasl_logs'");
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
if ($num_results != 0) {
$stmt = $pdo->query("SHOW COLUMNS FROM `sasl_logs` LIKE '%success%'");
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
if ($num_results != 0) {
$stmt = $pdo->query("DELETE FROM `sasl_logs` WHERE `success` = 0");
}
}
}
$stmt = $pdo->query("SHOW TABLES LIKE '" . $table . "'"); $stmt = $pdo->query("SHOW TABLES LIKE '" . $table . "'");
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC)); $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
if ($num_results != 0) { if ($num_results != 0) {
@ -1216,8 +1223,6 @@ function init_db_schema() {
$pdo->query("UPDATE `mailbox` SET `attributes` = '{}' WHERE `attributes` = '' OR `attributes` IS NULL;"); $pdo->query("UPDATE `mailbox` SET `attributes` = '{}' WHERE `attributes` = '' OR `attributes` IS NULL;");
$pdo->query("UPDATE `mailbox` SET `attributes` = JSON_SET(`attributes`, '$.passwd_update', \"0\") WHERE JSON_VALUE(`attributes`, '$.passwd_update') IS NULL;"); $pdo->query("UPDATE `mailbox` SET `attributes` = JSON_SET(`attributes`, '$.passwd_update', \"0\") WHERE JSON_VALUE(`attributes`, '$.passwd_update') IS NULL;");
$pdo->query("UPDATE `mailbox` SET `attributes` = JSON_SET(`attributes`, '$.relayhost', \"0\") WHERE JSON_VALUE(`attributes`, '$.relayhost') IS NULL;"); $pdo->query("UPDATE `mailbox` SET `attributes` = JSON_SET(`attributes`, '$.relayhost', \"0\") WHERE JSON_VALUE(`attributes`, '$.relayhost') IS NULL;");
$pdo->query("UPDATE `mailbox` SET `attributes` = JSON_SET(`attributes`, '$.xmpp_access', \"1\") WHERE JSON_VALUE(`attributes`, '$.xmpp_access') IS NULL;");
$pdo->query("UPDATE `mailbox` SET `attributes` = JSON_SET(`attributes`, '$.xmpp_admin', \"0\") WHERE JSON_VALUE(`attributes`, '$.xmpp_admin') IS NULL;");
$pdo->query("UPDATE `mailbox` SET `attributes` = JSON_SET(`attributes`, '$.force_pw_update', \"0\") WHERE JSON_VALUE(`attributes`, '$.force_pw_update') IS NULL;"); $pdo->query("UPDATE `mailbox` SET `attributes` = JSON_SET(`attributes`, '$.force_pw_update', \"0\") WHERE JSON_VALUE(`attributes`, '$.force_pw_update') IS NULL;");
$pdo->query("UPDATE `mailbox` SET `attributes` = JSON_SET(`attributes`, '$.sogo_access', \"1\") WHERE JSON_VALUE(`attributes`, '$.sogo_access') IS NULL;"); $pdo->query("UPDATE `mailbox` SET `attributes` = JSON_SET(`attributes`, '$.sogo_access', \"1\") WHERE JSON_VALUE(`attributes`, '$.sogo_access') IS NULL;");
$pdo->query("UPDATE `mailbox` SET `attributes` = JSON_SET(`attributes`, '$.imap_access', \"1\") WHERE JSON_VALUE(`attributes`, '$.imap_access') IS NULL;"); $pdo->query("UPDATE `mailbox` SET `attributes` = JSON_SET(`attributes`, '$.imap_access', \"1\") WHERE JSON_VALUE(`attributes`, '$.imap_access') IS NULL;");
@ -1266,7 +1271,6 @@ function init_db_schema() {
if (php_sapi_name() == "cli") { if (php_sapi_name() == "cli") {
include '/web/inc/vars.inc.php'; include '/web/inc/vars.inc.php';
include '/web/inc/functions.docker.inc.php'; include '/web/inc/functions.docker.inc.php';
include '/web/inc/functions.xmpp.inc.php';
// $now = new DateTime(); // $now = new DateTime();
// $mins = $now->getOffset() / 60; // $mins = $now->getOffset() / 60;
// $sgn = ($mins < 0 ? -1 : 1); // $sgn = ($mins < 0 ? -1 : 1);
@ -1305,7 +1309,5 @@ if (php_sapi_name() == "cli") {
catch ( Exception $e ) { catch ( Exception $e ) {
// Dunno // Dunno
} }
xmpp_rebuild_configs();
echo "Rebuilt XMPP configuration". PHP_EOL;
init_db_schema(); init_db_schema();
} }

1
data/web/inc/prerequisites.inc.php
View File

@ -240,7 +240,6 @@ require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/functions.ratelimit.inc.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/functions.rspamd.inc.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/functions.rspamd.inc.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/functions.tls_policy_maps.inc.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/functions.tls_policy_maps.inc.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/functions.transports.inc.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/functions.transports.inc.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/functions.xmpp.inc.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/init_db.inc.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/init_db.inc.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/triggers.inc.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/triggers.inc.php';
init_db_schema(); init_db_schema();

11
data/web/inc/presets/rspamd/preset_4.yml 100644
View File

@ -0,0 +1,11 @@
headline: lang.rsettings_preset_4
content: |
priority = 10;
rcpt = "/.*@develcow.de$/";
from = "/.*/";
apply "default" {
MAILCOW_WHITE = -9999.0;
}
symbols [
"MAILCOW_WHITE"
]

6
data/web/inc/vars.inc.php
View File

@ -175,12 +175,6 @@ $MAILBOX_DEFAULT_ATTRIBUTES['pop3_access'] = true;
// Mailbox has SMTP access by default // Mailbox has SMTP access by default
$MAILBOX_DEFAULT_ATTRIBUTES['smtp_access'] = true; $MAILBOX_DEFAULT_ATTRIBUTES['smtp_access'] = true;
// Mailbox has XMPP access by default (if domain has XMPP enabled)
$MAILBOX_DEFAULT_ATTRIBUTES['xmpp_access'] = true;
// Mailbox is XMPP admin by default (bad)
$MAILBOX_DEFAULT_ATTRIBUTES['xmpp_admin'] = false;
// Mailbox receives notifications about... // Mailbox receives notifications about...
// "add_header" - mail that was put into the Junk folder // "add_header" - mail that was put into the Junk folder
// "reject" - mail that was rejected // "reject" - mail that was rejected

11
data/web/index.php
View File

@ -60,12 +60,13 @@ $_SESSION['index_query_string'] = $_SERVER['QUERY_STRING'];
</div> </div>
<div class="form-group"> <div class="form-group">
<div class="btn-group"> <div class="btn-group">
<button type="submit" class="btn btn-success" value="Login"><?= $lang['login']['login']; ?></button>
<div class="btn-group"> <div class="btn-group">
<button type="button" class="btn btn-default dropdown-toggle" data-toggle="dropdown"> <button type="submit" class="btn btn-success" value="Login"><?= $lang['login']['login']; ?></button>
<?= $lang['login']['other_logins']; ?> <span class="caret"></span></button> <button type="button" class="btn btn-success dropdown-toggle" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
<ul class="dropdown-menu" role="menu"> <span class="caret"></span>
<li><a href="#" id="fido2-login"><?= $lang['login']['fido2_webauthn']; ?></a></li> </button>
<ul class="dropdown-menu">
<li><a href="#" id="fido2-login" style="line-height:1.4;"><i class="bi bi-shield-fill-check"></i> <?= $lang['login']['fido2_webauthn']; ?></a></li>
</ul> </ul>
</div> </div>
</div> </div>

