Exim add custom ratelimits by user (hestiacp#2225)

* Exim add custom ratelimits by user

* Update Custom Limits by domain/user or default (limit.conf)

* Update 1.5.9.sh

* Update upgrade version to 1.6.0

* Include copy of limits.conf to

* Adjust filename to limit.conf

* Correct folder

* Add support for Debian 11 and Ubuntu 22.04

* Add new keys to configs

* Prevent mail.domain.com being removed if used as alias for webmail

* Add support for CLI and WEB UI

Priority:
- "Account" 
- "Domain"
- "Server"

Admin is only allowed to edit / change value for security reasons

Co-authored-by: Arturo Blanco <ablanco@ablanco.es>
Co-authored-by: Jaap Marcus <9754650+jaapmarcus@users.noreply.github.com>
Co-authored-by: Raphael <rs@scit.ch>

Author: 4 people

bin/v-add-mail-account

@@ -24,6 +24,8 @@ source /etc/hestiacp/hestia.conf
 source $HESTIA/func/main.sh
 # shellcheck source=/usr/local/hestia/func/domain.sh
 source $HESTIA/func/domain.sh
+# shellcheck source=/usr/local/hestia/func/syshealth.sh
+source $HESTIA/func/syshealth.sh
 # load config file
 source_conf "$HESTIA/conf/hestia.conf"
 
@@ -101,6 +103,13 @@ str="$str TIME='$time' DATE='$date'"
 echo "$str" >> $USER_DATA/mail/$domain.conf
 chmod 660 $USER_DATA/mail/$domain.conf
 
+syshealth_repair_mail_account_config
+
+user_rate_limit=$(get_object_value 'mail' 'DOMAIN' "$domain" '$RATE_LIMIT');
+if [ -n "$user_rate_limit" ]; then
+    echo "$user_rate_limit" > $HOMEDIR/$user/conf/mail/$domain/limits/$account
+fi
+
 # Increase mail accounts counter
 accounts=$(wc -l $USER_DATA/mail/$domain.conf | cut -f 1 -d ' ')
 increase_user_value "$user" '$U_MAIL_ACCOUNTS'

bin/v-add-mail-domain

@@ -28,6 +28,8 @@ source $HESTIA/func/main.sh
 source $HESTIA/func/domain.sh
 # shellcheck source=/usr/local/hestia/func/ip.sh
 source $HESTIA/func/ip.sh
+# shellcheck source=/usr/local/hestia/func/syshealth.sh
+source $HESTIA/func/syshealth.sh
 # load config file
 source_conf "$HESTIA/conf/hestia.conf"
 
@@ -97,6 +99,8 @@ s="$s DATE='$date'"
 echo $s >> $USER_DATA/mail.conf
 touch $USER_DATA/mail/$domain.conf
 
+syshealth_repair_mail_config
+
 # Generating DKIM keys
 if [ "$dkim" = 'yes' ]; then
     openssl genrsa -out $USER_DATA/mail/$domain.pem $dkim_size &>/dev/null

bin/v-add-mail-domain-webmail

@@ -99,22 +99,24 @@ else
     # Ensure DNS record exists if Hestia is hosting DNS zones
     if [ -n "$DNS_SYSTEM" ]; then
         dns_domain=$($BIN/v-list-dns-domains $user | grep $domain | cut -d' ' -f1)
-        webmail_record=$($BIN/v-list-dns-records $user $domain | grep -i $WEBMAIL_ALIAS | cut -d' ' -f1)
-
+        webmail_record=$($BIN/v-list-dns-records $user $domain | grep -i " $WEBMAIL_ALIAS " | cut -d' ' -f1)
         if [ "$dns_domain" = "$domain" ]; then
-            if [ -z "$webmail_record" ]; then
-                if [ "$quiet" = "yes" ]; then
-                    $BIN/v-add-dns-record "$user" "$domain" "$WEBMAIL_ALIAS" A "$ip" '' '' "$restart" '' 'yes'
-                else
-                    $BIN/v-add-dns-record "$user" "$domain" "$WEBMAIL_ALIAS" A "$ip" '' '' "$restart" '' 'yes'
-                fi
-            else
-                if [ "$quiet" = "yes" ]; then
-                    $BIN/v-delete-dns-record "$user" "$domain" "$webmail_record" "$restart" 'yes'
-                    $BIN/v-add-dns-record "$user" "$domain" "$WEBMAIL_ALIAS" A "$ip" '' '' "$restart" '' 'yes'
+            if [ "$WEBMAIL_ALIAS" != "mail" ]; then
+                #Prevent mail.domain.com to be cycled
+                if [ -z "$webmail_record" ]; then
+                    if [ "$quiet" = "yes" ]; then
+                        $BIN/v-add-dns-record "$user" "$domain" "$WEBMAIL_ALIAS" A "$ip" '' '' "$restart" '' 'yes'
+                    else
+                        $BIN/v-add-dns-record "$user" "$domain" "$WEBMAIL_ALIAS" A "$ip" '' '' "$restart" '' 'yes'
+                    fi
                 else
-                    $BIN/v-delete-dns-record "$user" "$domain" "$webmail_record" "$restart" 'yes'
-                    $BIN/v-add-dns-record "$user" "$domain" "$WEBMAIL_ALIAS" A "$ip" '' '' "$restart" '' 'yes'
+                    if [ "$quiet" = "yes" ]; then
+                        $BIN/v-delete-dns-record "$user" "$domain" "$webmail_record" "$restart" 'yes'
+                        $BIN/v-add-dns-record "$user" "$domain" "$WEBMAIL_ALIAS" A "$ip" '' '' "$restart" '' 'yes'
+                    else
+                        $BIN/v-delete-dns-record "$user" "$domain" "$webmail_record" "$restart" 'yes'
+                        $BIN/v-add-dns-record "$user" "$domain" "$WEBMAIL_ALIAS" A "$ip" '' '' "$restart" '' 'yes'
+                    fi
                 fi
             fi
         fi

bin/v-change-mail-account-rate-limit

@@ -0,0 +1,91 @@
+#!/bin/bash
+# info: change mail domain rate limit
+# options: USER DOMAIN ACCOUNT RATE
+#
+# example: v-change-mail-domain-quota admin mydomain.tld user01 100
+#
+# This function changes email account rate limit. Use system to use domain or "server" setting
+
+#----------------------------------------------------------#
+#                Variables & Functions                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+domain=$2
+domain_idn=$2
+account=$3
+rate=$4
+
+# Includes
+# shellcheck source=/etc/hestiacp/hestia.conf
+source /etc/hestiacp/hestia.conf
+# shellcheck source=/usr/local/hestia/func/main.sh
+source $HESTIA/func/main.sh
+# shellcheck source=/usr/local/hestia/func/domain.sh
+source $HESTIA/func/domain.sh
+# load config file
+source_conf "$HESTIA/conf/hestia.conf"
+
+# Additional argument formatting
+format_domain
+format_domain_idn
+# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '4' "$#" 'USER DOMAIN ACCOUNT RATE'
+is_format_valid 'user' 'domain' 'account'
+if [ "$rate" != 'system' ]; then
+    is_format_valid 'rate'
+fi
+is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+is_object_valid 'mail' 'DOMAIN' "$domain"
+is_object_unsuspended 'mail' 'DOMAIN' "$domain"
+is_object_valid "mail/$domain" 'ACCOUNT' "$account"
+is_object_unsuspended "mail/$domain" 'ACCOUNT' "$account"
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+md5=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$MD5')
+if [[ "$MAIL_SYSTEM" =~ exim ]]; then
+    if [ ! -d "$HOMEDIR/$user/conf/mail/$domain/limits/" ]; then
+        mkdir $HOMEDIR/$user/conf/mail/$domain/limits/
+    fi
+    if [ "$rate" = "system" ]; then 
+        user_rate_limit=$(get_object_value 'mail' 'DOMAIN' "$domain" '$RATE_LIMIT');
+        if [ -n "$user_rate_limit" ]; then
+            echo "$user_rate_limit" > $HOMEDIR/$user/conf/mail/$domain/limits/$account
+        else
+            rm $HOMEDIR/$user/conf/mail/$domain/limits/$account
+        fi
+    else
+        echo "$rate" > $HOMEDIR/$user/conf/mail/$domain/limits/$account
+    fi
+fi
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+
+if [[ "$rate" = "system" ]]; then
+    rate=''
+fi
+
+# Update quota
+update_object_value "mail/$domain" 'ACCOUNT' "$account" '$RATE_LIMIT' "$rate"
+
+# Logging
+$BIN/v-log-action "$user" "Info" "Mail" "Mail account rate limit changed (Rate: $rate, Account: $account@$domain)."
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-change-mail-domain-rate-limit

@@ -0,0 +1,73 @@
+#!/bin/bash
+# info: change mail account rate limit
+# options: USER DOMAIN ACCOUNT RATE
+#
+# example: v-change-mail-account-quota admin mydomain.tld user01 100
+#
+# This function changes email account rate limit for the domain. account specific setting will overwrite domain setting!
+
+#----------------------------------------------------------#
+#                Variables & Functions                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+domain=$2
+domain_idn=$2
+rate=$3
+
+# Includes
+# shellcheck source=/etc/hestiacp/hestia.conf
+source /etc/hestiacp/hestia.conf
+# shellcheck source=/usr/local/hestia/func/main.sh
+source $HESTIA/func/main.sh
+# shellcheck source=/usr/local/hestia/func/domain.sh
+source $HESTIA/func/domain.sh
+# load config file
+source_conf "$HESTIA/conf/hestia.conf"
+
+# Additional argument formatting
+format_domain
+format_domain_idn
+# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '3' "$#" 'USER DOMAIN  RATE'
+is_format_valid 'user' 'domain'
+if [ "$rate" != 'system' ]; then
+    is_format_valid 'rate'
+fi
+is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+is_object_valid 'mail' 'DOMAIN' "$domain"
+is_object_unsuspended 'mail' 'DOMAIN' "$domain"
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+
+if [[ "$rate" = "system" ]]; then
+    rate=''
+fi
+
+$HESTIA/bin/v-rebuild-mail-domain "$user" "$domain"
+# Update quota
+update_object_value "mail" 'DOMAIN' "$domain" '$RATE_LIMIT' "$rate"
+
+# Logging
+$BIN/v-log-action "$user" "Info" "Mail" "Mail domain rate limit has changed ($rate)"
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-delete-mail-account

@@ -60,6 +60,7 @@ if [[ "$MAIL_SYSTEM" =~ exim ]]; then
     sed -i "/^$account:/d" $HOMEDIR/$user/conf/mail/$domain/accounts
     sed -i "/^$account$/d" $HOMEDIR/$user/conf/mail/$domain/fwd_only
     rm -rf $HOMEDIR/$user/mail/$domain/$account
+    rm -f $HOMEDIR/$user/conf/mail/$domain/limits/$account
 fi
 
 #----------------------------------------------------------#

bin/v-delete-mail-domain-webmail

@@ -58,14 +58,16 @@ if [ -n "$WEBMAIL_ALIAS" ]; then
     # Ensure that corresponding DNS records are removed
     if [ -n "$DNS_SYSTEM" ]; then
         dns_domain=$($BIN/v-list-dns-domains "$user" | grep "$domain" | cut -d' ' -f1)
-        webmail_record=$($BIN/v-list-dns-records "$user" "$domain" | grep -i "$WEBMAIL_ALIAS" | cut -d' ' -f1)
-
-        if [ "$dns_domain" = "$domain" ]; then
-            if [ -n "$webmail_record" ]; then
-                if [ "$quiet" = "yes" ]; then
-                    $BIN/v-delete-dns-record "$user" "$domain" "$webmail_record" "$restart" 'yes'
-                else
-                    $BIN/v-delete-dns-record "$user" "$domain" "$webmail_record" "$restart"
+        if [ "WEBMAIL_ALIAS" != "mail" ];then
+            #Prevent mail.domain.com being removed
+            webmail_record=$($BIN/v-list-dns-records $user $domain | grep -i " $WEBMAIL_ALIAS " | cut -d' ' -f1)
+            if [ "$dns_domain" = "$domain" ]; then
+                if [ -n "$webmail_record" ]; then
+                    if [ "$quiet" = "yes" ]; then
+                        $BIN/v-delete-dns-record "$user" "$domain" "$webmail_record" "$restart" 'yes'
+                    else
+                        $BIN/v-delete-dns-record "$user" "$domain" "$webmail_record" "$restart"
+                    fi
                 fi
             fi
         fi

bin/v-list-mail-account

@@ -33,6 +33,7 @@ json_list() {
         "FWD_ONLY": "'$FWD_ONLY'",
         "AUTOREPLY": "'$AUTOREPLY'",
         "QUOTA": "'$QUOTA'",
+        "RATE_LIMIT": "'$RATE_LIMIT'",
         "U_DISK": "'$U_DISK'",
         "SUSPENDED": "'$SUSPENDED'",
         "TIME": "'$TIME'",

bin/v-list-mail-domain

@@ -33,6 +33,7 @@ json_list() {
         "DKIM": "'$DKIM'",
         "CATCHALL": "'$CATCHALL'",
         "ACCOUNTS": "'$ACCOUNTS'",
+        "RATE_LIMIT": "'$RATE_LIMIT'",
         "U_DISK": "'$U_DISK'",
         "SSL": "'$SSL'",
         "LETSENCRYPT": "'$LETSENCRYPT'",

func/main.sh

@@ -433,6 +433,10 @@ get_object_value() {
     eval echo $4
 }
 
+get_object_values() {
+    parse_object_kv_list $(grep "$2='$3'" $USER_DATA/$1.conf)   
+}
+
 # Update object value
 update_object_value() {
     row=$(grep -nF "$2='$3'" $USER_DATA/$1.conf)
@@ -1154,6 +1158,8 @@ is_format_valid() {
                 protocol)       is_fw_protocol_format_valid "$arg" ;;
                 proxy_ext)      is_extention_format_valid "$arg" ;;
                 quota)          is_int_format_valid "$arg" 'quota' ;;
+                rate)           is_int_format_valid "$arg" 'rate' ;;
+                                
                 record)         is_common_format_valid "$arg" 'record';;
                 restart)        is_restart_format_valid "$arg" 'restart' ;;
                 role)           is_role_valid "$arg" 'role' ;;