Fix incomming mail rate limit Deb 11 / Ubuntu 22.04 (hestiacp#2523)

* Fix issue with reciving mail Deb 11 and Ubuntu 22.04

* Fix type in rate limit creation

* Fix v-add-mail-account

* Fix bug overwriting old config file

* Fix error in rebuild script

* Move location

* Fix issue in config / sed script

* Create $HOMEDIR/$user/conf/mail/$domain/limits if not exists

* Remove if statement

* Spacing :)

Co-authored-by: Raphael <rs@scit.ch>

Author: jaapmarcus

bin/v-add-mail-account

@@ -13,6 +13,7 @@
 # Argument definition
 user=$1
 domain=$2
+domain_idn=$2
 account=$3
 password=$4; HIDE=4
 quota=${5-unlimited}
@@ -34,6 +35,10 @@ if [[ "$account" =~ [[:upper:]] ]]; then
     account=$(echo "$account" |tr '[:upper:]' '[:lower:]')
 fi
 
+format_domain
+format_domain_idn
+
+
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
@@ -55,6 +60,7 @@ is_password_valid
 # Perform verification if read-only mode is enabled
 check_hestia_demo_mode
 
+
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
@@ -84,6 +90,7 @@ fi
  chown $user:mail $HOMEDIR/$user/mail/$domain/$account
  chmod 700 $HOMEDIR/$user/mail/$domain/$account
 
+
 #----------------------------------------------------------#
 #                       Hestia                             #
 #----------------------------------------------------------#
@@ -105,9 +112,16 @@ chmod 660 $USER_DATA/mail/$domain.conf
 
 syshealth_repair_mail_account_config
 
-user_rate_limit=$(get_object_value 'mail' 'DOMAIN' "$domain" '$RATE_LIMIT');
+touch $HOMEDIR/$user/conf/mail/$domain/limits;
+
+user_rate_limit=$(get_object_value 'mail' 'DOMAIN' "$domain" '$RATE_LIMIT')
 if [ -n "$user_rate_limit" ]; then
-    echo "$user_rate_limit" > $HOMEDIR/$user/conf/mail/$domain/limits/$account
+    sed -i "/^$account@$domain_idn:/ d" $HOMEDIR/$user/conf/mail/$domain/limits
+    echo "$account@$domain_idn:$user_rate_limit" >> $HOMEDIR/$user/conf/mail/$domain/limits
+else
+    system=$(cat /etc/exim4/limit.conf)
+    sed -i "/^$account@$domain_idn:/ d" $HOMEDIR/$user/conf/mail/$domain/limits
+    echo "$account@$domain_idn:$system" >> $HOMEDIR/$user/conf/mail/$domain/limits
 fi
 
 # Increase mail accounts counter

bin/v-change-mail-account-rate-limit

@@ -58,18 +58,19 @@ check_hestia_demo_mode
 
 md5=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$MD5')
 if [[ "$MAIL_SYSTEM" =~ exim ]]; then
-    if [ ! -d "$HOMEDIR/$user/conf/mail/$domain/limits/" ]; then
-        mkdir $HOMEDIR/$user/conf/mail/$domain/limits/
-    fi
     if [ "$rate" = "system" ]; then 
         user_rate_limit=$(get_object_value 'mail' 'DOMAIN' "$domain" '$RATE_LIMIT');
         if [ -n "$user_rate_limit" ]; then
-            echo "$user_rate_limit" > $HOMEDIR/$user/conf/mail/$domain/limits/$account
+            sed -i "/^$account@$domain_idn:/ d" $HOMEDIR/$user/conf/mail/$domain/limits
+            echo "$account@$domain_idn:$user_rate_limit" >> $HOMEDIR/$user/conf/mail/$domain/limits
         else
-            rm $HOMEDIR/$user/conf/mail/$domain/limits/$account
+            system=$(cat /etc/exim4/limit.conf)
+            sed -i "/^$account@$domain_idn:/ d" $HOMEDIR/$user/conf/mail/$domain/limits
+            echo "$account@$domain_idn:$system" >> $HOMEDIR/$user/conf/mail/$domain/limits
         fi
     else
-        echo "$rate" > $HOMEDIR/$user/conf/mail/$domain/limits/$account
+        sed -i "/^$account@$domain_idn:/ d" $HOMEDIR/$user/conf/mail/$domain/limits
+        echo "$account@$domain_idn:$rate" >> $HOMEDIR/$user/conf/mail/$domain/limits
     fi
 fi
 

func/rebuild.sh

@@ -571,12 +571,12 @@ rebuild_mail_domain_conf() {
         rm -f $HOMEDIR/$user/conf/mail/$domain/passwd
         rm -f $HOMEDIR/$user/conf/mail/$domain/fwd_only
         rm -f $HOMEDIR/$user/conf/mail/$domain/ip
-        rm -fr $HOMEDIR/$user/conf/mail/$domain/limits/
+        rm -fr $HOMEDIR/$user/conf/mail/$domain/limits
         touch $HOMEDIR/$user/conf/mail/$domain/accounts
         touch $HOMEDIR/$user/conf/mail/$domain/aliases
         touch $HOMEDIR/$user/conf/mail/$domain/passwd
         touch $HOMEDIR/$user/conf/mail/$domain/fwd_only
-        mkdir $HOMEDIR/$user/conf/mail/$domain/limits/
+        touch $HOMEDIR/$user/conf/mail/$domain/limits
 
         # Setting outgoing ip address
         if [ -n "$local_ip" ]; then
@@ -664,10 +664,17 @@ rebuild_mail_domain_conf() {
             user_rate_limit=$(get_object_value 'mail' 'DOMAIN' "$domain" '$RATE_LIMIT');
             if [ -n "$RATE_LIMIT" ]; then
                 #user value
-                echo "$RATE_LIMIT" >> $HOMEDIR/$user/conf/mail/$domain/limits/$account
+                sed -i "/^$account@$domain_idn:/ d" $HOMEDIR/$user/conf/mail/$domain/limits
+                echo "$account@$domain_idn:$RATE_LIMIT" >> $HOMEDIR/$user/conf/mail/$domain/limits
             elif [ -n "$user_rate_limit" ]; then
-                #revert to user value
-                echo "$user_rate_limit" >> $HOMEDIR/$user/conf/mail/$domain/limits/$account
+                #revert to account value
+                sed -i "/^$account@$domain_idn:/ d" $HOMEDIR/$user/conf/mail/$domain/limits
+                echo "$account@$domain_idn:$user_rate_limit" >> $HOMEDIR/$user/conf/mail/$domain/limits
+            else
+                #revert to system value
+                system=$(cat /etc/exim4/limit.conf)
+                sed -i "/^$account@$domain_idn:/ d" $HOMEDIR/$user/conf/mail/$domain/limits
+                echo "$account@$domain_idn:$system" >> $HOMEDIR/$user/conf/mail/$domain/limits
             fi
         fi
     done

install/deb/exim/exim4.conf.4.94.template

@@ -133,7 +133,7 @@ acl_check_rcpt:
 
 # Limit per email account for SMTP auhenticated users
   deny    message       = Email account $authenticated_id is sending too many emails - rate overlimit = $sender_rate / $sender_rate_period
-          set acl_c_msg_limit = ${if exists{/etc/exim4/domains/${lookup{$sender_address_domain}dsearch{/etc/exim4/domains/}}/limits/${extract{1}{:}{${lookup{$sender_address_local_part}lsearch{/etc/exim4/domains/${lookup{$sender_address_domain}dsearch{/etc/exim4/domains/}}/accounts}}}}} {${readfile{/etc/exim4/domains/${lookup{$sender_address_domain}dsearch{/etc/exim4/domains/}}/limits/${extract{1}{:}{${lookup{$sender_address_local_part}lsearch{/etc/exim4/domains/${lookup{$sender_address_domain}dsearch{/etc/exim4/domains/}}/accounts}}}}}}} {${readfile{/etc/exim4/limit.conf}}} }
+          set acl_c_msg_limit = ${if exists{/etc/exim4/domains/${lookup{$sender_address_domain}dsearch{/etc/exim4/domains/}}/limits} {${extract{1}{:}{${lookup{$sender_address_local_part@$sender_address_domain}lsearch{/etc/exim4/domains/${lookup{$sender_address_domain}dsearch{/etc/exim4/domains/}}/limits}}}}} {${readfile{/etc/exim4/limit.conf}}} }
           ratelimit     = $acl_c_msg_limit / 1h / strict/ $authenticated_id
 
   warn    ratelimit     = ${eval:$acl_c_msg_limit / 2} / 1h / strict / $authenticated_id

install/deb/exim/exim4.conf.template

@@ -133,7 +133,7 @@ acl_check_rcpt:
 
 # Limit per email account for SMTP auhenticated users
   deny    message       = Email account $authenticated_id is sending too many emails - rate overlimit = $sender_rate / $sender_rate_period
-          set acl_c_msg_limit = ${if exists{/etc/exim4/domains/$sender_address_domain/limits/$sender_address_local_part} {${readfile{/etc/exim4/domains/$sender_address_domain/limits/$sender_address_local_part}}} {${readfile{/etc/exim4/limit.conf}}} }
+          set acl_c_msg_limit = ${if exists{/etc/exim4/domains/${lookup{$sender_address_domain}dsearch{/etc/exim4/domains/}}/limits} {${extract{1}{:}{${lookup{$sender_address_local_part@$sender_address_domain}lsearch{/etc/exim4/domains/${lookup{$sender_address_domain}dsearch{/etc/exim4/domains/}}/limits}}}}} {${readfile{/etc/exim4/limit.conf}}} }
           ratelimit     = $acl_c_msg_limit / 1h / strict/ $authenticated_id
 
   warn    ratelimit     = ${eval:$acl_c_msg_limit / 2} / 1h / strict / $authenticated_id

install/upgrade/versions/1.6.0.sh

@@ -24,17 +24,8 @@ upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false'
 if [ "$MAIL_SYSTEM" = "exim4" ]; then 
     echo "[ * ] Update exim4 config to support rate limits"
     # Upgrade config exim for custom limits
-    
-    exim_version=$(exim4 --version |  head -1 | awk  '{print $3}' | cut -f -2 -d .);
-    if [ "$exim_version" = "4.94" ] || [ "$exim_version" = "4.95" ]; then
-        #For Debian 11 and Ubuntu 22.04 
-        sed -i '115,250 s/ratelimit             = 200 \/ 1h \/ $authenticated_id/          set acl_c_msg_limit = ${if exists{\/etc\/exim4\/domains\/${lookup{$sender_address_domain}dsearch{\/etc\/exim4\/domains\/}}\/limits\/${extract{1}{:}{${lookup{$sender_address_local_part}lsearch{\/etc\/exim4\/domains\/${lookup{$sender_address_domain}dsearch{\/etc\/exim4\/domains\/}}\/accounts}}}}} {${readfile{\/etc\/exim4\/domains\/${lookup{$sender_address_domain}dsearch{\/etc\/exim4\/domains\/}}\/limits\/${extract{1}{:}{${lookup{$sender_address_local_part}lsearch{\/etc\/exim4\/domains\/${lookup{$sender_address_domain}dsearch{\/etc\/exim4\/domains\/}}\/accounts}}}}}}} {${readfile{\/etc\/exim4\/limit.conf}}} } \n  ratelimit     = $acl_c_msg_limit \/ 1h \/ strict\/ $authenticated_id/g' /etc/exim4/exim4.conf.template
-        sed -i '115,250 s/warn    ratelimit     = 100 \/ 1h \/ strict \/ $authenticated_id/warn    ratelimit     = ${eval:$acl_c_msg_limit \/ 2} \/ 1h \/ strict \/ $authenticated_id/g' /etc/exim4/exim4.conf.template
-    else
-        # And the other 
-        sed -i '115,250 s/ratelimit             = 200 \/ 1h \/ $authenticated_id/ set acl_c_msg_limit = ${if exists{\/etc\/exim4\/domains\/$sender_address_domain\/limits\/$sender_address} {${readfile{\/etc\/exim4\/domains\/$sender_address_domain\/limits\/$sender_address_local_part}}} {${readfile{\/etc\/exim4\/limit.conf}}} } \n ratelimit     = $acl_c_msg_limit \/ 1h \/ strict\/ $authenticated_id/g' /etc/exim4/exim4.conf.template
-        sed -i '115,250 s/warn    ratelimit     = 100 \/ 1h \/ strict \/ $authenticated_id/warn    ratelimit     = ${eval:$acl_c_msg_limit \/ 2} \/ 1h \/ strict \/ $authenticated_id/g' /etc/exim4/exim4.conf.template
-    fi
+    sed -i '115,250 s/ratelimit             = 200 \/ 1h \/ $authenticated_id/          set acl_c_msg_limit = \${if exists{\/etc\/exim4\/domains\/\${lookup{\$sender_address_domain}dsearch{\/etc\/exim4\/domains\/}}\/limits} {\${extract{1}{:}{\${lookup{\$sender_address_local_part@\$sender_address_domain}lsearch{\/etc\/exim4\/domains\/\${lookup{\$sender_address_domain}dsearch{\/etc\/exim4\/domains\/}}\/limits}}}}} {\${readfile{\/etc\/exim4\/limit.conf}}} }\n ratelimit     = \$acl_c_msg_limit \/ 1h \/ strict\/ \$authenticated_idy/g' /etc/exim4/exim4.conf.template
+    sed -i '115,250 s/warn    ratelimit     = 100 \/ 1h \/ strict \/ $authenticated_id/warn    ratelimit     = ${eval:$acl_c_msg_limit \/ 2} \/ 1h \/ strict \/ $authenticated_id/g' /etc/exim4/exim4.conf.template
     # Add missing limit.conf file
     cp $HESTIA_INSTALL_DIR/exim/limit.conf /etc/exim4/limit.conf
 fi