From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id 843B91FF16B for ; Thu, 20 Feb 2025 21:14:01 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 4D0DE1A7CC; Thu, 20 Feb 2025 21:14:01 +0100 (CET) From: Stoiko Ivanov To: pmg-devel@lists.proxmox.com Date: Thu, 20 Feb 2025 21:13:01 +0100 Message-Id: <20250220201309.181365-1-s.ivanov@proxmox.com> X-Mailer: git-send-email 2.39.5 MIME-Version: 1.0 X-SPAM-LEVEL: Spam detection results: 0 AWL -1.235 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy ENA_SUBJ_ODD_CASE 2.6 Subject has odd case KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pmg-devel] [PATCH pmg-api/pmg-gui v4] add additional attributes to ContentTypeFilter and MatchField X-BeenThere: pmg-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Mail Gateway development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pmg-devel-bounces@lists.proxmox.com Sender: "pmg-devel" v3->v4: * rework patch 3/5 for pmg-api according to feedback from Dominik and Friedrich after understanding that file-paths (and in result content-types are not set for mail-parts that are multipart (mime-entities either have parts or a body in general) cover-letter for v3: This series replaces two previous patch-series. v2->v3: for the content-type matching based on magic infromation only two patches were added that remove the fallback on the content-type header in case no filetype could be found through magic. The one place were I decided to fall back on header information was when determining if a mime-part is an archive. places where the content-type information was used are based on grepping for PMX_ in the pmg-api sources. Tested with Friedrich's swaks reproducer - the random blob was not detected as pdf anymore. no changes to the series for matching headers only on the top-part (resending so that the comment that it's based on v2 of the content-type series does not cause confusion) original cover-letters: for https://lore.proxmox.com/pmg-devel/20250218135416.54504-1-s.ivanov@proxmox.com/T/#t v1->v2: Based on Domink's feedback reworked the series - it now offers only one optional new attribute for the content-type filter ('only-content') to indicate that it should only compare the content-type obtained via magic/file-conents. The other 2 match options can already be expressed with the Filenamefilter ('application/pdf' -> '.*\.pdf') and the Match Field filter (to match the 'Content-type' header) original cover-letter for v1[0]: The following patch series was started shortly after the release of PMG 8.1, but I did not find the time to get it in shape for sending. They follow the patches for adding 'top' and 'add_separator' to the Disclaimer action. The current content-type filter can sometimes surprise users (e.g. https://bugzilla.proxmox.com/show_bug.cgi?id=5618#c2 and https://bugzilla.proxmox.com/show_bug.cgi?id=2691#c0 ,but also a few cases in our technical support-channels come up here and there): It matches if any of: * content-type header * file-magic * filename (extension) match the content type, the what-object matches. by adding an attribute for each of the sources users can restrict which of the sources should be taken into consideration the first patches for both repositories are independent (I just ran into them while looking into this). minimally tested locally, by sending a plain-text file called testtext.pdf, and a pdf-file renamed to have a `.docx` suffix. [0] https://lore.proxmox.com/pmg-devel/20250212151241.91077-1-s.ivanov@proxmox.com/ for https://lore.proxmox.com/pmg-devel/20250218194829.80095-1-s.ivanov@proxmox.com/T/#t based on top of: https://lore.proxmox.com/pmg-devel/20250218135416.54504-1-s.ivanov@proxmox.com/T/#t as I think testing both should go well together, and to avoid a trivial merge-conflict (can of course resend on top of current master) in the pmg-api patch Tested minimally in my setup - more testing would be appreciated pmg-api: Stoiko Ivanov (5): ruledb: disclaimer: simplify update-case utils: content-type: don't fallback to header information for magic pmg-smtp-filter: archive-detection: use header information as well ruledb: content-type: add flag for matching only based on magic/content fix #2709: ruledb: match-field: optionally restrict to top mime-part src/PMG/RuleDB/ArchiveFilter.pm | 2 +- src/PMG/RuleDB/ContentTypeFilter.pm | 79 +++++++++++++++++++++++++---- src/PMG/RuleDB/Disclaimer.pm | 8 ++- src/PMG/RuleDB/MatchField.pm | 47 +++++++++++++++-- src/PMG/Utils.pm | 12 ++--- src/bin/pmg-smtp-filter | 10 +++- 6 files changed, 130 insertions(+), 28 deletions(-) pmg-gui: Stoiko Ivanov (3): rules/object: remove icon from remove button rules/content-typefilter: add checkbox for file content only matching fix #2709: rules: match-field: add top-level-only checkbox js/ObjectGroup.js | 3 +-- js/Utils.js | 17 +++++++++++++++++ 2 files changed, 18 insertions(+), 2 deletions(-) -- 2.39.5 _______________________________________________ pmg-devel mailing list pmg-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel