added relay

This commit is contained in:
2026-05-25 14:30:41 +00:00
parent 063b3b643f
commit 3d46ccde33
12 changed files with 599 additions and 37 deletions
+3 -2
View File
@@ -232,7 +232,7 @@ func (d *DB) DeleteUser(ctx context.Context, userID int64) error {
func (d *DB) ListAllUsers(ctx context.Context) ([]*UserWithDomain, error) {
rows, err := d.db.QueryContext(ctx, `
SELECT u.id, u.domain_id, u.username, u.email, u.display_name,
u.quota_bytes, u.used_bytes, u.enabled, u.admin, u.domain_admin,
u.quota_bytes, u.used_bytes, u.enabled, u.admin, u.domain_admin, u.is_relay,
u.mfa_enabled, u.created_at, u.last_login,
d.name AS domain_name
FROM users u
@@ -249,7 +249,7 @@ func (d *DB) ListAllUsers(ctx context.Context) ([]*UserWithDomain, error) {
var lastLogin sql.NullTime
err := rows.Scan(
&u.ID, &u.DomainID, &u.Username, &u.Email, &u.DisplayName,
&u.QuotaBytes, &u.UsedBytes, &u.Enabled, &u.Admin, &u.DomainAdmin,
&u.QuotaBytes, &u.UsedBytes, &u.Enabled, &u.Admin, &u.DomainAdmin, &u.IsRelay,
&u.MFAEnabled, &u.CreatedAt, &lastLogin,
&u.DomainName,
)
@@ -277,6 +277,7 @@ type UserWithDomain struct {
Enabled bool
Admin bool
DomainAdmin bool
IsRelay bool
MFAEnabled bool
CreatedAt time.Time
LastLogin time.Time
+25
View File
@@ -17,6 +17,7 @@ type migration struct {
var migrations = []migration{
{1, schemav1},
{2, schemav2},
{3, schemav3},
}
// migrate applies any unapplied migrations in order.
@@ -337,6 +338,30 @@ CREATE TABLE IF NOT EXISTS spam_tokens (
CREATE INDEX IF NOT EXISTS idx_spam_tokens_user ON spam_tokens(user_id, token);
`
// ---- Schema v3: Relay accounts ----
const schemav3 = `
ALTER TABLE users ADD COLUMN is_relay BOOLEAN NOT NULL DEFAULT 0;
CREATE TABLE IF NOT EXISTS relay_send_as (
id INTEGER PRIMARY KEY AUTOINCREMENT,
user_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE,
pattern TEXT NOT NULL,
created_at DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP
);
CREATE INDEX IF NOT EXISTS idx_relay_send_as_user ON relay_send_as(user_id);
CREATE TABLE IF NOT EXISTS relay_ip_rules (
id INTEGER PRIMARY KEY AUTOINCREMENT,
domain_id INTEGER NOT NULL REFERENCES domains(id) ON DELETE CASCADE,
cidr TEXT NOT NULL,
sender_pattern TEXT NOT NULL,
description TEXT NOT NULL DEFAULT '',
created_at DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP
);
CREATE INDEX IF NOT EXISTS idx_relay_ip_rules_domain ON relay_ip_rules(domain_id);
`
// ---- Schema v2: DMARC monitoring ----
const schemav2 = `
+176
View File
@@ -0,0 +1,176 @@
package db
import (
"context"
"net"
"strings"
"ghb.freebede.com/nahakubuilder/mailgosend/internal/models"
)
// ---- Relay send-as (per user) ----
// GetRelaySendAs returns all allowed sender patterns for a relay user.
func (d *DB) GetRelaySendAs(ctx context.Context, userID int64) ([]*models.RelaySendAs, error) {
rows, err := d.db.QueryContext(ctx,
"SELECT id, user_id, pattern, created_at FROM relay_send_as WHERE user_id=? ORDER BY id", userID)
if err != nil {
return nil, err
}
defer rows.Close()
var out []*models.RelaySendAs
for rows.Next() {
r := &models.RelaySendAs{}
if err := rows.Scan(&r.ID, &r.UserID, &r.Pattern, &r.CreatedAt); err != nil {
return nil, err
}
out = append(out, r)
}
return out, rows.Err()
}
// AddRelaySendAs adds a sender pattern for a relay user. Duplicate patterns are ignored.
