#!/usr/bin/env perl
# conf.pl
#
-# Copyright (c) 1999-2015 The SquirrelMail Project Team
+# Copyright (c) 1999-2020 The SquirrelMail Project Team
# Licensed under the GNU GPL. For full terms see COPYING.
#
# A simple configure script to configure SquirrelMail
# since 1.2.5
$edit_identity = 'true' if ( !$edit_identity );
$edit_name = 'true' if ( !$edit_name );
+# since 1.4.23/1.5.2
+$edit_reply_to = 'true' if ( !$edit_reply_to );
# since 1.4.0
$use_smtp_tls= 'false' if ( !$use_smtp_tls);
$use_imap_tls = 'false' if ( !$use_imap_tls );
$imap_auth_mech = 'login' if ( !$imap_auth_mech );
+# $use_imap_tls and $use_smtp_tls are switched to integer since 1.5.1
+$use_imap_tls = 0 if ( $use_imap_tls eq 'false');
+$use_imap_tls = 1 if ( $use_imap_tls eq 'true');
+$use_smtp_tls = 0 if ( $use_smtp_tls eq 'false');
+$use_smtp_tls = 1 if ( $use_smtp_tls eq 'true');
+
# since 1.5.0
$show_alternative_names = 'false' if ( !$show_alternative_names );
# $available_languages option available only in 1.5.0. removed due to $languages
'verasans', 'bitstream vera sans,verdana,sans-serif');
}
-# $use_imap_tls and $use_smtp_tls are switched to integer since 1.5.1
-$use_imap_tls = 0 if ( $use_imap_tls eq 'false');
-$use_imap_tls = 1 if ( $use_imap_tls eq 'true');
-$use_smtp_tls = 0 if ( $use_smtp_tls eq 'false');
-$use_smtp_tls = 1 if ( $use_smtp_tls eq 'true');
# sorting options changed names and reversed values in 1.5.1
$disable_thread_sort = 'false' if ( !$disable_thread_sort );
$disable_server_sort = 'false' if ( !$disable_server_sort );
$ask_user_info = 'true' if ( !$ask_user_info );
$use_transparent_security_image = 'true' if ( !$use_transparent_security_image );
$display_imap_login_error = 'false' if ( !$display_imap_login_error );
+$allow_svg_display = 'false' if ( !$allow_svg_display );
+$block_svg_download = 'false' if ( !$block_svg_download );
+$fix_broken_base64_encoded_messages = 'false' if ( !$fix_broken_base64_encoded_messages );
if ( $ARGV[0] eq '--install-plugin' ) {
print "Activating plugin " . $ARGV[1] . "\n";
print "8. Allow use of receipts : $WHT$default_use_mdn$NRM\n";
print "9. Allow editing of identity : $WHT$edit_identity$NRM\n";
print " Allow editing of name : $WHT$edit_name$NRM\n";
+ print " Allow editing of reply-to : $WHT$edit_reply_to$NRM\n";
print " Remove username from header : $WHT$hide_auth_header$NRM\n";
print "10. Disable server thread sort : $WHT$disable_thread_sort$NRM\n";
print "11. Disable server-side sorting : $WHT$disable_server_sort$NRM\n";
print "19. Page referal requirement : $WHT$check_referrer$NRM\n";
print "20. Security image : $WHT" . (lc($use_transparent_security_image) eq 'true' ? 'Transparent' : 'Textual') . "$NRM\n";
print "21. Display login error from IMAP: $WHT$display_imap_login_error$NRM\n";
+ print "22. Show inline SVG objects : $WHT$allow_svg_display$NRM\n";
+ print "23. Block downloading SVG objects: $WHT$block_svg_download$NRM\n";
+ print "24. Fix broken base64 messages : $WHT$fix_broken_base64_encoded_messages$NRM\n";
print "\n";
print "R Return to Main Menu\n";
} elsif ( $menu == 5 ) {
elsif ( $command == 19 ) { $check_referrer = command321(); }
elsif ( $command == 20 ) { $use_transparent_security_image = command322(); }
elsif ( $command == 21 ) { $display_imap_login_error = command323(); }
+ elsif ( $command == 22 ) { $allow_svg_display = command324(); }
+ elsif ( $command == 23 ) { $block_svg_download = command325(); }
+ elsif ( $command == 24 ) { $fix_broken_base64_encoded_messages = command326(); }
} elsif ( $menu == 5 ) {
if ( $command == 1 ) { $use_icons = commandB3(); }
# elsif ( $command == 3 ) { $icon_theme_def = command53(); }
if ( ( $new_edit =~ /^y\n/i ) || ( ( $new_edit =~ /^\n/ ) && ( $default_value eq "y" ) ) ) {
$edit_identity = 'true';
$edit_name = 'true';
- $hide_auth_header = command311b();
+ $edit_reply_to = 'true';
+ $hide_auth_header = command311c();
} else {
$edit_identity = 'false';
$edit_name = command311();
- $hide_auth_header = command311b();
+ $edit_reply_to = command311b();
+ $hide_auth_header = command311c();
}
return $edit_identity;
}
}
sub command311b {
+ print "$NRM";
+ print "\n Given that users are not allowed to modify their
+ email address, can they edit their reply-to address?
