git.proxmox.com Git - pmg-api.git/commit

author	Dominik Csapak <d.csapak@proxmox.com>
	Wed, 18 Nov 2020 10:59:36 +0000 (11:59 +0100)
committer	Thomas Lamprecht <t.lamprecht@proxmox.com>
	Wed, 18 Nov 2020 16:04:38 +0000 (17:04 +0100)
commit	6558ebc690d88a67ce155f84b005513e646977b3
tree	e5e491fd6ea02735e99cff94e8a2be470bda1879	tree
parent	f9fb1781895aa8fb23072402675c5323cbbb4585	commit \| diff

api2/quarantine: add global sendlink api call

this api call takes an email, checks it against the relay domains,
and prepares a custom quarantinelink for that email and sends it there

this has to happen unauthenticated, since the idea is that the user
want to access the quarantine but has no current ticket (and no
old spam report with a ticket)

we rate limit the requests by allowing only a request per 5 seconds
(to prevent dos'ing the internal mail server) and only
one request per user/hour

this api call is disabled by default

if admins want even more ratelimiting, they can setup something
like fail2ban to block hosts hitting this api call often

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>

src/PMG/API2/Quarantine.pm		diff \| blob \| blame \| history
src/PMG/HTTPServer.pm		diff \| blob \| blame \| history