func (d *DB) AddRelaySendAs(ctx context.Context, userID int64, pattern string) error {
_, err := d.db.ExecContext(ctx,
"INSERT OR IGNORE INTO relay_send_as (user_id, pattern) VALUES (?,?)", userID, pattern)
return err
}
// DeleteRelaySendAs removes a sender pattern. userID is verified to prevent cross-user deletion.
func (d *DB) DeleteRelaySendAs(ctx context.Context, id, userID int64) error {
_, err := d.db.ExecContext(ctx,
"DELETE FROM relay_send_as WHERE id=? AND user_id=?", id, userID)
return err
}
// IsRelaySenderAllowed returns true when the relay user is permitted to send as fromEmail.
// Own email is always allowed. Otherwise checks relay_send_as patterns.
func (d *DB) IsRelaySenderAllowed(ctx context.Context, userID int64, fromEmail string) (bool, error) {
user, err := d.GetUserByID(ctx, userID)
if err != nil {
return false, err
}
if user != nil && strings.EqualFold(user.Email, fromEmail) {
return true, nil
}
rows, err := d.db.QueryContext(ctx,
"SELECT pattern FROM relay_send_as WHERE user_id=?", userID)
if err != nil {
return false, err
}
defer rows.Close()
for rows.Next() {
var pattern string
if err := rows.Scan(&pattern); err != nil {
return false, err
}
if matchSenderPattern(pattern, fromEmail) {
return true, nil
}
}
return false, rows.Err()
}
// ---- Relay IP rules (per domain) ----
// GetRelayIPRules returns all IP relay rules for a domain.
func (d *DB) GetRelayIPRules(ctx context.Context, domainID int64) ([]*models.RelayIPRule, error) {
rows, err := d.db.QueryContext(ctx, `
SELECT id, domain_id, cidr, sender_pattern, description, created_at
FROM relay_ip_rules WHERE domain_id=? ORDER BY id`, domainID)
if err != nil {
return nil, err
}
defer rows.Close()
var out []*models.RelayIPRule
for rows.Next() {
r := &models.RelayIPRule{}
if err := rows.Scan(&r.ID, &r.DomainID, &r.CIDR, &r.SenderPattern, &r.Description, &r.CreatedAt); err != nil {
return nil, err
}
out = append(out, r)
}
return out, rows.Err()
}
// AddRelayIPRule adds an IP relay rule for a domain.
func (d *DB) AddRelayIPRule(ctx context.Context, domainID int64, cidr, senderPattern, description string) error {
_, err := d.db.ExecContext(ctx, `
INSERT INTO relay_ip_rules (domain_id, cidr, sender_pattern, description)
VALUES (?,?,?,?)`, domainID, cidr, senderPattern, description)
return err
}
// DeleteRelayIPRule removes an IP relay rule. domainID is verified.
func (d *DB) DeleteRelayIPRule(ctx context.Context, id, domainID int64) error {
_, err := d.db.ExecContext(ctx,
"DELETE FROM relay_ip_rules WHERE id=? AND domain_id=?", id, domainID)
return err
}
// CheckIPRelay returns true when the client IP is authorized to send as senderEmail
// via any active IP relay rule across all enabled domains.
func (d *DB) CheckIPRelay(ctx context.Context, clientIP, senderEmail string) (bool, error) {
rows, err := d.db.QueryContext(ctx, `
SELECT r.cidr, r.sender_pattern
FROM relay_ip_rules r
JOIN domains d ON d.id = r.domain_id
WHERE d.enabled = 1`)
if err != nil {
return false, err
}
defer rows.Close()
for rows.Next() {
var cidr, pattern string
if err := rows.Scan(&cidr, &pattern); err != nil {
return false, err
}
if ipInCIDR(cidr, clientIP) && matchSenderPattern(pattern, senderEmail) {
return true, nil
}
}
return false, rows.Err()
}
// ---- Helpers ----
// matchSenderPattern checks if email matches pattern.
// "*@domain.com" matches any address at that domain.