7
data/web/js/site/debug.js
View File

@ -304,7 +304,6 @@ jQuery(function($){
function draw_sasl_logs() { function draw_sasl_logs() {
ft_api_logs = FooTable.init('#sasl_logs', { ft_api_logs = FooTable.init('#sasl_logs', {
"columns": [ "columns": [
{"name":"success","title":lang.success,"filterable": false,"style":{"width":"30px"}},
{"name":"username","title":lang.username}, {"name":"username","title":lang.username},
{"name":"service","title":lang.service}, {"name":"service","title":lang.service},
{"name":"real_rip","title":"IP"}, {"name":"real_rip","title":"IP"},
@ -710,12 +709,6 @@ jQuery(function($){
if (item.service == "smtp") { item.service = '<div class="label label-default">' + item.service.toUpperCase() + '<i class="bi bi-chevron-compact-right"></i></div>'; } if (item.service == "smtp") { item.service = '<div class="label label-default">' + item.service.toUpperCase() + '<i class="bi bi-chevron-compact-right"></i></div>'; }
else if (item.service == "imap") { item.service = '<div class="label label-default"><i class="bi bi-chevron-compact-left"></i> ' + item.service.toUpperCase() + '</div>'; } else if (item.service == "imap") { item.service = '<div class="label label-default"><i class="bi bi-chevron-compact-left"></i> ' + item.service.toUpperCase() + '</div>'; }
else { item.service = '<div class="label label-default">' + item.service.toUpperCase() + '</div>'; } else { item.service = '<div class="label label-default">' + item.service.toUpperCase() + '</div>'; }
if (item.success == 0) {
item.success = '<span class="label label-danger"><i class="bi bi-person-x-fill"></i></span>';
}
else {
item.success = '<span class="label label-success"><i class="bi bi-person-check-fill"></i></span>';
}
}); });
} else if (table == 'general_syslog') { } else if (table == 'general_syslog') {
$.each(data, function (i, item) { $.each(data, function (i, item) {

5
data/web/js/site/edit.js
View File

@ -28,11 +28,6 @@ $(document).ready(function() {
$('#mailbox-passwd-hidden-info').addClass('hidden'); $('#mailbox-passwd-hidden-info').addClass('hidden');
$('#mailbox-passwd-form-groups').removeClass('hidden'); $('#mailbox-passwd-form-groups').removeClass('hidden');
}); });
// Preview XMPP JID
$('.xmpp-prefix-preview').text($("#xmpp-prefix").val());
$("#xmpp-prefix").bind("change keypress keyup blur", function() {
$('.xmpp-prefix-preview').text($(this).val());
});
// Sender ACL // Sender ACL
if ($("#editSelectSenderACL option[value='\*']:selected").length > 0){ if ($("#editSelectSenderACL option[value='\*']:selected").length > 0){
$("#sender_acl_disabled").show(); $("#sender_acl_disabled").show();

8
data/web/js/site/mailbox.js
View File

@ -24,7 +24,12 @@ $(document).ready(function() {
.appendTo($form_grp); .appendTo($form_grp);
$.each(domains, function(i, domain){ $.each(domains, function(i, domain){
domainname = $($.parseHTML(domain)).data('domainname')
if (domainname !== undefined) {
self.$domain.append($('<option/>').text(domainname));
} else {
self.$domain.append($('<option/>').text(domain)); self.$domain.append($('<option/>').text(domain));
}
}); });
}, },
_onDomainDropdownChanged: function(e){ _onDomainDropdownChanged: function(e){
@ -256,7 +261,6 @@ jQuery(function($){
{"name":"rl","title":"RL","breakpoints":"xs sm md lg","style":{"maxWidth":"100px","width":"100px"}}, {"name":"rl","title":"RL","breakpoints":"xs sm md lg","style":{"maxWidth":"100px","width":"100px"}},
{"name":"backupmx","filterable": false,"style":{"maxWidth":"120px","width":"120px"},"title":lang.backup_mx,"breakpoints":"xs sm md lg","formatter": function(value){return 1==value?'<i class="bi bi-check-lg"></i>':0==value&&'<i class="bi bi-x-lg"></i>';}}, {"name":"backupmx","filterable": false,"style":{"maxWidth":"120px","width":"120px"},"title":lang.backup_mx,"breakpoints":"xs sm md lg","formatter": function(value){return 1==value?'<i class="bi bi-check-lg"></i>':0==value&&'<i class="bi bi-x-lg"></i>';}},
{"name":"domain_admins","title":lang.domain_admins,"style":{"word-break":"break-all","min-width":"200px"},"breakpoints":"xs sm md lg","filterable":(role == "admin"),"visible":(role == "admin")}, {"name":"domain_admins","title":lang.domain_admins,"style":{"word-break":"break-all","min-width":"200px"},"breakpoints":"xs sm md lg","filterable":(role == "admin"),"visible":(role == "admin")},
{"name":"xmpp","filterable": false,"style":{"maxWidth":"80px","width":"80px"},"title":"XMPP","formatter": function(value){return 1==value?'<i class="bi bi-check-lg"></i>':0==value&&'<i class="bi bi-x-lg"></i>';}},
{"name":"active","filterable": false,"style":{"maxWidth":"80px","width":"80px"},"title":lang.active,"formatter": function(value){return 1==value?'<i class="bi bi-check-lg"></i>':0==value&&'<i class="bi bi-x-lg"></i>';}}, {"name":"active","filterable": false,"style":{"maxWidth":"80px","width":"80px"},"title":lang.active,"formatter": function(value){return 1==value?'<i class="bi bi-check-lg"></i>':0==value&&'<i class="bi bi-x-lg"></i>';}},
{"name":"action","filterable": false,"sortable": false,"style":{"text-align":"right","maxWidth":"240px","width":"240px"},"type":"html","title":lang.action,"breakpoints":"xs sm md"} {"name":"action","filterable": false,"sortable": false,"style":{"text-align":"right","maxWidth":"240px","width":"240px"},"type":"html","title":lang.action,"breakpoints":"xs sm md"}
], ],
@ -829,7 +833,7 @@ jQuery(function($){
item.goto = '<span class="label label-success">Learn as ham</span>'; item.goto = '<span class="label label-success">Learn as ham</span>';
} }
if (item.in_primary_domain !== "") { if (item.in_primary_domain !== "") {
item.domain = '<i class="bi bi-info-circle-fill alias-domain-info text-info" data-toggle="tooltip" title="' + lang.target_domain + ': ' + item.in_primary_domain + '"></i> ' + item.domain; item.domain = '<i data-domainname="' + item.domain + '" class="bi bi-info-circle-fill alias-domain-info text-info" data-toggle="tooltip" title="' + lang.target_domain + ': ' + item.in_primary_domain + '"></i> ' + item.domain;
} }
}); });
} }

1
data/web/lang/lang.de.json
View File

@ -304,6 +304,7 @@
"rsettings_preset_1": "Alles außer DKIM und Ratelimits für authentifizierte Benutzer deaktivieren", "rsettings_preset_1": "Alles außer DKIM und Ratelimits für authentifizierte Benutzer deaktivieren",
"rsettings_preset_2": "Spam an Postmaster-Adressen nicht blockieren", "rsettings_preset_2": "Spam an Postmaster-Adressen nicht blockieren",
"rsettings_preset_3": "Nur einem oder vielen Absendern erlauben, eine Mailbox anzuschreiben (etwa interne Mailboxen)", "rsettings_preset_3": "Nur einem oder vielen Absendern erlauben, eine Mailbox anzuschreiben (etwa interne Mailboxen)",
"rsettings_preset_4": "Rspamd für eine Domain deaktivieren",
"rspamd-com_settings": "Ein Name wird automatisch generiert. Beispielinhalte zur Einsicht stehen nachstehend bereit. Siehe auch <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd docs</a>", "rspamd-com_settings": "Ein Name wird automatisch generiert. Beispielinhalte zur Einsicht stehen nachstehend bereit. Siehe auch <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd docs</a>",
"rspamd_global_filters": "Globale Filter-Maps", "rspamd_global_filters": "Globale Filter-Maps",
"rspamd_global_filters_agree": "Ich werde vorsichtig sein!", "rspamd_global_filters_agree": "Ich werde vorsichtig sein!",

1
data/web/lang/lang.en.json
View File

@ -302,6 +302,7 @@
"rsettings_preset_1": "Disable all but DKIM and rate limit for authenticated users", "rsettings_preset_1": "Disable all but DKIM and rate limit for authenticated users",
"rsettings_preset_2": "Postmasters want spam", "rsettings_preset_2": "Postmasters want spam",
"rsettings_preset_3": "Only allow specific senders for a mailbox (i.e. usage as internal mailbox only)", "rsettings_preset_3": "Only allow specific senders for a mailbox (i.e. usage as internal mailbox only)",
"rsettings_preset_4": "Disable Rspamd for a domain",
"rspamd-com_settings": "A setting name will be auto-generated, please see the example presets below. For more details see <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd docs</a>", "rspamd-com_settings": "A setting name will be auto-generated, please see the example presets below. For more details see <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd docs</a>",
"rspamd_global_filters": "Global filter maps", "rspamd_global_filters": "Global filter maps",
"rspamd_global_filters_agree": "I will be careful!", "rspamd_global_filters_agree": "I will be careful!",

15
data/web/user.php
View File

@ -306,21 +306,6 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
<div class="panel panel-default"> <div class="panel panel-default">
<div class="panel-heading"><?=$lang['user']['mailbox_details'];?></div> <div class="panel-heading"><?=$lang['user']['mailbox_details'];?></div>
<div class="panel-body"> <div class="panel-body">
<?php if ($mailboxdata['attributes']['xmpp_access'] == 1 && $mailboxdata['domain_xmpp'] == 1) { ?>
<div class="row">
<div class="col-md-3 col-xs-5 text-right">
<img class="img-responsive pull-right xmpp-logo-user" alt="XMPP Logo" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAIAAAACACAMAAAD04JH5AAAAGXRFWHRTb2Z0d2FyZQB3d3cuaW5rc2NhcGUub3Jnm+48GgAAAAlwSFlzAAAJcwAACXMB+Yg9ogAAAqNQTFRFR3BMEERaAAAAAAAAAAAAAAAAAAAAAAAAdIFfAAAABBEVAAAAAAAAAAAAAAAAFYSszZA8BxUkAAAAAAAAAAAAmsplAAAAn81nFYi7AAAAAAAAF3utAAAA52wfEpbK4mcg5WYgncxnD3OmAAAAnsxnAAAAAAAA5mwg520gEZbJAAAA0FYjoM5m6W0fEpfLAAAAR5VD3WkjEWGRE26fnctn6W0fE6ban85noc9o5mwhAAAAAAAAFHeq6m0fAAAAoM5nAAAAATtsATlqoc5mAjlrAjhqATdqATxt6W0eEp/SE6LXEmOUDmibE5DDzVokEmaXUZlIATVm6W0f52wgE5/T42simL5fulouAAAADnuvslw4FIm8