From 08cc7f673c377bf88897743e340097e93f1e95f4 Mon Sep 17 00:00:00 2001
From: ftimme <ft@falkotimme.com>
Date: Wed, 16 Jan 2013 09:30:05 -0500
Subject: [PATCH] - Changed regex for redirect path (Web sites, subdomains, vhost subdomains, alias domains) and web folder (vhost subdomains) so that ".." is not allowed (in order to prevent path traversals). - nginx: don't allow folders for proxy redirects (subdomains and alias domains); URL is required. - nginx: modified rewriting.

---
 server/plugins-available/postfix_server_plugin.inc.php |   17 ++++++++++++++++-
 1 files changed, 16 insertions(+), 1 deletions(-)

diff --git a/server/plugins-available/postfix_server_plugin.inc.php b/server/plugins-available/postfix_server_plugin.inc.php
index e426eb1..98dd675 100644
--- a/server/plugins-available/postfix_server_plugin.inc.php
+++ b/server/plugins-available/postfix_server_plugin.inc.php
@@ -106,7 +106,22 @@
 		} else {
 			exec("postconf -e 'relayhost ='");
 		}
-		
+
+		if($mail_config['realtime_blackhole_list'] != '') {
+			$rbl_hosts = explode(",",str_replace(" ", "", $mail_config['realtime_blackhole_list']));
+			$options = explode(", ", exec("postconf -h smtpd_recipient_restrictions"));
+			foreach ($options as $key => $value) {
+				if (!preg_match('/reject_rbl_client/', $value)) {
+					$new_options[] = $value;
+				}
+			}
+			foreach ($rbl_hosts as $key => $value) {
+				$new_options[] = "reject_rbl_client ".$value;
+			}
+			
+			exec("postconf -e 'smtpd_recipient_restrictions = ".implode(", ", $new_options)."'");
+		}
+
 		exec("postconf -e 'mailbox_size_limit = ".intval($mail_config['mailbox_size_limit']*1024*1024)."'");
 		exec("postconf -e 'message_size_limit = ".intval($mail_config['message_size_limit']*1024*1024)."'");
 		

--
Gitblit v1.9.1