// Anything else is an exact case-insensitive match.
func matchSenderPattern(pattern, email string) bool {
pattern = strings.ToLower(strings.TrimSpace(pattern))
email = strings.ToLower(strings.TrimSpace(email))
if pattern == email {
return true
}
if strings.HasPrefix(pattern, "*@") {
domain := pattern[2:]
at := strings.LastIndex(email, "@")
return at > 0 && email[at+1:] == domain
}
return false
}
// ipInCIDR returns true when ip falls within the cidr range.
// cidr may be a plain IP (treated as single-host) or CIDR notation.
func ipInCIDR(cidr, ip string) bool {
parsedIP := net.ParseIP(ip)
if parsedIP == nil {
return false
}
if !strings.Contains(cidr, "/") {
// Plain IP — exact match.
target := net.ParseIP(cidr)
return target != nil && target.Equal(parsedIP)
}
_, network, err := net.ParseCIDR(cidr)
if err != nil {
return false
}
return network.Contains(parsedIP)
}
+11 -5
View File
@@ -13,7 +13,7 @@ import (
func (d *DB) GetUserByEmail(ctx context.Context, email string) (*models.User, error) {
row := d.db.QueryRowContext(ctx, `
SELECT id, domain_id, username, email, password_hash, display_name,
quota_bytes, used_bytes, enabled, admin, domain_admin,
quota_bytes, used_bytes, enabled, admin, domain_admin, is_relay,
mfa_secret_enc, mfa_enabled, recovery_codes_enc, created_at, last_login
FROM users WHERE lower(email)=lower(?)`, email)
return scanUser(row)
@@ -23,7 +23,7 @@ func (d *DB) GetUserByEmail(ctx context.Context, email string) (*models.User, er
func (d *DB) GetUserByID(ctx context.Context, id int64) (*models.User, error) {
row := d.db.QueryRowContext(ctx, `
SELECT id, domain_id, username, email, password_hash, display_name,
quota_bytes, used_bytes, enabled, admin, domain_admin,
quota_bytes, used_bytes, enabled, admin, domain_admin, is_relay,
mfa_secret_enc, mfa_enabled, recovery_codes_enc, created_at, last_login
FROM users WHERE id=?`, id)
return scanUser(row)
@@ -119,7 +119,7 @@ func (d *DB) UpdateLastLogin(ctx context.Context, userID int64) {
func (d *DB) ListUsers(ctx context.Context, domainID int64) ([]*models.User, error) {
rows, err := d.db.QueryContext(ctx, `
SELECT id, domain_id, username, email, password_hash, display_name,
quota_bytes, used_bytes, enabled, admin, domain_admin,
quota_bytes, used_bytes, enabled, admin, domain_admin, is_relay,
mfa_secret_enc, mfa_enabled, recovery_codes_enc, created_at, last_login
FROM users WHERE domain_id=? ORDER BY email`, domainID)
if err != nil {
@@ -135,7 +135,7 @@ func (d *DB) ListUsers(ctx context.Context, domainID int64) ([]*models.User, err
err := rows.Scan(
&u.ID, &u.DomainID, &u.Username, &u.Email, &u.PasswordHash,
&u.DisplayName, &u.QuotaBytes, &u.UsedBytes, &u.Enabled,
&u.Admin, &u.DomainAdmin,
&u.Admin, &u.DomainAdmin, &u.IsRelay,
&mfaEnc, &u.MFAEnabled, &rcEnc,
&u.CreatedAt, &lastLogin,
)
@@ -152,6 +152,12 @@ func (d *DB) ListUsers(ctx context.Context, domainID int64) ([]*models.User, err
return users, rows.Err()
}
// SetUserIsRelay sets the is_relay flag for a user.
func (d *DB) SetUserIsRelay(ctx context.Context, userID int64, isRelay bool) error {
_, err := d.db.ExecContext(ctx, "UPDATE users SET is_relay=? WHERE id=?", isRelay, userID)
return err
}
// ---- private ----
func scanUser(row *sql.Row) (*models.User, error) {
@@ -162,7 +168,7 @@ func scanUser(row *sql.Row) (*models.User, error) {
err := row.Scan(
&u.ID, &u.DomainID, &u.Username, &u.Email, &u.PasswordHash,
&u.DisplayName, &u.QuotaBytes, &u.UsedBytes, &u.Enabled,
&u.Admin, &u.DomainAdmin,
&u.Admin, &u.DomainAdmin, &u.IsRelay,
&mfaEnc, &u.MFAEnabled, &rcEnc,
&u.CreatedAt, &lastLogin,
)
+23
View File
@@ -69,6 +69,7 @@ type User struct {
Enabled bool
Admin bool // global admin
DomainAdmin bool // admin of own domain only
IsRelay bool // relay account: SMTP auth only, no IMAP mailbox
MFASecretEnc []byte // encrypted TOTP secret; nil = MFA disabled
MFAEnabled bool
RecoveryCodesEnc []byte // encrypted JSON array of one-time codes
@@ -309,6 +310,28 @@ type SpamToken struct {
HamCount int64
}
// ---- Relay ----
// RelaySendAs is a permitted sender pattern for a relay user account.
// Pattern may be an exact address or a wildcard (*@domain.com).
type RelaySendAs struct {
ID int64
UserID int64
Pattern string
CreatedAt time.Time
}
// RelayIPRule allows unauthenticated SMTP relay from a specific IP/CIDR
// for a given sender pattern, per domain.
type RelayIPRule struct {
ID int64
DomainID int64
CIDR string // IP or CIDR notation
SenderPattern string // exact email or *@domain.com
Description string
CreatedAt time.Time
}
// ---- Compose helpers (not persisted directly) ----
type Attachment_Upload struct {
+50 -22
View File
@@ -47,11 +47,12 @@ func (b *SubmissionBackend) NewSession(c *gosmtp.Conn) (gosmtp.Session, error) {
// SubmissionSession handles one authenticated submission connection.
type SubmissionSession struct {
deps *Deps
clientIP string
user *models.User // set after AUTH
from string
rcpts []string
deps *Deps
clientIP string
user *models.User // set after AUTH
ipRelayMode bool // set when IP relay authorization succeeds (no AUTH)
from string
rcpts []string
}
func (s *SubmissionSession) AuthPlain(username, password string) error {
@@ -81,19 +82,49 @@ func (s *SubmissionSession) AuthPlain(username, password string) error {
}
func (s *SubmissionSession) Mail(from string, opts *gosmtp.MailOptions) error {
if s.user == nil {
return &gosmtp.SMTPError{Code: 530, Message: "authentication required"}
}
addr, err := mail.ParseAddress(from)
if err != nil {
return &gosmtp.SMTPError{Code: 501, EnhancedCode: gosmtp.EnhancedCode{5, 1, 7}, Message: "invalid sender"}
}
// Sender must be user's own address or an alias they own.
fromEmail := strings.ToLower(addr.Address)
if s.user == nil {
// Unauthenticated — check IP relay rules.
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel()
allowed, err := s.deps.DB.CheckIPRelay(ctx, s.clientIP, fromEmail)
if err != nil {
log.Printf("[smtp/submission] ip relay check error from %s: %v", s.clientIP, err)
return &gosmtp.SMTPError{Code: 451, EnhancedCode: gosmtp.EnhancedCode{4, 3, 0}, Message: "temporary error"}
}
if !allowed {
return &gosmtp.SMTPError{Code: 530, Message: "authentication required"}
}
s.ipRelayMode = true
s.from = addr.Address
return nil
}
if s.user.IsRelay {
// Relay account — validate sender against allowed patterns.
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel()
allowed, err := s.deps.DB.IsRelaySenderAllowed(ctx, s.user.ID, fromEmail)
if err != nil {
log.Printf("[smtp/submission] relay sender check error for %s: %v", s.user.Email, err)
return &gosmtp.SMTPError{Code: 451, EnhancedCode: gosmtp.EnhancedCode{4, 3, 0}, Message: "temporary error"}
}
if !allowed {
return &gosmtp.SMTPError{Code: 553, EnhancedCode: gosmtp.EnhancedCode{5, 1, 8}, Message: "sender not permitted for this relay account"}
}
s.from = addr.Address
return nil
}
// Regular user — sender must be own email or an alias.
if !strings.EqualFold(fromEmail, s.user.Email) {
// Check aliases.
