From 513af622e5bf6ad0569724fa64f25e423e240788 Mon Sep 17 00:00:00 2001 From: William Desportes Date: Fri, 8 Jul 2022 00:15:18 +0200 Subject: [PATCH 1/5] Add allow-plugins to composer.json Ref: https://getcomposer.org/doc/06-config.md#allow-plugins --- composer.json | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/composer.json b/composer.json index f5165ef..806d484 100644 --- a/composer.json +++ b/composer.json @@ -13,5 +13,10 @@ ], "require": { "roundcube/plugin-installer": ">=0.1.6" + }, + "config": { + "allow-plugins": { + "roundcube/plugin-installer": true + } } -} \ No newline at end of file +} From 004943c1c8e40dcc8e6f3de2981b93db14c0505b Mon Sep 17 00:00:00 2001 From: William Desportes Date: Fri, 8 Jul 2022 00:15:32 +0200 Subject: [PATCH 2/5] Add a .gitignore and .gitattributes file --- .gitattributes | 2 ++ .gitignore | 2 ++ 2 files changed, 4 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..de2f316 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,2 @@ +.gitignore export-ignore +.gitattributes export-ignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..7602b69 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +/vendor +/composer.lock \ No newline at end of file From 9affcb8ea0dc29b88875e0557fbb3ee75008b1cb Mon Sep 17 00:00:00 2001 From: William Desportes Date: Fri, 8 Jul 2022 00:17:59 +0200 Subject: [PATCH 3/5] Trim trailing whitespaces --- tls_icon.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tls_icon.php b/tls_icon.php index 22420d7..16a1a07 100644 --- a/tls_icon.php +++ b/tls_icon.php @@ -1,7 +1,7 @@ add_hook('message_headers_output', array($this, 'message_headers')); $this->add_hook('storage_init', array($this, 'storage_init')); - + $this->include_stylesheet('tls_icon.css'); $this->add_texts('localization/'); } - + function get_received_header_content($Received_Header) { $Received = null; @@ -41,7 +41,7 @@ public function storage_init($p) $p['fetch_headers'] = trim(($p['fetch_headers']?? '') . ' ' . strtoupper('Received')); return $p; } - + public function message_headers($p) { if($this->message_headers_done===false) @@ -50,12 +50,12 @@ public function message_headers($p) $Received_Header = $p['headers']->others['received'] ?? null; $Received = $this->get_received_header_content($Received_Header); - + if($Received == null) { // There was no Received Header. Possibly an outbound mail. Do nothing. return $p; } - + if ( preg_match_all('/\(using TLS.*.*\) \(/im', $Received, $items, PREG_PATTERN_ORDER) ) { $data = $items[0][0]; @@ -66,11 +66,11 @@ public function message_headers($p) $needle = ") ("; $pos = strrpos($data, $needle); $data = substr_replace($data, "", $pos, strlen($needle)); - + $this->icon_img .= ''; } else if(preg_match_all('/\([a-zA-Z]*, from userid [0-9]*\)/im', $Received, $items, PREG_PATTERN_ORDER)){ $this->icon_img .= ''; - } + } else { // TODO: Mails received from localhost but without TLS are currently flagged insecure $this->icon_img .= ''; From b28b8d35ff237c7cd78842f300e46447feb9fbda Mon Sep 17 00:00:00 2001 From: William Desportes Date: Fri, 8 Jul 2022 00:21:08 +0200 Subject: [PATCH 4/5] Add French translation --- localization/fr_FR.inc | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 localization/fr_FR.inc diff --git a/localization/fr_FR.inc b/localization/fr_FR.inc new file mode 100644 index 0000000..e745b90 --- /dev/null +++ b/localization/fr_FR.inc @@ -0,0 +1,6 @@ + Date: Fri, 8 Jul 2022 00:27:33 +0200 Subject: [PATCH 5/5] Improve the README --- README.md | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 8884488..f8cda21 100644 --- a/README.md +++ b/README.md @@ -3,11 +3,17 @@ Displays a small icon after the subject line that displays the (presumed) encryption state of received mails. This plugin parses the "Received" header for the last hop and checks if TLS was used. This requires TLS logging in the receiving MTA. -In Postfix this can be enabled by setting `smtpd_tls_received_header = yes`. The regex used to parse the header has only been tested against Postfix. +In Postfix this can be enabled by setting [`smtpd_tls_received_header = yes`](https://www.postfix.org/postconf.5.html#smtpd_tls_received_header). The regex used to parse the header has only been tested against Postfix. Note that while this talks about "encryption", this does not imply security. An encrypted mail may still be insecure, mostly because mailservers generally use "opportunistic TLS", where MITM attacks are possible. This also only validates the last hop of an email - some emails may run through multiple hops and we don't know anything about the security of these. -Inspired by https://github.com/SS88UK/roundcube-easy-unsubscribe +Inspired by [roundcube-easy-unsubscribe](https://github.com/SS88UK/roundcube-easy-unsubscribe) -![Example screenshot](tls_icon_example.png) \ No newline at end of file +![Example screenshot](tls_icon_example.png) + +## Installation + +The [composer library](https://packagist.org/packages/germancoding/tls_icon) name is: `germancoding/tls_icon`. + +The plugin name to add to your config file is: `tls_icon`.