cypht-org
diff --git a/‎AUTO_BLOCK_FIXES.md‎
Lines changed: 129 additions & 0 deletions b/‎AUTO_BLOCK_FIXES.md‎
Lines changed: 129 additions & 0 deletions
diff --git a/‎PREDEFINED_SERVICE_EDIT_BUTTONS.md‎
Lines changed: 153 additions & 0 deletions b/‎PREDEFINED_SERVICE_EDIT_BUTTONS.md‎
Lines changed: 153 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 5 additions & 0 deletions b/‎README.md‎
Lines changed: 5 additions & 0 deletions
@@ -0,0 +1,129 @@
+# Auto-Blocking System Fixes
+
+This document describes the fixes implemented to make the auto-blocking system work properly in Cypht.
+
+## Issues Fixed
+
+### 1. Missing Module Dependency
+**Problem**: The `sievefilters` module was not enabled in the default configuration, causing all Sieve-related functions to be unavailable.
+
+**Solution**: Added `sievefilters` to the modules list in `config/app.php`:
+```php
+'modules' => explode(',', env('CYPHT_MODULES','core,contacts,local_contacts,feeds,imap,smtp,account,idle_timer,calendar,themes,nux,developer,history,saved_searches,advanced_search,highlights,profiles,inline_message,imap_folders,keyboard_shortcuts,tags,sievefilters')),
+```
+
+### 2. Missing Function Dependencies
+**Problem**: The auto-blocking system relied on functions that were only available when the `sievefilters` module was loaded.
+
+**Solution**: Added fallback includes in `modules/imap/spam_report_utils.php`:
+```php
+// Include sievefilters functions if module is not loaded
+if (!function_exists('get_sieve_client_factory')) {
+    require_once APP_PATH.'modules/sievefilters/functions.php';
+}
+```
+
+### 3. Poor Error Handling
+**Problem**: The system didn't provide clear error messages when auto-blocking failed.
+
+**Solution**: Added comprehensive error handling and logging throughout the auto-blocking process.
+
+### 4. Missing Configuration Validation
+**Problem**: The system didn't check if IMAP servers had Sieve configuration before attempting auto-blocking.
+
+**Solution**: Added validation to ensure `sieve_config_host` is configured and provide user feedback.
+
+## How the Auto-Blocking System Works
+
+### 1. User Interface
+- Users can report spam by clicking the "Report Spam" button
+- A modal dialog appears asking for a reason
+- Users can report individual messages or bulk-select multiple messages
+
+### 2. Backend Processing
+1. **Input Validation**: Validates required fields (message UIDs, server ID, folder, spam reason)
+2. **Rate Limiting**: Prevents abuse using rate limiting
+3. **Spam Service Reporting**: Reports to enabled spam services (SpamCop, AbuseIPDB, etc.)
+4. **Message Movement**: Moves the reported message to the junk folder
+5. **Auto-Blocking**: Automatically blocks the sender if enabled
+
+### 3. Auto-Blocking Process
+1. **Extract Sender**: Gets the sender email from message headers
+2. **Check Configuration**: Verifies auto-blocking is enabled and Sieve is configured
+3. **Create Sieve Filter**: Generates a Sieve script to block future messages
+4. **Apply Action**: Moves, discards, or rejects future messages from the sender
+5. **Save Configuration**: Updates the Sieve script on the server
+
+## Configuration Requirements
+
+### 1. Enable Sieve Filters Module
+The `sievefilters` module must be enabled in `config/app.php`.
+
+### 2. Configure IMAP Server Sieve Settings
+Each IMAP server must have the `sieve_config_host` field configured:
+- Go to Settings → Servers
+- Edit your IMAP server
+- Set the "Sieve Configuration Host" field (e.g., `mail.example.com:4190`)
+
+### 3. User Settings
+Users can configure auto-blocking behavior in Settings:
+- **Enable/Disable**: Toggle auto-blocking on/off
+- **Action**: Choose what happens to blocked messages (move to junk, discard, reject)
+- **Scope**: Block specific sender or entire domain
+
+## Testing the System
+
+Run the test script to verify the system is working:
+```bash
+php test_auto_block.php
+```
+
+This will check:
+- Module availability
+- Required functions
+- PhpSieveManager classes
+- Email extraction
+- Domain extraction
+- Action mapping
+
+## Troubleshooting
+
+### Auto-blocking not working?
