Merge branch 'develop'

Changes.md

@@ -1,3 +1,11 @@
+# 1.8.5 - 2023-03-05
+
+- New & Breaking change: Check for too many emails has been changed to containing the exclude and/or include value. Read the README.
+- New: Define attachment names (entire name or part of the name) and it will be blocked. Check the mongodb.ini or README.
+- Checking the limit of the message is done now only for incoming messages.
+- Attachments file names that start with a "." (dot) are now saved with the checksum and extension as file name.
+- Fix: Check for too many emails within a specific time did not work with include.
+
 # 1.8.4 - 2022-05-08
 
 - Disabled creation of index as it could throw error with different versions of MongoDB. Please create indexes according to your requirements.
@@ -53,7 +61,7 @@
 # 1.6.5 - 2020-10-18
 
 - NEW: We've added an option to limit incoming emails. Please see README
-- We are now creating indexes for our collections 
+- We are now creating indexes for our collections
 - Returning a "DENY" if the message is larger than 16MB
 - Returning a "DENY" if the message cannot be parsed
 - Updated libraries
@@ -79,7 +87,7 @@
 
 - You can now use a mongodb:// connection string with the new string value
 - There is now a new "limit" option as you cannot insert more that 16 MB documents into MongoDB
-- You can now send back emails to the sender on limits, parsing, and insert errors 
+- You can now send back emails to the sender on limits, parsing, and insert errors
 - Improved performance for parsing inline images
 - Added custom content type to extend what attachments Haraka should accept as valid files. Otherwise the attachment is renamed to (filename).txt
 - Removed some content types from the default reject string
@@ -144,7 +152,7 @@
 
 # 1.4.8 - 2019-12-05
 
-- The filename of files within a winmail.dat are now cleaned up as well (surprisingly a lot of people are still sending those) 
+- The filename of files within a winmail.dat are now cleaned up as well (surprisingly a lot of people are still sending those)
 
 # 1.4.7 - 2019-12-04
 

README.md

@@ -38,9 +38,9 @@ Copy the mongodb.ini from the config directory (haraka-plugin-mongodb/config) to
 
 Provide your credentials to connect to your MongoDB instance.
 
-As of version 1.6.2 you can also define a mongodb connection string directly using the "string" value. This has to be a valid [mongodb connection string](https://docs.mongodb.com/manual/reference/connection-string). If you define a connection string, only the connection string will be used for the connection. 
+As of version 1.6.2 you can also define a mongodb connection string directly using the "string" value. This has to be a valid [mongodb connection string](https://docs.mongodb.com/manual/reference/connection-string). If you define a connection string, only the connection string will be used for the connection.
 
-Please note that the mongodb connection is used for both the delivery and the queue. If you want to store the queue in another database you should use a separate queue and a delivery instance. 
+Please note that the mongodb connection is used for both the delivery and the queue. If you want to store the queue in another database you should use a separate queue and a delivery instance.
 
 ## Section: Collections
 
@@ -58,6 +58,9 @@ This plugin comes now with a built-in check to make sure your attachment path is
 ### Attachment reject (new as of 1.6.1)
 Enter the attachments content type that should be rejected. The default ones are the most common file types that should never be accepted by any file system. Feel free to adjust. It's an array with content type strings.
 
+### Attachment reject by name (new as of 1.8.5)
+Enter the attachments name that should be rejected. Enter the entire filename or only part of the name. Feel free to adjust. It's an array with content type strings.
+
 ### Extend content types (new as of 1.6.2)
 As of 1.6.1 we test each attachment for the proper content type and get the correct extension. Sometimes you might want to extend that with your own content types. With the new "custom_content_type" setting you can do that now. Within the mongodb.ini simply extend the map with your own custom types. The format is, 'content/type' : ['extension'] and you comma separate each content type.
 
@@ -83,9 +86,20 @@ Enter your SMTP server values and FROM, CC, and BCC for sending an alert email t
 
 Enabling the limits for incoming emails will check the FROM and the TO email-address of incoming email and send back a "softdeny" if found. The time amount is set in the "timeout_seconds" setting. By default this is set to 10 seconds. In our experience, we've seen that this will throttle most automated systems, while emails from users are coming in without delays.
 
