diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..de2f316 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,2 @@ +.gitignore export-ignore +.gitattributes export-ignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..7602b69 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +/vendor +/composer.lock \ No newline at end of file diff --git a/README.md b/README.md index 8884488..f8cda21 100644 --- a/README.md +++ b/README.md @@ -3,11 +3,17 @@ Displays a small icon after the subject line that displays the (presumed) encryption state of received mails. This plugin parses the "Received" header for the last hop and checks if TLS was used. This requires TLS logging in the receiving MTA. -In Postfix this can be enabled by setting `smtpd_tls_received_header = yes`. The regex used to parse the header has only been tested against Postfix. +In Postfix this can be enabled by setting [`smtpd_tls_received_header = yes`](https://www.postfix.org/postconf.5.html#smtpd_tls_received_header). The regex used to parse the header has only been tested against Postfix. Note that while this talks about "encryption", this does not imply security. An encrypted mail may still be insecure, mostly because mailservers generally use "opportunistic TLS", where MITM attacks are possible. This also only validates the last hop of an email - some emails may run through multiple hops and we don't know anything about the security of these. -Inspired by https://github.com/SS88UK/roundcube-easy-unsubscribe +Inspired by [roundcube-easy-unsubscribe](https://github.com/SS88UK/roundcube-easy-unsubscribe) -![Example screenshot](tls_icon_example.png) \ No newline at end of file +![Example screenshot](tls_icon_example.png) + +## Installation + +The [composer library](https://packagist.org/packages/germancoding/tls_icon) name is: `germancoding/tls_icon`. + +The plugin name to add to your config file is: `tls_icon`. diff --git a/composer.json b/composer.json index f5165ef..806d484 100644 --- a/composer.json +++ b/composer.json @@ -13,5 +13,10 @@ ], "require": { "roundcube/plugin-installer": ">=0.1.6" + }, + "config": { + "allow-plugins": { + "roundcube/plugin-installer": true + } } -} \ No newline at end of file +} diff --git a/localization/fr_FR.inc b/localization/fr_FR.inc new file mode 100644 index 0000000..e745b90 --- /dev/null +++ b/localization/fr_FR.inc @@ -0,0 +1,6 @@ +add_hook('message_headers_output', array($this, 'message_headers')); $this->add_hook('storage_init', array($this, 'storage_init')); - + $this->include_stylesheet('tls_icon.css'); $this->add_texts('localization/'); } - + function get_received_header_content($Received_Header) { $Received = null; @@ -41,7 +41,7 @@ public function storage_init($p) $p['fetch_headers'] = trim(($p['fetch_headers']?? '') . ' ' . strtoupper('Received')); return $p; } - + public function message_headers($p) { if($this->message_headers_done===false) @@ -50,12 +50,12 @@ public function message_headers($p) $Received_Header = $p['headers']->others['received'] ?? null; $Received = $this->get_received_header_content($Received_Header); - + if($Received == null) { // There was no Received Header. Possibly an outbound mail. Do nothing. return $p; } - + if ( preg_match_all('/\(using TLS.*.*\) \(/im', $Received, $items, PREG_PATTERN_ORDER) ) { $data = $items[0][0]; @@ -66,11 +66,11 @@ public function message_headers($p) $needle = ") ("; $pos = strrpos($data, $needle); $data = substr_replace($data, "", $pos, strlen($needle)); - + $this->icon_img .= ''; } else if(preg_match_all('/\([a-zA-Z]*, from userid [0-9]*\)/im', $Received, $items, PREG_PATTERN_ORDER)){ $this->icon_img .= ''; - } + } else { // TODO: Mails received from localhost but without TLS are currently flagged insecure $this->icon_img .= '';