m8loS45P6W0eAAAAAjxtE6/kD5zRADJiATJjD5zR52sgwFYprlMxDnCiK2SIEmCSD4C0nMpnTZZGnVxBEnaom8hnoc1nBFCDEq/kP4tQBk2AErLnFqrcATBhwlQoEHutkL9oSIddTZJHQZc7F3CiSpBHE7TpFLPouVMo4mUfgbVdQYxDoG05AAAAoM5n6W0fQ5Y52VQeCnirDYi8ATdpDpHGBUx+BEl7Az9xBEV3A0J0BVKFBU+BBlaIEqreR5k8BlyOBlmLEq3iEaDUEpzREqPXAjxtEZbKB1+SEqbbE7TpCGKVEZnNErDlCGaYCWmcC3OmCW+iTJtBDH+zCWyf5WcfC3yw6GsfDIO24WAe3lseDYzA21YeATFiVqJC1lYhm8tlFY3AGZPEd7VTicFcYqlIf7pWG3GdS5tNxV0vlshiOodqSJlYIYamJKLDa69NkMVfj2RQ0og0FoS1o8pkMZ+Qj3dnQaBtPXeTSG+CMaedmnBaZoKIY2RpHXeJKpCEzFsqn15DP4qmtqBLcmZPJnTRbgAAAIh0Uk5TAAbkZszdL0MDiAyNtvxsDwoUJjobFqj0/YFZ/vd0iDEUmUdOi/DWgvIle/2onK/s/tggL777edowW5Wb42R1XucvQkfDpGRUQFE60HNi7Kngi8/oncBXnIef/vHpgODF8Pnjd9XJH9tW9vuOymrtwI91N73t/m6v/ui6vNajOyvNsNXReP3jaggoHboAAAkwSURBVHja7Vr5XxVlFx/26QreyxIgIDsKgliAGEpaCiKbKO675b6m72tme71vy+cKRLYX2aItVkQRkQKK0tVUjKi0N+215U9pnmXm2WbunXuZe6vP535/uszMOec753yfc54ZRpKCCCKIIP4uCPmr483fvCk2cNFrqhbzx2r6+vqq5wYk/N2LH+zr28QfndsH8ODiEj9Ht83fDCPNF2g9j1FV40c5zK1Ww9QIzJ7XsLH6br9Ej920mQQRQ2w8RqFqvs3i6PLc6mPHXiIRRMVXvcTg/r3rLCzF9m2rWfcbxWuqX2FwW2trx6LlshXRM7YNtLUVMt5frhIvO/gyA4VAa+u5b8rm3Dqm4I4FKxb2tAGw7hfrCPRFBojAYQVl++/wMXpmxdT8lpYWRIB1f1C82v4CA0JAwYzced4WQ86Y3NyCgAiw7nXWmfzv12h0AAJfH9aQVORFMRwVU5e0aEAEGO+v6t3Prldp3MYRUJBlmsDEFhrdkADjvUm3S71OAxI4yxDINU3gTpHAAOP9oO6IevMohfMWEyiknR/VnzhNb1K4HxC4YkkJegGBC5Tvo/X6ZjXvUbgICPQzBIrGQmA17bxB38z+IQVIoMNHApMZAl8BAr/SzksN7Jo+JvgFEGg9TRMoM01gKkPgFCBwg/Jdb2SX/QnBx610J0LtyDcCsA2c2kn5bjDsXpWfE3QJyyDJNIFmsQ18QjzvsBsaNnxKcAkQGGJEYLoV5gsavEkcf77K2NC+o1ODjgr/ZXYI6WiQOO4sdWO67zkNSIXf0gTmmN0AMARgBW5ofjsfdmdaQAh80SGIwGwrrBAl4CKOs93arvpCgyiCMl8WAeqDxO1u97YFn2n4PxQB3QmSZB8WAewCI8RttgfjVV+q+KxVmMjmtkaO6UIFrmled3uyLkluR/iy/bxQgz2mCCwQKlDYriHbo3k6vvJku1iDIu8nAajAqREtfrFnc/uakxjt/LbMpAiahQpcVl2eLDBh33gE4+RVYSTPM2G/VVwDqscj6ab2s1vUyy8LvSjLy80A2o9eVx3eazdVw4LjCCeOn+e3RWYG4jI+AQOD2OHxWpONJP0Exg+CDD2Pg8zpfBP4WXVXbHaYhWx5B+GEMJOzvKoAkuAg9mayAAB1b2PAFHTR68DhzRqAg/Bn1VmtZB7l7yK83cWvxDmensiEBAxjX0u9erLb8j6CkIIyLwYRSgD25EUB4Eo48AaCoAL38yAzn38iGkZ+DtV5+XRb+xbC/2AKTpttx5P5BPyI/ZR7/XCf/hGC8IzmbmfoWMIn4BDy8oAPrxce+ABiGPaCb8zti+7ke8B15OS/dh8I2P+DjK9yUznJOAXyerYJDlxALg4USL6g4ADM3qEu7hEl10wC0BQYhh7uqfMpviTX3UN02G8iBY71rAJPIQV+1OjzO65atIQucTos8tyFoQJvHoLm5ZLvKIc9ZBjsTDq+9dQLqB7QAzdCv0HrpdJYgHoyX4QyT00QtQDUgcf2slMuh3PkKrcxWK73PKTN4R5YgAvvAMvisb5sldPhKD3ProS1og7lZrYAA8PArtiCl71ge3IcyoDqyFluFNgDCjBwHW5BLHnhna5spgZ/4NoRvz3dms/uw34EWzBr4itVGBwcPMLJYAa7M5GXsS1wtWIyWGzZC//GMwousXuTIoMpiAQIDJbKVsWX5do1Z84kAyF2nNPdGy2YzgrwsnJ5umQl6tYkJ4+CodClzcUk0o4yl7AC/C05ObnR0viSXFA5OnqZZUBksIzpQAPXRkfXZEtWo2Q3ZtCvLcYimReAGr+y1A//dQtZlZrKMcjlhjCM/1Nq6sN2yS9oFBjsYQQIJ4ASf58s+QmllakulsE8KSOfu//KbMl/sDd1usBq7FeVmLR8Pa3/wmudT/j5v88NO1ygI3Wpu4Pvv6Pi33S59vn9Q4TSJ1wX6Y6EGMD+s9rl1/Rrq2GX66IyGztwV/4eMOgG8UdcTXYpICit/wVIcei0mgM4f27UZ0sBgiw37ARC6FeF8J0yfnbusksBREkTXYbTv4/Ul0qBheO+n8B6HMLr8ZFbAxw/o7mlZ+SiooQO/Lywdl4gw8sTYfvtHoFKwAsyyxGw+FvR+O3pbSv8g6rDjDsCVP3J+Ti8svbuK3kUrMgriEJWIJRQsYQKHyvJUgikMASXZNJ+2c/hF9wOiw8Hzwot2Lq9QAtfg8a0drk/tVcBwnf3gr67bTtz6rFFoC0MAQ5r9/tJjZlK7bt7vwLRF64QY8jrIIf+s+cOJ/lBC46KZU/3wh2PEj3T4CIb5KAU48q5R/ZYymHi7U/DO29b+NB29yqTH3tyL3ybMHT2mVzrBFmoSG7hQ09lmPT4+LNPLgIfQlmXhIxMX7Zvjwf6K02hHFIQQQTxj0J8FESc7qG4KIwE2iRSPWojF2uIVC+N5U7ER+p/wR2V5gRIi9eOTIEHnBGKp3FOjGjKIiFNPRqp/BXq5DFtFuQQJZxwThqv1yNTYpCZmoMUJ/lbI+CMIgaznO4JKLaR+gSUG9FjEEbumGQkD/igCIRrl8fFeCTgnCQbEHBO0avCBBwDlDQyD1UE3TEh4MxRr452eiYAEqZPIFRXB+O0/CQgfzEpEk9gEk5evFOHwLQwjNmJMeqNIgLR6pkpG5BNgu74SkQnE2MnoR/jGWbonsPQoQ3UIY1ABPG1Ep6ZqRKYQJ7uI+CBeP09Fc7rXVyhEIE4KItQ+NV5Doo/3pAAumCWSEBK5NXMMAinMjuTq41tpUZLhimKiTQmkGJIINodAUlNPiiEzBOwwczkxaorZqZkSADncqVIIDJNs9F9/0LEPZtXpw3HHSeFwHB5CTyBmAgVuEmFqQTy1BOhePXaPMYnEiQEUObT4martRjvYRnGGS3DcIP4eBlMc9KCJwSwtBKnqWr0QCDaqBM6UyRTyzCMJ0C3H+DDPYHwWCMCK93GN2pENqYBh8sigbRwCtFhIWQY3UWd2DBLvwlIM8VWjBkQAmQEQSfGy5CMWX4ZGgLHj0DjOj6NYkARiM3DZZKsJoDjh6pNOgclOyaHJYC3CTFxVhO4xUmNX3o8p+WwBGyhqBdYTCDuFgRKHnIKOjTBJuXAH3gORoHfeFsVD0+ApE0BP2Ybeo4KbnqDCCIII/wJlFbTu+je//0AAAAASUVORK5CYII=">
</div>
<div class="col-md-9 col-xs-7">
<p><?=$mailboxdata['local_part'];?>@<b><?=$mailboxdata['domain_xmpp_prefix'];?>.<?=$mailboxdata['domain'];?></b>
<?php if ($mailboxdata['attributes']['xmpp_admin'] == 1) { ?>
<div class="label label-warning">Administrator</div>
<?php } ?>
</p>
</div>
</div>
<?php } ?>
<hr>
<?php // Get user information about aliases <?php // Get user information about aliases
$user_get_alias_details = user_get_alias_details($username); $user_get_alias_details = user_get_alias_details($username);
$user_domains[] = mailbox('get', 'mailbox_details', $username)['domain']; $user_domains[] = mailbox('get', 'mailbox_details', $username)['domain'];