-Use the "exclude" (empty array) settings to never throttle emails from a certain domain.
+Use the "exclude" settings to never throttle emails from a certain domain.
+
+
+---
+### Breaking change as of 1.8.5
+
+The exclude and include values check if the word is found within the senders email address. Previously, it was only checking the email domain. This allows you to exclude certain words and/or include words. The default config file now includes some sane values to check now (though, as long as the limit check is disabled nothing it will not check for anything).
+
+Please also note, that the format of the exclude and include params has changed! If you use the limit check, please change your config values first.
+
+---
+
 
-As of 1.7.0 you can also use the "include" (empty array) setting to only include certain domains in the check. An empty array means to check for all incoming emails, one or many values mean to only check for those domains.
+As of 1.7.0 you can also use the "include" setting to only include certain domains in the check. An empty array means to check for all incoming emails, one or many values mean to only check for those domains.
 
 As of 1.8.0 there is a new parameter called "db" that lets you use Redis as an alternative to MongoDB. This is helpful if you get thousands of emails and want to save on the constant MongoDB connections. Besides, the MongoDB TTL is not accurate enough and Redis is made for such a use case. Set db=redis to use Redis instead of db=mongodb.
 

config/max_data_line_length

@@ -0,0 +1 @@
+3000

config/mongodb.ini

@@ -28,9 +28,14 @@ delivery=email_delivery_results
 ; Absolute path to store attachments
 [attachments]
 path=/opt/attachments
+; The below path has to exists or else we stop Haraka from starting. Leave empty if you don't want to execute a check.
+; Great if you have to make sure that a value is mounted or keeps being mounted. If we loose connection we exit Haraka.
 path_check=
+; Attachments that should always be rejected. The values below are the ones that Gmail and Outlook also reject
 reject=['application/x-freearc','application/x-bzip','application/x-bzip2','application/x-csh','application/gzip','application/java-archive','text/javascript','application/vnd.apple.installer+xml','application/x-httpd-php','application/x-sh','application/xhtml+xml','application/vnd.microsoft.portable-executable','application/x-msdownload','application/exe','application/x-exe','application/dos-exe','vms/exe','application/x-winexe','application/msdos-windows','application/x-msdos-program']
 custom_content_type={ 'application/imed' : ['imed'] }
+; You can also reject attachments by filename. Enter the complete filename or only part of it
+reject_by_name=['~WRD']
 
 ; Convert inline images or not
 ; cid = leave value as cid:(number) - this is useful if you want to process the images later on
@@ -72,16 +77,37 @@ bcc=
 ; Limit incoming messages. Please see the README for instructions
 [limits]
 incoming=no
-incoming_collection=limit_incoming
+
 ; Limit in seconds
 incoming_seconds=30
-; Domains you want to exclude from the limits check
-exclude=['helpmonks.com','helpmonks.net','helpmonks.org','sendmonks.net','sendmonks.com','razuna.com','razuna.org']
-; Domains that should be INCLUDED in the limits check (when left as an empty array it will check every email)
-include=[]
+
+; Strings that should be excluded from the limits check
+exclude[] = helpmonks
+exclude[] = sendmonks
+exclude[] = razuna
+
+; String that should be included in the limits check
+include[] = monitor
+include[] = notification
+include[] = java
+include[] = noreply
+include[] = notreply
+include[] = no-reply
+include[] = not-reply
+include[] = deployment
+include[] = notifier
+include[] = root
+include[] = alert
+include[] = uptime
+include[] = robot
+include[] = opsgenie
+
 ; Set the database to be used. Either "mongodb" or "redis"
 db=redis
 
+; Set the collection to be used if you use mongodb
+incoming_collection=limit_incoming
+
 ; Redis Credentials
 ; Used for the limit incoming option above
 [redis]

email_body_utility.js

@@ -713,4 +713,4 @@ const EmailBodyUtility = function() {
 		convertPlainTextToHtml // (text)
 	};
 }();
-module.exports = EmailBodyUtility;
+module.exports = EmailBodyUtility;