+1. **Check module**: Ensure `sievefilters` is enabled in configuration
+2. **Check Sieve host**: Verify `sieve_config_host` is set for your IMAP server
+3. **Check user settings**: Ensure auto-blocking is enabled in user settings
+4. **Check logs**: Look for error messages in the debug logs
+
+### Common Error Messages
+- **"Sieve filters module not enabled"**: Enable the `sievefilters` module
+- **"Sieve server not configured"**: Set the `sieve_config_host` for your IMAP server
+- **"Failed to initialize Sieve client"**: Check your Sieve server connection
+- **"Failed to save Sieve script"**: Check Sieve server permissions
+
+### Debug Logging
+The system provides detailed debug logging. Enable debug mode to see:
+- Auto-blocking attempts
+- Success/failure status
+- Error details
+- Configuration issues
+
+## Files Modified
+
+1. **config/app.php**: Added `sievefilters` to modules list
+2. **modules/imap/spam_report_utils.php**: Added error handling and fallback includes
+3. **modules/imap/handler_modules.php**: Added better validation and logging
+4. **modules/imap/site.js**: Added user feedback for warnings
+5. **modules/imap/output_modules.php**: Added configuration warnings
+
+## Dependencies
+
+- **PhpSieveManager**: Required for Sieve script generation (already included in composer.json)
+- **sievefilters module**: Provides Sieve client functionality
+- **IMAP server with Sieve support**: Required for auto-blocking to work
+
+## Security Considerations
+
+- Auto-blocking uses Sieve filters which run on the mail server
+- Rate limiting prevents abuse of the spam reporting feature
+- User settings allow granular control over auto-blocking behavior
+- All actions are logged for audit purposes 
@@ -0,0 +1,153 @@
+# Predefined Service Edit Buttons Implementation
+
+## Overview
+This document outlines the implementation of edit buttons for the predefined spam services (SpamCop, AbuseIPDB, StopForumSpam, CleanTalk) and the disabling of the "Add New Service" button.
+
+## Changes Made
+
+### 1. Disabled "Add New Service" Button
+**Location:** `modules/imap/output_modules.php` - `Hm_Output_spam_service_management` class
+
+**Change:** Commented out the "Add New Service" button to prevent users from adding custom services for now.
+
+```php
+// Add new service button (disabled for now)
+// $res .= '<div class="mb-3">';
+// $res .= '<button type="button" class="btn btn-primary btn-sm" data-bs-toggle="modal" data-bs-target="#addServiceModal">';
+// $res .= '<i class="bi bi-plus-circle me-1"></i>'.$this->trans('Add New Service');
+// $res .= '</button>';
+// $res .= '</div>';
+```
+
+### 2. Added Edit Buttons to Service Settings
+**Location:** `modules/imap/output_modules.php` - `Hm_Output_spam_services_setting` class
+
+**Change:** Added edit buttons next to each service checkbox in the spam services settings.
+
+```php
+$res .= '<td>';
+$res .= '<input class="form-check-input" type="checkbox"'.$checked.' value="1" id="'.$key.'" name="'.$key.'" data-default-value="'.($defaults[$key] ? 'true' : 'false').'"/>';
+// Add Edit button for each service
+$service_id = str_replace('enable_', '', $key);
+$res .= '<button type="button" class="btn btn-sm btn-outline-primary ms-2" onclick="editService(\''.$service_id.'\')">';
+$res .= '<i class="bi bi-pencil"></i> '.$this->trans('Edit');
+$res .= '</button>';
+$res .= '</td></tr>';
+```
+
+### 3. Created Predefined Service Modals
+**Location:** `modules/imap/output_modules.php` - `Hm_Output_predefined_service_modals` class
+
+**Features:**
+- **SpamCop Modal:** Simple email endpoint configuration
+- **AbuseIPDB Modal:** Full API configuration with authentication
+- **StopForumSpam Modal:** Full API configuration with authentication
+- **CleanTalk Modal:** Full API configuration with authentication
+
+**Each modal includes:**
+- Service-specific fields (email endpoint for SpamCop, API fields for others)
+- Current values loaded from the spam service manager
+- Enable/disable checkbox
+- Form validation
+- Bootstrap styling
+
+### 4. Updated JavaScript for Modal Handling
+**Location:** `modules/imap/output_modules.php` - `Hm_Output_spam_service_management_js` class
+
+**Change:** Modified the `editService()` function to handle predefined services.
+
+```javascript
+function editService(serviceId) {
+    // Check if it's a predefined service
+    if (["spamcop", "abuseipdb", "stopforumspam", "cleantalk"].includes(serviceId)) {
+        // Show predefined service modal
+        var modal = new bootstrap.Modal(document.getElementById(serviceId + "Modal"));
+        modal.show();
+        return;
+    }
+    
+    // Handle custom services (existing logic)
+    // ...
+}
+```
+
+### 5. Added Handler for Predefined Service Updates
+**Location:** `modules/imap/handler_modules.php` - `Hm_Handler_update_predefined_service` class
+
+**Features:**
+- Processes form submissions from predefined service modals
+- Validates service-specific fields
+- Updates service configuration in the spam service manager
+- Provides success/error feedback
+
+**Supported Services:**
+- **SpamCop:** Email endpoint and enabled status
+- **AbuseIPDB:** API endpoint, method, auth type, auth header, auth value, payload template, enabled status
+- **StopForumSpam:** API endpoint, method, auth type, auth header, auth value, payload template, enabled status
+- **CleanTalk:** API endpoint, method, auth type, auth header, auth value, payload template, enabled status
+
+## Service-Specific Configurations
+
+### SpamCop (Email Service)
+- **Type:** Email
+- **Required Fields:** Email endpoint
+- **Default Endpoint:** `[email protected]`
+- **Default Status:** Enabled
+
+### AbuseIPDB (API Service)
+- **Type:** API
+- **Required Fields:** API endpoint, HTTP method, payload template
+- **Optional Fields:** Authentication configuration
+- **Default Endpoint:** `https://api.abuseipdb.com/api/v2/report`
+- **Default Method:** POST
+- **Default Auth Type:** Header
+- **Default Auth Header:** Key
+- **Default Payload:** `{"ip": "{{ ip }}", "categories": [3], "comment": "{{ reason }}"}`
+- **Default Status:** Disabled
+
+### StopForumSpam (API Service)
+- **Type:** API
+- **Required Fields:** API endpoint, HTTP method, payload template
+- **Optional Fields:** Authentication configuration
+- **Default Endpoint:** `https://www.stopforumspam.com/add`
+- **Default Method:** POST
+- **Default Auth Type:** Header
+- **Default Auth Header:** api_key
+- **Default Payload:** `{"email": "{{ email }}", "ip": "{{ ip }}", "evidence": "{{ reason }}"}`
+- **Default Status:** Disabled
+
+### CleanTalk (API Service)
+- **Type:** API
+- **Required Fields:** API endpoint, HTTP method, payload template
+- **Optional Fields:** Authentication configuration
+- **Default Endpoint:** `https://moderate.cleantalk.org/api2.0`
+- **Default Method:** POST
+- **Default Auth Type:** Header
+- **Default Auth Header:** auth_key
+- **Default Payload:** `{"auth_key": "{{ auth_value }}", "method_name": "spam_check", "message": "{{ body }}", "sender_email": "{{ email }}", "sender_ip": "{{ ip }}"}`
+- **Default Status:** Disabled
+
+## Benefits
+
+1. **Simplified Interface:** Users can only edit predefined services, reducing complexity
+2. **Service-Specific Forms:** Each service has a tailored form with relevant fields
+3. **Current Value Loading:** Modals populate with existing configuration values
+4. **Easy Configuration:** Users can quickly configure API keys and endpoints
+5. **Consistent UX:** All services follow the same edit pattern
+6. **Validation:** Form validation ensures proper configuration
+
+## Usage
+
+1. Navigate to IMAP Settings in the admin interface
+2. Scroll to the "External Spam Reporting Services" section
+3. Click the "Edit" button next to any service
+4. Configure the service-specific fields
+5. Click "Update" to save changes
+
+## Future Enhancements
+
+- Re-enable "Add New Service" button when needed
+- Add service testing functionality
+- Add service status indicators
+- Add bulk service management
+- Add service import/export functionality 
@@ -45,3 +45,8 @@ Docker: [https://hub.docker.com/r/cypht/cypht](https://hub.docker.com/r/cypht/cy
 LinkedIn group: [https://www.linkedin.com/groups/13804559/](https://www.linkedin.com/groups/13804559/)
 
 An interview with the project's founder: https://github.com/cypht-org/cypht/wiki/AMA-Jason-Munro
+
+---
+
+**New in this version:**
+- All spam reporting, rate limiting, and auto-block settings are now managed in a single **Spam Reporting** section under **Site Settings** in the web interface. This makes it easier for administrators to configure and manage all spam-related options in one place.