implementation start of rspam/antispam feature

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>

install/froxlor.sql.php

@@ -94,6 +94,10 @@ CREATE TABLE `mail_virtual` (
   `popaccountid` int(11) NOT NULL default '0',
   `iscatchall` tinyint(1) unsigned NOT NULL default '0',
   `description` varchar(255) NOT NULL DEFAULT '',
+  `spam_tag_level` float(4,1) NOT NULL DEFAULT 7.0,
+  `spam_kill_level` float(4,1) NOT NULL DEFAULT 14.0,
+  `bypass_spam` tinyint(1) NOT NULL default '0',
+  `policy_greylist` tinyint(1) NOT NULL default '1',
   PRIMARY KEY  (`id`),
   KEY `email` (`email`)
 ) ENGINE=InnoDB CHARSET=utf8 COLLATE=utf8_general_ci;
@@ -380,22 +384,18 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('logger', 'logfile', ''),
 	('logger', 'logtypes', 'syslog,mysql'),
 	('logger', 'severity', '1'),
-	('dkim', 'use_dkim', '0'),
-	('dkim', 'dkim_prefix', '/etc/postfix/dkim/'),
-	('dkim', 'dkim_domains', 'domains'),
-	('dkim', 'dkim_dkimkeys', 'dkim-keys.conf'),
-	('dkim', 'dkimrestart_command', 'service dkim-filter restart'),
-	('dkim', 'privkeysuffix', '.priv'),
+	('antispam', 'activated', '0'),
+	('antispam', 'config_file', '/etc/rspamd/local.d/froxlor_settings.conf'),
+	('antispam', 'reload_command', 'service rspamd restart'),
+	('antispam', 'dkim_keylength', '1024'),
 	('admin', 'show_news_feed', '0'),
 	('admin', 'show_version_login', '0'),
 	('admin', 'show_version_footer', '0'),
 	('caa', 'caa_entry', ''),
 	('spf', 'use_spf', '0'),
 	('spf', 'spf_entry', 'v=spf1 a mx -all'),
-	('dkim', 'dkim_algorithm', 'all'),
-	('dkim', 'dkim_keylength', '1024'),
-	('dkim', 'dkim_servicetype', '0'),
-	('dkim', 'dkim_notes', ''),
+	('dmarc', 'use_dmarc', '0'),
+	('dmarc', 'dmarc_entry', 'v=DMARC1; p=none;'),
 	('defaultwebsrverrhandler', 'enabled', '0'),
 	('defaultwebsrverrhandler', 'err401', ''),
 	('defaultwebsrverrhandler', 'err403', ''),
@@ -726,6 +726,8 @@ opcache.validate_timestamps'),
 	('panel', 'logo_overridecustom', '0'),
 	('panel', 'settings_mode', '0'),
 	('panel', 'menu_collapsed', '1'),
+	('panel', 'version', '2.2.0-dev1'),
+	('panel', 'db_version', '202312230');
 	('panel', 'version', '2.1.4'),
 	('panel', 'db_version', '202312120');
 

install/updates/froxlor/update_2.0.inc.php

@@ -99,7 +99,6 @@ if (Froxlor::isFroxlorVersion('0.10.38.3')) {
 	}
 	Update::lastStepStatus(0);
 
-	Update::showUpdateStep("Cleaning up old files");
 	$to_clean = array(
 		"install/lib",
 		"install/lng",
@@ -121,30 +120,7 @@ if (Froxlor::isFroxlorVersion('0.10.38.3')) {
 		"lng/swedish.lng.php",
 		"scripts",
 	);
-	$disabled = explode(',', ini_get('disable_functions'));
-	$exec_allowed = !in_array('exec', $disabled);
-	$del_list = "";
-	foreach ($to_clean as $filedir) {
-		$complete_filedir = Froxlor::getInstallDir() . $filedir;
-		if (file_exists($complete_filedir)) {
-			if ($exec_allowed) {
-				FileDir::safe_exec("rm -rf " . escapeshellarg($complete_filedir));
-			} else {
-				$del_list .= "rm -rf " . escapeshellarg($complete_filedir) . PHP_EOL;
-			}
-		}
-	}
-	if ($exec_allowed) {
-		Update::lastStepStatus(0);
-	} else {
-		if (empty($del_list)) {
-			// none of the files existed
-			Update::lastStepStatus(0);
-		} else {
-			Update::lastStepStatus(1, 'manual commands needed',
-				'Please run the following commands manually:<br><pre>' . $del_list . '</pre>');
-		}
-	}
+	Update::cleanOldFiles($to_clean);
 
 	Update::showUpdateStep("Adding new settings");
 	$panel_settings_mode = isset($_POST['panel_settings_mode']) ? (int)$_POST['panel_settings_mode'] : 0;

install/updates/froxlor/update_2.1.inc.php

@@ -149,7 +149,6 @@ if (Froxlor::isFroxlorVersion('2.1.0-rc2')) {
 }
 
 if (Froxlor::isDatabaseVersion('202311260')) {
-	Update::showUpdateStep("Cleaning up old files");
 	$to_clean = array(
 		"install/updates/froxlor/update_2.x.inc.php",
 		"install/updates/preconfig/preconfig_2.x.inc.php",
@@ -175,33 +174,8 @@ if (Froxlor::isDatabaseVersion('202311260')) {
 		"templates/Froxlor/user/change_theme.html.twig",
 		"tests/Backup/CustomerBackupsTest.php"
 	);
-	$disabled = explode(',', ini_get('disable_functions'));
-	$exec_allowed = !in_array('exec', $disabled);
-	$del_list = "";
-	foreach ($to_clean as $filedir) {
-		$complete_filedir = Froxlor::getInstallDir() . $filedir;
-		if (file_exists($complete_filedir)) {
-			if ($exec_allowed) {
-				FileDir::safe_exec("rm -rf " . escapeshellarg($complete_filedir));
-			} else {
-				$del_list .= "rm -rf " . escapeshellarg($complete_filedir) . PHP_EOL;
-			}
-		}
-	}
-	if ($exec_allowed) {
-		Update::lastStepStatus(0);
-	} else {
-		if (empty($del_list)) {
-			// none of the files existed
-			Update::lastStepStatus(0);
-		} else {
-			Update::lastStepStatus(
-                1,
-                'manual commands needed',
-                'Please run the following commands manually:<br><pre>' . $del_list . '</pre>'
-            );
-		}
-	}
+	Update::cleanOldFiles($to_clean);
+
 	Froxlor::updateToDbVersion('202312050');
 }
 
@@ -216,7 +190,6 @@ if (Froxlor::isFroxlorVersion('2.1.0')) {
 }
 
 if (Froxlor::isDatabaseVersion('202312050')) {
-	Update::showUpdateStep("Cleaning up old files");
 	$to_clean = array(
 		"lib/configfiles/centos7.xml",
 		"lib/configfiles/centos8.xml",
@@ -225,33 +198,8 @@ if (Froxlor::isDatabaseVersion('202312050')) {
 		"lib/configfiles/buster.xml",
 		"lib/configfiles/bionic.xml",
 	);
-	$disabled = explode(',', ini_get('disable_functions'));
-	$exec_allowed = !in_array('exec', $disabled);
-	$del_list = "";
-	foreach ($to_clean as $filedir) {
-		$complete_filedir = Froxlor::getInstallDir() . $filedir;
-		if (file_exists($complete_filedir)) {
-			if ($exec_allowed) {
-				FileDir::safe_exec("rm -rf " . escapeshellarg($complete_filedir));
-			} else {
-				$del_list .= "rm -rf " . escapeshellarg($complete_filedir) . PHP_EOL;
-			}
-		}
-	}
-	if ($exec_allowed) {
-		Update::lastStepStatus(0);
-	} else {
-		if (empty($del_list)) {
-			// none of the files existed
-			Update::lastStepStatus(0);
-		} else {
-			Update::lastStepStatus(
-				1,
-				'manual commands needed',
-				'Please run the following commands manually:<br><pre>' . $del_list . '</pre>'
-			);
-		}
-	}
+	Update::cleanOldFiles($to_clean);
+
 	Froxlor::updateToDbVersion('202312100');
 }
 

install/updates/froxlor/update_2.2.inc.php

@@ -0,0 +1,68 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, you can also view it online at
+ * https://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  the authors
+ * @author     Froxlor team <team@froxlor.org>
+ * @license    https://files.froxlor.org/misc/COPYING.txt GPLv2
+ */
+
+use Froxlor\Database\Database;
+use Froxlor\FileDir;
+use Froxlor\Froxlor;
+use Froxlor\Install\Update;
+use Froxlor\Settings;
+
+if (!defined('_CRON_UPDATE')) {
+	if (!defined('AREA') || (defined('AREA') && AREA != 'admin') || !isset($userinfo['loginname']) || (isset($userinfo['loginname']) && $userinfo['loginname'] == '')) {
+		header('Location: ../../../../index.php');
+		exit();
+	}
+}
+
+if (Froxlor::isFroxlorVersion('2.1.x')) {
+	Update::showUpdateStep("Enhancing virtual email table");
+	Database::query("ALTER TABLE `" . TABLE_MAIL_VIRTUAL . "` ADD `spam_tag_level` float(4,1) NOT NULL DEFAULT 7.0;");
+	Database::query("ALTER TABLE `" . TABLE_MAIL_VIRTUAL . "` ADD `spam_kill_level` float(4,1) NOT NULL DEFAULT 14.0;");
+	Database::query("ALTER TABLE `" . TABLE_MAIL_VIRTUAL . "` ADD `bypass_spam` tinyint(1) NOT NULL default '0';");
+	Database::query("ALTER TABLE `" . TABLE_MAIL_VIRTUAL . "` ADD `policy_greylist` tinyint(1) NOT NULL default '1';");
+	Update::lastStepStatus(0);
+
+	Update::showUpdateStep("Adjusting settings");
+	Database::query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `settinggroup` = 'antispam', `varname` = 'activated' WHERE `settinggroup` = 'dkim' AND `varname` = 'use_dkim';");
+	Database::query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `settinggroup` = 'antispam', `varname` = 'reload_command' WHERE `settinggroup` = 'dkim' AND `varname` = 'dkimrestart_command';");
+	Database::query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `settinggroup` = 'antispam', `varname` = 'config_file', `value` = '/etc/rspamd/local.d/froxlor_settings.conf' WHERE `settinggroup` = 'dkim' AND `varname` = 'dkim_prefix';");
+	Database::query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `settinggroup` = 'antispam' WHERE `settinggroup` = 'dkim' AND `varname` = 'dkim_keylength';");
+	Settings::AddNew("dmarc.use_dmarc", "0");
+	Settings::AddNew("dmarc.dmarc_entry", "v=DMARC1; p=none;");
+	Database::query("DELETE FROM `" . TABLE_PANEL_SETTINGS . "` WHERE `settinggroup` = 'dkim' AND `varname` = 'privkeysuffix';");
+	Database::query("DELETE FROM `" . TABLE_PANEL_SETTINGS . "` WHERE `settinggroup` = 'dkim' AND `varname` = 'dkim_domains';");
+	Database::query("DELETE FROM `" . TABLE_PANEL_SETTINGS . "` WHERE `settinggroup` = 'dkim' AND `varname` = 'dkim_algorithm';");
+	Database::query("DELETE FROM `" . TABLE_PANEL_SETTINGS . "` WHERE `settinggroup` = 'dkim' AND `varname` = 'dkim_notes';");
+	Update::lastStepStatus(0);
+
+	$to_clean = [
+		'actions/admin/settings/180.dkim.php',
+		'actions/admin/settings/185.spf.php',
+	];
+	Update::cleanOldFiles($to_clean);
+
+	Froxlor::updateToDbVersion('202312230');
+	Froxlor::updateToVersion('2.2.0-dev1');
+}

install/updates/preconfig/preconfig_2.2.inc.php

@@ -0,0 +1,48 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, you can also view it online at
+ * https://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  the authors
+ * @author     Froxlor team <team@froxlor.org>
+ * @license    https://files.froxlor.org/misc/COPYING.txt GPLv2
+ */
+
+use Froxlor\Install\Update;
+
+$preconfig = [
+	'title' => '2.2.x updates',
+	'fields' => []
+];
+$return = [];
+
+if (Update::versionInUpdate($current_version, '2.2.0-dev1')) {
+	$has_preconfig = true;
+	$description = 'Froxlor now features antispam configurations using rspamd. Would you like to enable the antispam feature (required re-configuration of services)?';
+	$question = '<strong>Enable antispam (recommended)</strong>&nbsp;';
+	$return['antispam_activated'] = [
+		'type' => 'checkbox',
+		'value' => 1,
+		'checked' => 0,
+		'label' => $question,
+		'prior_infotext' => $description
+	];
+}
+
+$preconfig['fields'] = $return;
+return $preconfig;

install/updatesql.php

@@ -55,6 +55,7 @@ if (Froxlor::isFroxlor()) {
 	include_once(FileDir::makeCorrectFile(dirname(__FILE__) . '/updates/froxlor/update_0.10.inc.php'));
 	include_once(FileDir::makeCorrectFile(dirname(__FILE__) . '/updates/froxlor/update_2.0.inc.php'));
 	include_once(FileDir::makeCorrectFile(dirname(__FILE__) . '/updates/froxlor/update_2.1.inc.php'));
+	include_once(FileDir::makeCorrectFile(dirname(__FILE__) . '/updates/froxlor/update_2.2.inc.php'));
 
 	// Check Froxlor - database integrity (only happens after all updates are done, so we know the db-layout is okay)
 	Update::showUpdateStep("Checking database integrity");