public inbox for pmg-devel@lists.proxmox.com
 help / color / mirror / Atom feed
From: Dominik Csapak <d.csapak@proxmox.com>
To: pmg-devel@lists.proxmox.com
Subject: [pmg-devel] [PATCH pmg-api/gui v3] add quarantine self service button
Date: Wed, 18 Nov 2020 11:59:33 +0100	[thread overview]
Message-ID: <20201118105937.13079-1-d.csapak@proxmox.com> (raw)

adds an option/api call to request an quarantine link for an
email whose domain is in the relay domains

for now, we do not expose that option to the ui, but this can easily be
added if wanted

NOTES on security:

this adds a world reachable api call, that can potentially send e-mails
to users that belong to a relay domain

we ratelimit 1 request/5sec and 1 request/user/hour so that a dos is infeasible

for now all text is hardcoded, templates could be used later on
(if users want that)

changes from v2:
* introduce ratelimit
* factor out the sending sub (for readability)
* change the gui window to only have an 'OK' button (without reset)

changes from v1:
* move config to 'spamquar' section
* show button also on admin interface

pmg-api:

Dominik Csapak (3):
  refactor domain_regex to Utils
  add 'quarantinelink' to spamquar config
  api2/quarantine: add global sendlink api call

 src/PMG/API2/Quarantine.pm  | 126 ++++++++++++++++++++++++++++++++++++
 src/PMG/CLI/pmgqm.pm        |  29 +--------
 src/PMG/Config.pm           |   6 ++
 src/PMG/HTTPServer.pm       |   1 +
 src/PMG/Service/pmgproxy.pm |   4 ++
 src/PMG/Utils.pm            |  26 ++++++++
 6 files changed, 165 insertions(+), 27 deletions(-)

pmg-gui:

Dominik Csapak (1):
  add 'Request Quarantine Link' Button to LoginView

 js/LoginView.js   | 33 +++++++++++++++++++++++++++++++++
 pmg-index.html.tt |  3 ++-
 2 files changed, 35 insertions(+), 1 deletion(-)

-- 
2.20.1





             reply	other threads:[~2020-11-18 10:59 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-11-18 10:59 Dominik Csapak [this message]
2020-11-18 10:59 ` [pmg-devel] [PATCH pmg-api v3 1/3] refactor domain_regex to Utils Dominik Csapak
2020-11-18 10:59 ` [pmg-devel] [PATCH pmg-api v3 2/3] add 'quarantinelink' to spamquar config Dominik Csapak
2020-11-18 10:59 ` [pmg-devel] [PATCH pmg-api v3 3/3] api2/quarantine: add global sendlink api call Dominik Csapak
2020-11-18 10:59 ` [pmg-devel] [PATCH pmg-gui v3 1/1] add 'Request Quarantine Link' Button to LoginView Dominik Csapak
2020-11-18 16:56 ` [pmg-devel] applied: [PATCH pmg-api/gui v3] add quarantine self service button Thomas Lamprecht

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20201118105937.13079-1-d.csapak@proxmox.com \
    --to=d.csapak@proxmox.com \
    --cc=pmg-devel@lists.proxmox.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal