Commit c7bde0cf authored by Marius Burkard's avatar Marius Burkard
Browse files

Merge branch '6113-undo-delete-mailbox' into 'develop'

Safe delete for mailboxes

Closes #6113

See merge request !1454
parents 51119d7c 0fd8879d
Pipeline #11844 passed with stage
in 9 seconds
......@@ -342,3 +342,5 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
$wb['mailbox_soft_delete_txt'] = 'Mailbox soft delete';
$wb['mailbox_soft_delete_info_txt'] = 'by default cleaned up after 7 days.';
......@@ -342,3 +342,5 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
$wb['mailbox_soft_delete_txt'] = 'Mailbox soft delete';
$wb['mailbox_soft_delete_info_txt'] = 'by default cleaned up after 7 days.';
......@@ -342,3 +342,5 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
$wb['mailbox_soft_delete_txt'] = 'Mailbox soft delete';
$wb['mailbox_soft_delete_info_txt'] = 'by default cleaned up after 7 days.';
......@@ -342,3 +342,5 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
$wb['mailbox_soft_delete_txt'] = 'Mailbox soft delete';
$wb['mailbox_soft_delete_info_txt'] = 'by default cleaned up after 7 days.';
......@@ -342,3 +342,5 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
$wb['mailbox_soft_delete_txt'] = 'Mailbox soft delete';
$wb['mailbox_soft_delete_info_txt'] = 'by default cleaned up after 7 days.';
......@@ -342,3 +342,5 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
$wb['mailbox_soft_delete_txt'] = 'Mailbox soft delete';
$wb['mailbox_soft_delete_info_txt'] = 'by default cleaned up after 7 days.';
......@@ -342,3 +342,5 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
$wb['mailbox_soft_delete_txt'] = 'Mailbox soft delete';
$wb['mailbox_soft_delete_info_txt'] = 'by default cleaned up after 7 days.';
......@@ -339,3 +339,5 @@ $wb['tooltip_jailkit_hardlinks_txt'] = 'Using hardlinks is insecure, but saves d
$wb['jailkit_hardlinks_allow_txt'] = 'Allow hardlinks within the jail';
$wb['jailkit_hardlinks_no_txt'] = 'No, remove hardlinked files';
$wb['jailkit_hardlinks_yes_txt'] = 'Yes, use hardlinks if possible';
$wb['mailbox_soft_delete_txt'] = 'Mailbox soft delete';
$wb['mailbox_soft_delete_info_txt'] = 'by default cleaned up after 7 days.';
......@@ -140,6 +140,12 @@
<a data-toggle="tooltip" title="{tmpl_var name='tooltip_stress_adaptive_txt'}">{tmpl_var name="stress_adaptive"}</a>
</div>
</div>
<div class="form-group">
<label class="col-sm-3 control-label">{tmpl_var name='mailbox_soft_delete_txt'}</label>
<div class="col-sm-9">
{tmpl_var name='mailbox_soft_delete'}&nbsp;{tmpl_var name='mailbox_soft_delete_info_txt'}
</div>
</div>
<div class="form-group">
<label class="col-sm-3 control-label">{tmpl_var name='mailbox_quota_stats_txt'}</label>
<div class="col-sm-9">
......
......@@ -429,8 +429,19 @@ class mail_plugin {
$maildir_path_deleted = false;
$old_maildir_path = $data['old']['maildir'];
if($old_maildir_path != $mail_config['homedir_path'] && strlen($old_maildir_path) > strlen($mail_config['homedir_path']) && !stristr($old_maildir_path, '//') && !stristr($old_maildir_path, '..') && !stristr($old_maildir_path, '*') && strlen($old_maildir_path) >= 10) {
$app->system->exec_safe('rm -rf ?', $old_maildir_path);
$app->log('Deleted the Maildir: '.$data['old']['maildir'], LOGLEVEL_DEBUG);
if ($mail_config['mailbox_soft_delete'] == 'y') {
// Move it, adding a date based suffix. A cronjob should purge or archive.
$thrash_maildir_path = $old_maildir_path . '-deleted-' . date("YmdHis");
