scottk/Mailu
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/Mailu.git synced 2025-11-03 11:37:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Allow specific users to send email from any address

Browse Source
This commit is contained in:
Florent Daigniere
2021-08-02 19:18:42 +02:00
parent a5534a34dc
commit facc4b6427
4 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
core/admin/mailu/configuration.py
View File

@@ -32,6 +32,7 @@ DEFAULT_CONFIG = {
'DOMAIN': 'mailu.io', 'DOMAIN': 'mailu.io',
'HOSTNAMES': 'mail.mailu.io,alternative.mailu.io,yetanother.mailu.io', 'HOSTNAMES': 'mail.mailu.io,alternative.mailu.io,yetanother.mailu.io',
'POSTMASTER': 'postmaster', 'POSTMASTER': 'postmaster',
'WILDCARD_SENDERS': '',
'TLS_FLAVOR': 'cert', 'TLS_FLAVOR': 'cert',
'INBOUND_TLS_ENFORCE': False, 'INBOUND_TLS_ENFORCE': False,
'AUTH_RATELIMIT': '1000/minute;10000/hour', 'AUTH_RATELIMIT': '1000/minute;10000/hour',

5
core/admin/mailu/internal/views/postfix.py
View File

@@ -133,10 +133,13 @@ def postfix_sender_map(sender):
@internal.route("/postfix/sender/login/<path:sender>") @internal.route("/postfix/sender/login/<path:sender>")
def postfix_sender_login(sender): def postfix_sender_login(sender):
has_wildcard_senders = bool(flask.current_app.config["WILDCARD_SENDERS"])
wildcard_senders = flask.current_app.config["WILDCARD_SENDERS"].lower().split(',') if has_wildcard_senders else []
localpart, domain_name = models.Email.resolve_domain(sender) localpart, domain_name = models.Email.resolve_domain(sender)
if localpart is None: if localpart is None:
return flask.abort(404) return flask.jsonify(",".join(wildcard_senders)) if has_wildcard_senders else flask.abort(404)
destination = models.Email.resolve_destination(localpart, domain_name, True) destination = models.Email.resolve_destination(localpart, domain_name, True)
destination = [*destination, *wildcard_senders] if destination else [*wildcard_senders]
return flask.jsonify(",".join(destination)) if destination else flask.abort(404) return flask.jsonify(",".join(destination)) if destination else flask.abort(404)

2
docs/configuration.rst
View File

@@ -37,6 +37,8 @@ The ``POSTMASTER`` is the local part of the postmaster email address. It is
recommended to setup a generic value and later configure a mail alias for that recommended to setup a generic value and later configure a mail alias for that
address. address.
The ``WILDCARD_SENDERS`` setting is a comma delimited list of user email addresses that are allowed to send emails from any address (spoofing the sender).
The ``AUTH_RATELIMIT`` holds a security setting for fighting attackers that The ``AUTH_RATELIMIT`` holds a security setting for fighting attackers that
try to guess user passwords. The value is the limit of failed authentication attempts try to guess user passwords. The value is the limit of failed authentication attempts
that a single IP address can perform against IMAP, POP and SMTP authentication endpoints. that a single IP address can perform against IMAP, POP and SMTP authentication endpoints.

1
towncrier/newsfragments/1096.feature Normal file
View File

@@ -0,0 +1 @@
Allow specific users to send emails from any address using the WILDCARD_SENDERS setting