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel()
@@ -108,7 +139,7 @@ func (s *SubmissionSession) Mail(from string, opts *gosmtp.MailOptions) error {
}
func (s *SubmissionSession) Rcpt(to string, opts *gosmtp.RcptOptions) error {
if s.user == nil {
if s.user == nil && !s.ipRelayMode {
return &gosmtp.SMTPError{Code: 530, Message: "authentication required"}
}
@@ -122,7 +153,7 @@ func (s *SubmissionSession) Rcpt(to string, opts *gosmtp.RcptOptions) error {
}
func (s *SubmissionSession) Data(r io.Reader) error {
if s.user == nil {
if s.user == nil && !s.ipRelayMode {
return &gosmtp.SMTPError{Code: 530, Message: "authentication required"}
}
if len(s.rcpts) == 0 {
@@ -137,7 +168,6 @@ func (s *SubmissionSession) Data(r io.Reader) error {
return &gosmtp.SMTPError{Code: 552, EnhancedCode: gosmtp.EnhancedCode{5, 3, 4}, Message: "message too large"}
}
// Parse for basic header validation.
_, err = mail.ReadMessage(bytes.NewReader(raw))
if err != nil {
return &gosmtp.SMTPError{Code: 550, EnhancedCode: gosmtp.EnhancedCode{5, 6, 0}, Message: "malformed message"}
@@ -146,22 +176,17 @@ func (s *SubmissionSession) Data(r io.Reader) error {
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
defer cancel()
// DKIM-sign the message if the sender's domain has keys configured.
senderDomain := domainOf(s.from)
raw = s.signDKIM(ctx, raw, senderDomain)
msgID := extractMsgID(raw)
// Queue each recipient for delivery.
// For local recipients we could deliver directly, but queuing is simpler and
// provides a consistent audit trail.
dom, err := s.deps.DB.GetDomain(ctx, senderDomain)
var domainID int64
if err == nil && dom != nil {
domainID = dom.ID
}
// Encrypt raw for queue storage using a global (non-user) key.
queueKey, err := s.deps.Crypt.DeriveKeyGlobal("queue")
if err != nil {
return fmt.Errorf("queue key: %w", err)
@@ -180,8 +205,10 @@ func (s *SubmissionSession) Data(r io.Reader) error {
log.Printf("[smtp/submission] queued %s → %s", s.from, rcpt)
}
// Also save a copy in sender's Sent folder.
s.saveSentCopy(ctx, raw)
// Save a Sent copy only for regular (non-relay) authenticated users.
if s.user != nil && !s.user.IsRelay {
s.saveSentCopy(ctx, raw)
}
return nil
}
@@ -189,6 +216,7 @@ func (s *SubmissionSession) Data(r io.Reader) error {
func (s *SubmissionSession) Reset() {
s.from = ""
s.rcpts = s.rcpts[:0]
s.ipRelayMode = false
}
func (s *SubmissionSession) Logout() error { return nil }
+177 -4
View File
@@ -8,6 +8,7 @@ import (
"log"
"net"
"net/http"
"net/mail"
"strconv"
"strings"
"time"
@@ -107,10 +108,11 @@ func (s *Server) domainsCreate(w http.ResponseWriter, r *http.Request) {
type domainDetailData struct {
basePage
Domain *models.Domain
Users []*models.User
Hostname string
Domain *models.Domain
Users []*models.User
Hostname string
DMARCReportCount int
RelayIPRules []*models.RelayIPRule
// DNS records (what to configure)
MXRecord string
DKIMRecord string
@@ -160,6 +162,7 @@ func (s *Server) domainDetail(w http.ResponseWriter, r *http.Request) {
}
dmarcCount, _ := s.deps.DB.DMARCReportCount(ctx, id)
relayRules, _ := s.deps.DB.GetRelayIPRules(ctx, id)
s.render(w, "domain", domainDetailData{
basePage: s.newBase(r, flash, errMsg),
@@ -167,6 +170,7 @@ func (s *Server) domainDetail(w http.ResponseWriter, r *http.Request) {
Users: users,
Hostname: hostname,
DMARCReportCount: dmarcCount,
RelayIPRules: relayRules,
MXRecord: fmt.Sprintf(`%s IN MX 10 %s.`, dom.Name, hostname),
DKIMRecord: dkimRec,
SPFHint: fmt.Sprintf(`%s IN TXT "v=spf1 a mx ~all"`, dom.Name),
@@ -403,6 +407,8 @@ func (s *Server) usersCreate(w http.ResponseWriter, r *http.Request) {
quotaMB, _ := strconv.ParseInt(r.FormValue("quota_mb"), 10, 64)
domainAdmin := r.FormValue("domain_admin") == "1"
isRelay := r.FormValue("relay") == "1"
if domainID <= 0 || !validUsername(username) || len(password) < 8 || len(password) > 1024 {
redirect(w, r, "/admin/users", "", "Invalid input. Username must be alphanumeric, password min 8 chars.")