$app->system->exec_safe('mv ? ?', $old_maildir_path, $thrash_maildir_path);
// Update the dir's timestamp to make filtering on age easier in any cleanup cronjob.
$app->system->exec_safe('touch ?', $thrash_maildir_path);
$app->log('Renamed the Maildir: ' . $data['old']['maildir'] . ' to ' . $thrash_maildir_path, LOGLEVEL_DEBUG);
} else {
$app->system->exec_safe('rm -rf ?', $old_maildir_path);
$app->log('Deleted the Maildir: '.$data['old']['maildir'], LOGLEVEL_DEBUG);
}
$maildir_path_deleted = true;
} else {
$app->log('Possible security violation when deleting the maildir: '.$data['old']['maildir'], LOGLEVEL_ERROR);
......@@ -473,8 +484,19 @@ class mail_plugin {
//* Delete maildomain path
$old_maildomain_path = $mail_config['homedir_path'].'/'.$data['old']['domain'];
if($old_maildomain_path != $mail_config['homedir_path'] && !stristr($old_maildomain_path, '//') && !stristr($old_maildomain_path, '..') && !stristr($old_maildomain_path, '*') && !stristr($old_maildomain_path, '&') && strlen($old_maildomain_path) >= 10 && !empty($data['old']['domain'])) {
$app->system->exec_safe('rm -rf ?', $old_maildomain_path);
$app->log('Deleted the mail domain directory: '.$old_maildomain_path, LOGLEVEL_DEBUG);
if ($mail_config['mailbox_soft_delete'] == 'y') {
// Move it, adding a date based suffix. A cronjob should purge or archive.
$thrash_maildomain_path = $old_maildomain_path . '-deleted-' . date("YmdHis");
$app->system->exec_safe('mv ? ?', $old_maildomain_path, $thrash_maildomain_path);
// Update the dir's timestamp to make filtering on age easier in any cleanup cronjob.
$app->system->exec_safe('touch ?', $thrash_maildomain_path);
$app->log('Renamed the mail domain directory: ' . $old_maildomain_path . ' to ' . $thrash_maildomain_path, LOGLEVEL_DEBUG);
} else {
$app->system->exec_safe('rm -rf ?', $old_maildomain_path);
$app->log('Deleted the mail domain directory: '.$old_maildomain_path, LOGLEVEL_DEBUG);
}
$maildomain_path_deleted = true;
} else {
$app->log('Possible security violation when deleting the mail domain directory: '.$old_maildomain_path, LOGLEVEL_ERROR);
......
#!/bin/bash
# Archive directories for deleted mailboxes.
delay_days=7
# Test if there is something to do... to avoid 'No such file or directory' from find later.
ls /var/vmail/*/[a-z0-9.-]*-deleted-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9] >/dev/null 2>&1
if [ $? != 0 ]; then
exit 0;
fi
function remove_soft_deleted_mailbox {
dir=$1
echo "Purging $dir"
rm -r "$dir"
}
function compress_soft_deleted_mailbox {
dir=$1
backupfile="${dir}.tar.bz2"
# Test if backup file already exists
if [ -f $backupfile ]; then
# Skip
echo "ERROR: Backupfile($backupfile) exists!" >&2
continue
fi
echo "Compressing for $dir"
tar cvfj "$backupfile" --remove-files "$dir" 2> >( grep -v "tar: Removing leading" >&2)
}
# List deleted mailboxs to archive
# -mtime +7 ===> Only mailboxes deleted more then 7 days ago
# Test that the last dir component matches e.g. xxx-deleted-20220101094242 (14 digits)
# command: xxx-`date "+%Y%m%d%H%M%S"`
find /var/vmail/*/[a-z0-9.-]*-deleted-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9] -maxdepth 0 -type d -mtime +$delay_days | while read line; do
# example $line: "/var/vmail/example.com/info-20220101094242"
dir=$line
# Uncomment the desired cleanup method below, or be creative and create your own.
remove_soft_deleted_mailbox $dir
#compress_soft_deleted_mailbox $dir
done
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment