Mirrors/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2024-11-14 23:22:52 +01:00
Code Issues Releases Activity

fixes for company blacklists and whitelists + system logs

Browse Source
This commit is contained in:
paulwer 2024-03-24 11:40:17 +01:00
parent a6d09a2ce5
commit 8031f1c277
3 changed files with 34 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Models/SystemLog.php
View File

@ -113,6 +113,8 @@ class SystemLog extends Model
public const EVENT_USER = 61; public const EVENT_USER = 61;
public const EVENT_INGEST_EMAIL_FAILURE = 62;
/*Type IDs*/ /*Type IDs*/
public const TYPE_PAYPAL = 300; public const TYPE_PAYPAL = 300;

39
app/Services/IngresEmail/IngresEmailEngine.php
View File

@ -13,8 +13,10 @@ namespace App\Services\IngresEmail;
use App\Events\Expense\ExpenseWasCreated; use App\Events\Expense\ExpenseWasCreated;
use App\Factory\ExpenseFactory; use App\Factory\ExpenseFactory;
use App\Jobs\Util\SystemLogger;
use App\Libraries\MultiDB; use App\Libraries\MultiDB;
use App\Models\Company; use App\Models\Company;
use App\Models\SystemLog;
use App\Models\Vendor; use App\Models\Vendor;
use App\Models\VendorContact; use App\Models\VendorContact;
use App\Services\IngresEmail\IngresEmail; use App\Services\IngresEmail\IngresEmail;
@ -65,7 +67,7 @@ class IngresEmailEngine
{ {
// invalid email // invalid email
if (!filter_var($this->email->from, FILTER_VALIDATE_EMAIL)) { if (!filter_var($this->email->from, FILTER_VALIDATE_EMAIL)) {
Log::info('[IngressMailEngine] E-Mail blocked, because from e-mail has the wrong format: ' . $this->email->from); $this->log('E-Mail blocked, because from e-mail has the wrong format: ' . $this->email->from);
return true; return true;
} }
@ -74,11 +76,11 @@ class IngresEmailEngine
// global blacklist // global blacklist
if (in_array($domain, $this->globalBlacklistDomains)) { if (in_array($domain, $this->globalBlacklistDomains)) {
Log::info('[IngressMailEngine] E-Mail blocked, because the domain was found on globalBlocklistDomains: ' . $this->email->from); $this->log('E-Mail blocked, because the domain was found on globalBlocklistDomains: ' . $this->email->from);
return true; return true;
} }
if (in_array($this->email->from, $this->globalBlacklistEmails)) { if (in_array($this->email->from, $this->globalBlacklistEmails)) {
Log::info('[IngressMailEngine] E-Mail blocked, because the email was found on globalBlocklistEmails: ' . $this->email->from); $this->log('E-Mail blocked, because the email was found on globalBlocklistEmails: ' . $this->email->from);
return true; return true;
} }
@ -89,12 +91,12 @@ class IngresEmailEngine
// sender occured in more than 500 emails in the last 12 hours // sender occured in more than 500 emails in the last 12 hours
$senderMailCountTotal = Cache::get('ingresEmailSender:' . $this->email->from, 0); $senderMailCountTotal = Cache::get('ingresEmailSender:' . $this->email->from, 0);
if ($senderMailCountTotal >= 5000) { if ($senderMailCountTotal >= 5000) {
Log::info('[IngressMailEngine] E-Mail blocked permanent, because the sender sended more than ' . $senderMailCountTotal . ' emails in the last 12 hours: ' . $this->email->from); $this->log('E-Mail blocked permanent, because the sender sended more than ' . $senderMailCountTotal . ' emails in the last 12 hours: ' . $this->email->from);
$this->blockSender(); $this->blockSender();
return true; return true;
} }
if ($senderMailCountTotal >= 1000) { if ($senderMailCountTotal >= 1000) {
Log::info('[IngressMailEngine] E-Mail blocked, because the sender sended more than ' . $senderMailCountTotal . ' emails in the last 12 hours: ' . $this->email->from); $this->log('E-Mail blocked, because the sender sended more than ' . $senderMailCountTotal . ' emails in the last 12 hours: ' . $this->email->from);
$this->saveMeta(); $this->saveMeta();
return true; return true;
} }
@ -102,7 +104,7 @@ class IngresEmailEngine
// sender sended more than 50 emails to the wrong mailbox in the last 6 hours // sender sended more than 50 emails to the wrong mailbox in the last 6 hours
$senderMailCountUnknownRecipent = Cache::get('ingresEmailSenderUnknownRecipent:' . $this->email->from, 0); $senderMailCountUnknownRecipent = Cache::get('ingresEmailSenderUnknownRecipent:' . $this->email->from, 0);
if ($senderMailCountUnknownRecipent >= 50) { if ($senderMailCountUnknownRecipent >= 50) {
Log::info('[IngressMailEngine] E-Mail blocked, because the sender sended more than ' . $senderMailCountUnknownRecipent . ' emails to the wrong mailbox in the last 6 hours: ' . $this->email->from); $this->log('E-Mail blocked, because the sender sended more than ' . $senderMailCountUnknownRecipent . ' emails to the wrong mailbox in the last 6 hours: ' . $this->email->from);
$this->saveMeta(); $this->saveMeta();
return true; return true;
} }
@ -110,7 +112,7 @@ class IngresEmailEngine
// wrong recipent occurs in more than 100 emails in the last 12 hours, so the processing is blocked // wrong recipent occurs in more than 100 emails in the last 12 hours, so the processing is blocked
$mailCountUnknownRecipent = Cache::get('ingresEmailUnknownRecipent:' . $this->email->to, 0); // @turbo124 maybe use many to save resources in case of spam with multiple to addresses each time $mailCountUnknownRecipent = Cache::get('ingresEmailUnknownRecipent:' . $this->email->to, 0); // @turbo124 maybe use many to save resources in case of spam with multiple to addresses each time
if ($mailCountUnknownRecipent >= 100) { if ($mailCountUnknownRecipent >= 100) {
Log::info('[IngressMailEngine] E-Mail blocked, because anyone sended more than ' . $mailCountUnknownRecipent . ' emails to the wrong mailbox in the last 12 hours. Current sender was blocked as well: ' . $this->email->from); $this->log('E-Mail blocked, because anyone sended more than ' . $mailCountUnknownRecipent . ' emails to the wrong mailbox in the last 12 hours. Current sender was blocked as well: ' . $this->email->from);
$this->blockSender(); $this->blockSender();
return true; return true;
} }
@ -154,15 +156,15 @@ class IngresEmailEngine
{ {
// Skipping executions: will not result in not saving Metadata to prevent usage of these conditions, to spam // Skipping executions: will not result in not saving Metadata to prevent usage of these conditions, to spam
if (!$this->validateExpenseShouldProcess()) { if (!$this->validateExpenseShouldProcess()) {
Log::info('email parsing not active for this company: ' . $this->company->id . ' from: ' . $this->email->from); $this->log('email parsing not active for this company. from: ' . $this->email->from);
return; return;
} }
if (!$this->validateExpenseSender()) { if (!$this->validateExpenseSender()) {
Log::info('invalid sender of an ingest email to company: ' . $this->company->id . ' from: ' . $this->email->from); $this->log('invalid sender of an ingest email for this company. from: ' . $this->email->from);
return; return;
} }
if (sizeOf($this->email->documents) == 0) { if (sizeOf($this->email->documents) == 0) {
Log::info('email does not contain any attachments and is likly not an expense. company: ' . $this->company->id . ' from: ' . $this->email->from); $this->log('email does not contain any attachments and is likly not an expense. from: ' . $this->email->from);
return; return;
} }
@ -218,7 +220,7 @@ class IngresEmailEngine
return false; return false;
// allow unknown // allow unknown
if ($this->company->expense_mailbox_allow_unknown && sizeOf($email_whitelist) == 0 && sizeOf($domain_whitelist) == 0) // from unknown only, when no whitelists are defined if ($this->company->expense_mailbox_allow_unknown)
return true; return true;
// own users // own users
@ -249,4 +251,19 @@ class IngresEmailEngine
return $vendor; return $vendor;
} }
private function log(string $data)
{
Log::info("[IngresEmailEngine][company:" . $this->company->id . "] " . $data);
(
new SystemLogger(
$data,
SystemLog::CATEGORY_MAIL,
SystemLog::EVENT_INGEST_EMAIL_FAILURE,
SystemLog::TYPE_CUSTOM,
null,
$this->company
)
)->handle();
}
} }