return
@@ -437,6 +443,15 @@ func (s *Server) usersCreate(w http.ResponseWriter, r *http.Request) {
return
}
if isRelay {
if err := s.deps.DB.SetUserIsRelay(ctx, userID, true); err != nil {
log.Printf("[admin] set relay flag: %v", err)
}
// Relay users skip mailbox/calendar/address book creation.
redirect(w, r, fmt.Sprintf("/admin/users/%d", userID), "Relay user created.", "")
return
}
// Create default mailboxes, calendar, address book.
if err := createDefaultMailboxes(ctx, s.deps.DB, userID); err != nil {
log.Printf("[admin] default mailboxes: %v", err)
@@ -453,7 +468,8 @@ func (s *Server) usersCreate(w http.ResponseWriter, r *http.Request) {
type userDetailData struct {
basePage
U *db.UserWithDomain
U *db.UserWithDomain
SendAs []*models.RelaySendAs
}
func (s *Server) userDetail(w http.ResponseWriter, r *http.Request) {
@@ -479,10 +495,16 @@ func (s *Server) userDetail(w http.ResponseWriter, r *http.Request) {
return
}
var sendAs []*models.RelaySendAs
if found.IsRelay {
sendAs, _ = s.deps.DB.GetRelaySendAs(ctx, found.ID)
}
flash, errMsg := flashFrom(r)
s.render(w, "user", userDetailData{
basePage: s.newBase(r, flash, errMsg),
U: found,
SendAs: sendAs,
})
}
@@ -848,6 +870,157 @@ func generateToken(n int) (string, error) {
return fmt.Sprintf("%x", buf), nil
}
// ---- Relay user management ----
func (s *Server) userRelayToggle(w http.ResponseWriter, r *http.Request) {
ctx, cancel := context.WithTimeout(r.Context(), 5*time.Second)
defer cancel()
if !s.validateCSRF(w, r) {
return
}
id := pathID(r, "id")
enable := r.FormValue("relay") == "1"
if err := s.deps.DB.SetUserIsRelay(ctx, id, enable); err != nil {
log.Printf("[admin] user relay toggle: %v", err)
redirect(w, r, fmt.Sprintf("/admin/users/%d", id), "", "Failed to update relay mode.")
return
}
msg := "Relay mode enabled."
if !enable {
msg = "Relay mode disabled."
}
redirect(w, r, fmt.Sprintf("/admin/users/%d", id), msg, "")
}
func (s *Server) userRelayAddSendAs(w http.ResponseWriter, r *http.Request) {
ctx, cancel := context.WithTimeout(r.Context(), 5*time.Second)
defer cancel()
if !s.validateCSRF(w, r) {
return
}
id := pathID(r, "id")
pattern := strings.ToLower(strings.TrimSpace(r.FormValue("pattern")))
if !validRelayPattern(pattern) {
redirect(w, r, fmt.Sprintf("/admin/users/%d", id), "", "Invalid pattern. Use exact email or *@domain.com.")
return
}
if err := s.deps.DB.AddRelaySendAs(ctx, id, pattern); err != nil {
log.Printf("[admin] add relay sendas: %v", err)
redirect(w, r, fmt.Sprintf("/admin/users/%d", id), "", "Failed to add pattern.")
