[Web] Opt-In for third party ip_check

data/web/admin.php

@@ -103,6 +103,7 @@ $template_data = [
   'rsettings' => $rsettings,
   'rspamd_regex_maps' => $rspamd_regex_maps,
   'logo_specs' => customize('get', 'main_logo_specs'),
+  'ip_check' => customize('get', 'ip_check'),
   'password_complexity' => password_complexity('get'),
   'show_rspamd_global_filters' => @$_SESSION['show_rspamd_global_filters'],
   'lang_admin' => json_encode($lang['admin']),

data/web/debug.php

@@ -65,6 +65,7 @@ $template_data = [
   'solr_uptime' => round($solr_status['status']['dovecot-fts']['uptime'] / 1000 / 60 / 60),
   'clamd_status' => $clamd_status,
   'containers' => $containers,
+  'ip_check' => customize('get', 'ip_check'),
   'lang_admin' => json_encode($lang['admin']),
   'lang_debug' => json_encode($lang['debug']),
   'lang_datatables' => json_encode($lang['datatables']),

data/web/inc/functions.customize.inc.php

@@ -160,6 +160,25 @@ function customize($_action, $_item, $_data = null) {
             'msg' => 'ui_texts'
           );
         break;
+        case 'ip_check':
+          $ip_check = ($_data['ip_check_opt_in'] == "1") ? 1 : 0;
+          try {
+            $redis->set('IP_CHECK', $ip_check);
+          }
+          catch (RedisException $e) {
+            $_SESSION['return'][] = array(
+              'type' => 'danger',
+              'log' => array(__FUNCTION__, $_action, $_item, $_data),
+              'msg' => array('redis_error', $e)
+            );
+            return false;
+          }
+          $_SESSION['return'][] = array(
+            'type' => 'success',
+            'log' => array(__FUNCTION__, $_action, $_item, $_data),
+            'msg' => 'ip_check_opt_in_modified'
+          );
+        break;
       }
     break;
     case 'delete':
@@ -276,6 +295,20 @@ function customize($_action, $_item, $_data = null) {
             return false;
           }
         break;
+        case 'ip_check':
+          try {
+            $ip_check = ($ip_check = $redis->get('IP_CHECK')) ? $ip_check : 0;
+            return $ip_check;
+          }
+          catch (RedisException $e) {
+            $_SESSION['return'][] = array(
+              'type' => 'danger',
+              'log' => array(__FUNCTION__, $_action, $_item, $_data),
+              'msg' => array('redis_error', $e)
+            );
+            return false;
+          }
+        break;
       }
     break;
   }

data/web/json_api.php

@@ -1544,18 +1544,15 @@ if (isset($_GET['query'])) {
                   } 
                   else if ($extra == "ip") {
                     // get public ips
+                    
                     $curl = curl_init();
-                    curl_setopt($curl, CURLOPT_URL, 'http://ipv4.mailcow.email');
                     curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
                     curl_setopt($curl, CURLOPT_POST, 0);
-                    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10); 
-                    curl_setopt($ch, CURLOPT_TIMEOUT, 10);
+                    curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10);
+                    curl_setopt($curl, CURLOPT_TIMEOUT, 15);
+                    curl_setopt($curl, CURLOPT_URL, 'http://ipv4.mailcow.email');
                     $ipv4 = curl_exec($curl);
                     curl_setopt($curl, CURLOPT_URL, 'http://ipv6.mailcow.email');
-                    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
-                    curl_setopt($curl, CURLOPT_POST, 0);
-                    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10); 
-                    curl_setopt($ch, CURLOPT_TIMEOUT, 10);
                     $ipv6 = curl_exec($curl);
                     $ips = array(
                       "ipv4" => $ipv4,
@@ -1917,6 +1914,9 @@ if (isset($_GET['query'])) {
         case "ui_texts":
           process_edit_return(customize('edit', 'ui_texts', $attr));
         break;
+        case "ip_check":
+          process_edit_return(customize('edit', 'ip_check', $attr));
+        break;
         case "self":
           if ($_SESSION['mailcow_cc_role'] == "domainadmin") {
             process_edit_return(domain_admin('edit', $attr));

