search

linagora / james-project

Mirror of Apache James Project
Apache License 2.0
72 stars 62 forks source link

RRT: blacklist #4878

Open chibenwa opened 1 year ago

chibenwa commented 1 year ago

CF https://issues.apache.org/jira/browse/JAMES-3946

Write in /server/data/data-api a `Droplist interfaces.

A drop list entry is comprised of

interface DropList {
    Mono<void> add(DropListEntry entry);
    Mono<void> remove(DropListEntry entry);
    Flux<DropListEntry> list(OwnerScope ownerSocpe, Owner owner);

   enum Status {
       ALLOWED,
       BLOCKED
   }
    Mono<Status> query(OwnerScope ownerSocpe, Owner owner, MailAddress sender);
}

And provide a memory + a Cassandra implementation of the DropList.

Write a IsInDropList matcher: Given attacker@evil.com sends a mail to target@localhost, the following queries are done:

Manage to do only one set of queries at scope global. Manage to do one set of queries at scope domain per domain!

Webadmin APIs to manage the Drop List:

GET /droplist/global?deniedEntityType=null|domain|address
[ "evil.com", "devil.com", "bad_guy@crime.com", "hacker@murder.org" ]

HEAD /droplist/global/evil.com
HEAD /droplist/global/bad_guy@murder.org
204 // 404

PUT /droplist/global/evil.com
PUT /droplist/global/bad_guy@murder.org
-> adds the entry into the droplist

DELETE /droplist/global/evil.com
DELETE /droplist/global/bad_guy@murder.org
-> removes the entry from the droplist

----------------
GET /droplist/domain/target.com?deniedEntityType=null|domain|address
[ "evil.com", "devil.com", "bad_guy@crime.com", "hacker@murder.org" ]

HEAD /droplist/domain/target.com/evil.com
HEAD /droplist/domain/target.com/bad_guy@murder.org
204 // 404

PUT /droplist/domain/target.com/evil.com
PUT /droplist/domain/target.com/bad_guy@murder.org
-> adds the entry into the droplist

DELETE /droplist/domain/target.com/evil.com
DELETE /droplist/domain/target.com/bad_guy@murder.org
-> removes the entry from the droplist

----------------
GET /droplist/user/bob@target.com?deniedEntityType=null|domain|address
[ "evil.com", "devil.com", "bad_guy@crime.com", "hacker@murder.org" ]

HEAD /droplist/user/bob@target.com/evil.com
HEAD /droplist/user/bob@target.com/bad_guy@murder.org
204 // 404

PUT /droplist/user/bob@target.com/evil.com
PUT /droplist/user/bob@target.com/bad_guy@murder.org
-> adds the entry into the droplist

DELETE /droplist/user/bob@target.com/evil.com
DELETE /droplist/user/bob@target.com/bad_guy@murder.org
-> removes the entry from the droplist

Write a guice module for DropList with Cassandra and with memory but do not include it in the apps by default.

Document activating the droplist extension:

And most imprtantly remove:

Arsnael commented 1 year ago

Customer request?

chibenwa commented 1 year ago

No but blacklists were discussed during an internal antispam related meeting

chibenwa commented 1 year ago

Requirement: be polite: tell the sender that the mail is blocked (bounce)

chibenwa commented 1 year ago

Ok ticket is modified:

chibenwa commented 4 months ago

CF https://issues.apache.org/jira/browse/JAMES-3946

I bet we can likely adapt the module chooser for Twake Mail and contribute a custom JMAP extension allowing a user to see and manage his blocklists.

Thoughts?

Arsnael commented 4 months ago

Doable and easy yes

Arsnael commented 3 months ago

First task would be to just add the dropList modules to tmail (distributed and memory and postgresql, like in james with the same kind of module chooser)

Then for JMAP part, new jmap extension that could be added with the module chooser when finished the dev. As jmap is for users, only should be able to manage droplist on user level (not domain or global).

Tasks:

chibenwa commented 2 months ago

CF https://github.com/linagora/tmail-backend/issues/830