return
}
redirect(w, r, fmt.Sprintf("/admin/users/%d", id), "Pattern added.", "")
}
func (s *Server) userRelayDeleteSendAs(w http.ResponseWriter, r *http.Request) {
ctx, cancel := context.WithTimeout(r.Context(), 5*time.Second)
defer cancel()
if !s.validateCSRF(w, r) {
return
}
id := pathID(r, "id")
sid, err := strconv.ParseInt(r.PathValue("sid"), 10, 64)
if err != nil || sid <= 0 {
http.NotFound(w, r)
return
}
if err := s.deps.DB.DeleteRelaySendAs(ctx, sid, id); err != nil {
log.Printf("[admin] delete relay sendas: %v", err)
}
redirect(w, r, fmt.Sprintf("/admin/users/%d", id), "Pattern removed.", "")
}
// ---- Relay IP rules (per domain) ----
func (s *Server) domainRelayAdd(w http.ResponseWriter, r *http.Request) {
ctx, cancel := context.WithTimeout(r.Context(), 5*time.Second)
defer cancel()
if !s.validateCSRF(w, r) {
return
}
id := pathID(r, "id")
cidr := strings.TrimSpace(r.FormValue("cidr"))
senderPattern := strings.ToLower(strings.TrimSpace(r.FormValue("sender_pattern")))
description := strings.TrimSpace(r.FormValue("description"))
if !validCIDR(cidr) {
redirect(w, r, fmt.Sprintf("/admin/domains/%d", id), "", "Invalid IP or CIDR notation.")
return
}
if !validRelayPattern(senderPattern) {
redirect(w, r, fmt.Sprintf("/admin/domains/%d", id), "", "Invalid sender pattern. Use exact email or *@domain.com.")
return
}
if len(description) > 255 {
description = description[:255]
}
if err := s.deps.DB.AddRelayIPRule(ctx, id, cidr, senderPattern, description); err != nil {
log.Printf("[admin] add relay ip rule: %v", err)
redirect(w, r, fmt.Sprintf("/admin/domains/%d", id), "", "Failed to add rule.")
return
}
redirect(w, r, fmt.Sprintf("/admin/domains/%d", id), "IP relay rule added.", "")
}
func (s *Server) domainRelayDelete(w http.ResponseWriter, r *http.Request) {
ctx, cancel := context.WithTimeout(r.Context(), 5*time.Second)
defer cancel()
if !s.validateCSRF(w, r) {
return
}
id := pathID(r, "id")
rid, err := strconv.ParseInt(r.PathValue("rid"), 10, 64)
if err != nil || rid <= 0 {
http.NotFound(w, r)
return
}
if err := s.deps.DB.DeleteRelayIPRule(ctx, rid, id); err != nil {
log.Printf("[admin] delete relay ip rule: %v", err)
}
redirect(w, r, fmt.Sprintf("/admin/domains/%d", id), "Rule removed.", "")
}
// validRelayPattern accepts exact email addresses or *@domain.com wildcards.
func validRelayPattern(pattern string) bool {
if pattern == "" || len(pattern) > 255 {
return false
}
if strings.HasPrefix(pattern, "*@") {
return validDomain(pattern[2:])
}
// Must be a valid, bare email address.
addr, err := mail.ParseAddress(pattern)
return err == nil && strings.EqualFold(addr.Address, pattern)
}
// validCIDR accepts a plain IP or CIDR notation.
func validCIDR(s string) bool {
if s == "" || len(s) > 50 {
return false
}
if strings.Contains(s, "/") {
_, _, err := net.ParseCIDR(s)
return err == nil
}
return net.ParseIP(s) != nil
}
// validDomain accepts simple dot-separated labels (a-z0-9 and hyphens).
func validDomain(s string) bool {
if len(s) < 3 || len(s) > 253 {
+5
View File
@@ -93,6 +93,11 @@ func (s *Server) setupRoutes() {
m.HandleFunc("POST /admin/users/{id}/update", s.require(s.userUpdate))
m.HandleFunc("POST /admin/users/{id}/password", s.require(s.userPassword))
m.HandleFunc("POST /admin/users/{id}/delete", s.require(s.userDelete))
m.HandleFunc("POST /admin/users/{id}/relay/toggle", s.require(s.userRelayToggle))
m.HandleFunc("POST /admin/users/{id}/relay/sendas", s.require(s.userRelayAddSendAs))
m.HandleFunc("POST /admin/users/{id}/relay/{sid}/delete", s.require(s.userRelayDeleteSendAs))
m.HandleFunc("POST /admin/domains/{id}/relay/add", s.require(s.domainRelayAdd))
m.HandleFunc("POST /admin/domains/{id}/relay/{rid}/delete", s.require(s.domainRelayDelete))
m.HandleFunc("GET /admin/queue", s.require(s.queueList))
m.HandleFunc("POST /admin/queue/{id}/retry", s.require(s.queueRetry))