data/web/lang/lang.de-de.json

@@ -204,6 +204,9 @@
         "include_exclude": "Ein- und Ausschlüsse",
         "include_exclude_info": "Ohne Auswahl werden <b>alle Mailboxen</b> adressiert.",
         "includes": "Diese Empfänger einschließen",
+        "ip_check": "IP Check",
+        "ip_check_disabled": "IP check ist deaktiviert. Unter dem angegebenen Pfad kann es aktiviert werden<br> <strong>System > Configuration > Options > Customize</strong>",
+        "ip_check_opt_in": "Opt-In für die Nutzung der Drittanbieter-Dienste <strong>ipv4.mailcow.email</strong> und <strong>ipv6.mailcow.email</strong> zur Auflösung externer IP-Adressen.",
         "is_mx_based": "MX-basiert",
         "last_applied": "Zuletzt angewendet",
         "license_info": "Eine Lizenz ist nicht erforderlich, hilft jedoch der Entwicklung mailcows.<br><a href=\"https://www.servercow.de/mailcow#sal\" target=\"_blank\" alt=\"SAL Bestellung\">Hier kann die mailcow-GUID registriert werden.</a> Alternativ ist <a href=\"https://www.servercow.de/mailcow#support\" target=\"_blank\" alt=\"SAL Bestellung\">die Bestellung von Support-Paketen möglich</a>.",
@@ -1004,6 +1007,7 @@
         "forwarding_host_removed": "Weiterleitungs-Host %s wurde entfernt",
         "global_filter_written": "Filterdatei wurde erfolgreich geschrieben",
         "hash_deleted": "Hash wurde gelöscht",
+        "ip_check_opt_in_modified": "IP Check wurde erfolgreich gespeichert",
         "item_deleted": "Objekt %s wurde entfernt",
         "item_released": "Objekt %s freigegeben",
         "items_deleted": "Objekt(e) %s wurde(n) erfolgreich entfernt",

data/web/lang/lang.en-gb.json

@@ -206,6 +206,9 @@
         "include_exclude": "Include/Exclude",
         "include_exclude_info": "By default - with no selection - <b>all mailboxes</b> are addressed",
         "includes": "Include these recipients",
+        "ip_check": "IP Check",
+        "ip_check_disabled": "IP check is disabled. You can enable it under<br> <strong>System > Configuration > Options > Customize</strong>",
+        "ip_check_opt_in": "Opt-In for using third party service <strong>ipv4.mailcow.email</strong> and <strong>ipv6.mailcow.email</strong> to resolve external IP addresses.",
         "is_mx_based": "MX based",
         "last_applied": "Last applied",
         "license_info": "A license is not required but helps further development.<br><a href=\"https://www.servercow.de/mailcow?lang=en#sal\" target=\"_blank\" alt=\"SAL order\">Register your GUID here</a> or <a href=\"https://www.servercow.de/mailcow?lang=en#support\" target=\"_blank\" alt=\"Support order\">buy support for your mailcow installation.</a>",
@@ -1016,6 +1019,7 @@
         "forwarding_host_removed": "Forwarding host %s has been removed",
         "global_filter_written": "Filter was successfully written to file",
         "hash_deleted": "Hash deleted",
+        "ip_check_opt_in_modified": "IP check was saved successfully",
         "item_deleted": "Item %s successfully deleted",
         "item_released": "Item %s released",
         "items_deleted": "Item %s successfully deleted",

data/web/templates/admin/tab-config-customize.twig

@@ -33,6 +33,20 @@
           </div>
         </div>
       {% endif %}
+      <legend style="padding-top:20px" unselectable="on">{{ lang.admin.ip_check }}</legend><hr />
+      <div id="ip_check">
+        <form class="form" data-id="ip_check" role="form" method="post">
+          <div class="mb-4">
+            <input class="form-check-input" type="checkbox" value="1" name="ip_check_opt_in" id="ip_check_opt_in" {% if ip_check == 1 %}checked{% endif %}>
+            <label class="form-check-label" for="ip_check_opt_in">
+              {{ lang.admin.ip_check_opt_in|raw }}
+            </label>
+          </div>
+          <p><div class="btn-group">
+            <button class="btn btn-sm btn-xs-half d-block d-sm-inline btn-success" data-action="edit_selected" data-item="admin" data-id="ip_check" data-reload="no" data-api-url='edit/ip_check' data-api-attr='{}' href="#"><i class="bi bi-check-lg"></i> {{ lang.admin.save }}</button>
+          </div></p>
+        </form>
+      </div>
       <legend>{{ lang.admin.app_links }}</legend><hr />
       <p class="text-muted">{{ lang.admin.merged_vars_hint|raw }}</p>
       <form class="form-inline" data-id="app_links" role="form" method="post">

data/web/templates/debug.twig

@@ -52,14 +52,18 @@
                       <tr>
                         <td>IPs</td>
                         <td class="text-break">
-                          <span class="d-none" id="host_ipv4">-</span>
-                          <span class="d-none mb-2" id="host_ipv6">-</span>
-                          <button class="d-block btn btn-primary btn-sm" id="host_show_ip">
-                            <span class="text">{{ lang.debug.show_ip }}</span>
-                            <div class="spinner-border spinner-border-sm d-none" role="status">
-                              <span class="visually-hidden">Loading...</span>
-                            </div>  
-                          </button>
+                          {% if ip_check == 1 %}
+                            <span class="d-none" id="host_ipv4">-</span>
+                            <span class="d-none mb-2" id="host_ipv6">-</span>
+                            <button class="d-block btn btn-primary btn-sm" id="host_show_ip">
+                              <span class="text">{{ lang.debug.show_ip }}</span>
+                              <div class="spinner-border spinner-border-sm d-none" role="status">
+                                <span class="visually-hidden">Loading...</span>
+                              </div>  
+                            </button>
+                          {% else %}
+                            <span class="d-block">{{ lang.admin.ip_check_disabled|raw }}</span>
+                          {% endif %}
                         </td>
                       </tr>
                       <tr>