Feature Request for MailWatch 2.0

[endelwar]

This issue should contain all feature request for the next major version of MailWatch

Feature should be voted with a 👍 or a 👎

[Skywalker-11]

Move settings that are currently in the conf.php (time, language, date format, ...) to db and create overwrites as follows: user settings overwrites domain default overwrites server default

[shawniverson]

I occasionally get requests to enable/disable certain aspect of the GUI, that would be nice to be able to customize them per user and/or globally, such as the legend, real time graph, etc.

[pztop]

I'd like to see MailWatch improve its whitelist/blacklist feature. If it can handle wildcard it will be great. (Even better with a pre-defined expire time.) Lots time I need to whitelist an email address based on FROM only.

[stefaweb]

Concerning whitelist and blacklist, It will be nice to have a system of mass search and delete.

[pztop]

@Skywalker-11 The current MailWatch only allow me to blacklist/whitelist match both FROM and TO address. For example, whitelist emails "FROM aaa@bad_mta.tld TO *@mydomain.tld".

We have a client who has a badly configured mail server (no PTR record and wrong SPF) send us email to [email protected] so the email get blocked. I whitelisted this in MailWatch. Later this client send another email to [email protected] and [email protected] then the mail got blocked again. I wish I can make a rule, say, let's whitelist all emails "FROM aaa@bad_mta.tld TO *@mydomain.tld". This is what I mean the wildcard * (asterisk) feature.

[Skywalker-11]

@pztop if I'm not mistaken this should work already with 1.2.7: from=bad_mta.tld to=mydomain.com (enter nothing in field before @)

[pztop]

@Skywalker-11 Sorry I am not aware of that. I'll give a try on 1.2.7. Thank you.

[Skywalker-11]

As requested by @Stephanowicz in #1039: make geoip lookup optional and triggered by a button on the detail page to reduce loading time in case of failing reverse lookup

[Skywalker-11]

Evaluate faster gethostbyaddr function: #1039 (comment)

[Skywalker-11]

#1052

Hello!

What do you think to add a feature to alert admin by mail when "queue" is too high (input or output)?

define('QUEUE_IN_ALERT', '100');
define('QUEUE_OUT_ALERT', '100');

Cheers,

[sriccio]

I'm not sure if this is already on the roadmap for 2.0, but having a better MVC approach of the project (particulary the V part) introducing templates for easier look (themes) modding of the interface would be neat.
Some people could then craft some nice more 2018 looking interface :)

[sriccio]

Support for plus addressing would be interresting too.

You can look at my ticket on EFA here about it: E-F-A/v3#413

[Skywalker-11]

Add checks if required perl modules are installed

[endelwar]

Expanding concept in #1050: an Admin/Domain admin managed custom link list in tools and links

[Skywalker-11]

One more. 😃

Switch to SHA512-CRYPT for password and others stuff using MD5.

#1008 (comment)

[stefaweb]

For the SHA512-CRYPT.
An idea gleaned from another opensource project to have a backward compatibility with previous version of MailWatch.

To store password use:

{SHA512-CRYPT}sha512-crypt-passsword
{MD5}md5-passsword

During upgrade process from MailWatch 1.2.x -> 2.0, convert direct MD5 stored password to the new schema {MD5}md5-passsword.

Code can know the type of crypt with this system. No needed to generate new password for existing users. We can also add a system to ask user during login to upgrade their password to generate new SHA512-CRYPT password for a better security.

[endelwar]

@stefaweb this trick is already in use, look here

MailWatch/mailscanner/checklogin.php

Lines 96 to 111 in fc680d1

	$passwordInDb = database::mysqli_result($result, 0, 'password');
	if (!password_verify($mypassword, $passwordInDb)) {
	if (!hash_equals(md5($mypassword), $passwordInDb)) {
	header('Location: login.php?error=baduser');
	die();
	}
	$newPasswordHash = password_hash($mypassword, PASSWORD_DEFAULT);
	updateUserPasswordHash($myusername, $newPasswordHash);
	} else {
	// upgraded password is valid, continue as normal
	if (password_needs_rehash($passwordInDb, PASSWORD_DEFAULT)) {
	$newPasswordHash = password_hash($mypassword, PASSWORD_DEFAULT);
	updateUserPasswordHash($myusername, $newPasswordHash);
	}
	}

At the moment password_hash is in use, and CRYPT_BLOWFISH is the hashing algorithm used to crypt password

[Skywalker-11]

#1094
Permission system with different assignable roles for different tasks

[mealerz]

Hi, are there any instructions for the develop branch I could have? I am getting many errors and cannot load variables in conf.php. I have installed composer, but still not working. I am running on php 7.2. Thank you.

[asuweb]

@mealerz - the develop branch is still very much work in progress - isn't not stable and should not be used in production - if of course you're looking to help develop it, then all help is welcome.

If you haven't already, you'll need to create the .env file - there's an example called .env.dist (I think). Basically it is this which provides symphony with the DB credentials

If you're using PHP 7.2, you'll likely also get a session cookie issue, if so, comment out the line it points to in functions.php and that will temporarily fix that.

As above - this is not fit for production and only for development at the moment. I know many people ran 1.2 in develop branch, but V2.0 is a different beast.

[Skywalker-11]

Most of the code probably will change due to the migration to symfony and a mvc like structure.
I currently am working on the authentication system and user management part and hope to upload it sometime next week

[rickyboone]

To add to the ideas so far about the whitelist/blacklist, perhaps a comment or notes field (with a setting to make it mandatory or not) and an automatic timestamp when the entry was added?