search

mailwatch / MailWatch

MailWatch for MailScanner is a web-based front-end to MailScanner
http://mailwatch.org/
GNU General Public License v2.0
117 stars 66 forks source link

Update GeoIP Database not working #1297

Closed MatKra84 closed 8 months ago

MatKra84 commented 8 months ago

Hello,

MaxMind recently updated the method for downloading its databases, now utilizing Cloudflare. As a result of this change (in my opinion), the GeoIP update tool in Mailwatch is no longer functioning:

"Error occurred while downloading GeoIP data file: Response could not be parsed"

https://dev.maxmind.com/geoip/release-notes/2024#presigned-urls-for-database-downloads

endelwar commented 8 months ago

We need to update the download method to take care of the redirect. MaxMind is rolling out the new download logic in batch for old accounts (mine is still on the old logic) and for new accounts.

For reference these are the request headers for old way and new way:

❯ curl -I https://download.maxmind.com/app/geoip_download\?edition_id\=GeoLite2-Country\&license_key\=OLD_LICENCE_KEY\&suffix\=tar.gz
HTTP/2 200
date: Tue, 23 Jan 2024 15:14:20 GMT
content-type: application/gzip
content-length: 3239641
cache-control: private, max-age=0
content-disposition: attachment; filename=GeoLite2-Country_20240119.tar.gz
etag: "feaf42a00cee5ce92e686cd37dee229f"
expires: Tue, 23 Jan 2024 15:14:20 GMT
last-modified: Fri, 19 Jan 2024 18:15:39 GMT
server: cloudflare
cf-ray: 84a0fc5c39d50d65-MXP
❯ curl -I https://download.maxmind.com/app/geoip_download\?edition_id\=GeoLite2-Country\&license_key\=NEW_LICENCE_KEY\&suffix\=tar.gz
HTTP/2 302
date: Tue, 23 Jan 2024 15:14:37 GMT
location: https://mm-prod-geoip-databases.a2649acb697e2c09b632799562c076f2.r2.cloudflarestorage.com/downloads/GeoLite2-Country_20240119.tar.gz?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AMZ-CREDENTIAL%2F20240123%2Fauto%2Fs3%2Faws4_request&X-Amz-Date=20240123T151437Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Signature=AMZ_SIGNATURE
cache-control: private, max-age=0
expires: Tue, 23 Jan 2024 15:14:37 GMT
server: cloudflare
cf-ray: 84a0fcc46d4d0f7e-MXP
❯ curl -I https://mm-prod-geoip-databases.a2649acb697e2c09b632799562c076f2.r2.cloudflarestorage.com/downloads/GeoLite2-Country_20240119.tar.gz\?X-Amz-Algorithm\=AWS4-HMAC-SHA256\&X-Amz-Credential\=AMZ-CREDENTIAL%2F20240123%2Fauto%2Fs3%2Faws4_request\&X-Amz-Date\=20240123T151437Z\&X-Amz-Expires\=3600\&X-Amz-SignedHeaders\=host\&X-Amz-Signature\=AMZ_SIGNATURE
HTTP/1.1 200 OK
Date: Tue, 23 Jan 2024 15:15:06 GMT
Content-Type: application/octet-stream
Content-Length: 3239641
Connection: keep-alive
Accept-Ranges: bytes
ETag: "feaf42a00cee5ce92e686cd37dee229f"
Last-Modified: Fri, 19 Jan 2024 18:15:39 GMT
x-amz-meta-mtime: 1705687949.976
Server: cloudflare
CF-RAY: 84a0fd793ee00e23-MXP
endelwar commented 8 months ago

I reproduced the issue by disabling the 'curl' extension and using 'wget' download method. It seems like a command escape issue instead of a redirect one. I will release a fix shortly.