8
database/migrations/2023_12_10_110951_create_imap_configuration_fields.php
View File

@ -17,10 +17,10 @@ return new class extends Migration {
$table->boolean("expense_mailbox_allow_company_users")->default(false); $table->boolean("expense_mailbox_allow_company_users")->default(false);
$table->boolean("expense_mailbox_allow_vendors")->default(false); $table->boolean("expense_mailbox_allow_vendors")->default(false);
$table->boolean("expense_mailbox_allow_unknown")->default(false); $table->boolean("expense_mailbox_allow_unknown")->default(false);
$table->string("expense_mailbox_whitelist_domains")->nullable(); $table->text("expense_mailbox_whitelist_domains")->nullable();
$table->string("expense_mailbox_whitelist_emails")->nullable(); $table->text("expense_mailbox_whitelist_emails")->nullable();
$table->string("expense_mailbox_blacklist_domains")->nullable(); $table->text("expense_mailbox_blacklist_domains")->nullable();
$table->string("expense_mailbox_blacklist_emails")->nullable(); $table->text("expense_mailbox_blacklist_emails")->nullable();
}); });
Schema::table('vendors', function (Blueprint $table) { Schema::table('vendors', function (Blueprint $table) {
$table->string("invoicing_email")->nullable(); $table->string("invoicing_email")->nullable();