+
+ ";
+
+ if ( lc($edit_reply_to) eq 'true' ) {
+ $default_value = "y";
+ } else {
+ $default_value = "n";
+ }
+ print "Allow the user to edit their reply-to address? (y/n) [$WHT$default_value$NRM]: $WHT";
+ $new_edit = <STDIN>;
+ if ( ( $new_edit =~ /^y\n/i ) || ( ( $new_edit =~ /^\n/ ) && ( $default_value eq "y" ) ) ) {
+ $edit_reply_to = 'true';
+ } else {
+ $edit_reply_to = 'false';
+ }
+ return $edit_reply_to;
+}
+
+sub command311c {
print "$NRM";
print "\n SquirrelMail adds username information to every outgoing email in
order to prevent possible sender forging by users that are allowed
+# allow_svg_display (since 1.5.2)
+sub command324 {
+ print "Some email messages might contain SVG images or animations, however\n";
+ print "the power and dynamic nature of SVG objects may represent security or\n";
+ print "privacy vulnerabilities.\n";
+ print "\n";
+ print "Enabling this option will cause SquirrelMail to display any SVG objects\n";
+ print "included inline in email messages when they are viewed in HTML format.\n";
+ print "\n";
+
+ if ( lc($allow_svg_display) eq 'true' ) {
+ $default_value = "y";
+ } else {
+ $default_value = "n";
+ }
+ print "Show inline SVG objects? (y/n) [$WHT$default_value$NRM]: $WHT";
+ $allow_svg_display = <STDIN>;
+ if ( ( $allow_svg_display =~ /^y\n/i ) || ( ( $allow_svg_display =~ /^\n/ ) && ( $default_value eq "y" ) ) ) {
+ $allow_svg_display = 'true';
+ } else {
+ $allow_svg_display = 'false';
+ }
+ return $allow_svg_display;
+}
+
+
+
+# block_svg_download (since 1.5.2)
+sub command325 {
+ print "Some email messages might contain SVG image or animation attachments,\n";
+ print "however even when downloaded, the power and dynamic nature of SVG\n";
+ print "objects may represent security or privacy vulnerabilities.\n";
+ print "\n";
+ print "Enabling this option will cause SquirrelMail to hide download links\n";
+ print "for any SVG objects attached to email messages, whereas disabling it\n";
+ print "will allow users to download such attachments as they see fit.\n";
+ print "\n";
+
+ if ( lc($block_svg_download) eq 'true' ) {
+ $default_value = "y";
+ } else {
+ $default_value = "n";
+ }
+ print "Hide download links for SVG objects? (y/n) [$WHT$default_value$NRM]: $WHT";
+ $block_svg_download = <STDIN>;
+ if ( ( $block_svg_download =~ /^y\n/i ) || ( ( $block_svg_download =~ /^\n/ ) && ( $default_value eq "y" ) ) ) {
+ $block_svg_download = 'true';
+ } else {
+ $block_svg_download = 'false';
+ }
+ return $block_svg_download;
+}
+
+
+
+# fix_broken_base64_encoded_messages (since 1.5.2)
+sub command326 {
+ print "Some email messages might contain base64-encoded parts, and a very\n";
+ print "small number of unknown servers have been seen sending such\n";
+ print "messages in a malformed but recoverable manner.\n";
+ print "\n";
+ print "Enabling this option will cause SquirrelMail to detect and correct\n";
+ print "such messages at a slight cost in processing power. Chances are\n";
+ print "somewhat low that your users would ever receive such messages.\n";
+ print "\n";
+
+ if ( lc($fix_broken_base64_encoded_messages) eq 'true' ) {
+ $default_value = "y";
+ } else {
+ $default_value = "n";
+ }
+ print "Fix broken base64-encoded messages? (y/n) [$WHT$default_value$NRM]: $WHT";
+ $fix_broken_base64_encoded_messages = <STDIN>;
+ if ( ( $fix_broken_base64_encoded_messages =~ /^y\n/i ) || ( ( $fix_broken_base64_encoded_messages =~ /^\n/ ) && ( $default_value eq "y" ) ) ) {
+ $fix_broken_base64_encoded_messages = 'true';
+ } else {
+ $fix_broken_base64_encoded_messages = 'false';
+ }
+ return $fix_broken_base64_encoded_messages;
+}
+
+
+
+####################################################################################
+#### THEMES ####
sub command_userThemes {
print "\nDefine the user themes that you wish to use. If you have added\n";
print "a theme of your own, just follow the instructions (?) about\n";
# boolean
print CF "\$edit_name = $edit_name;\n";
# boolean
+ print CF "\$edit_reply_to = $edit_reply_to;\n";
+ # boolean
print CF "\$hide_auth_header = $hide_auth_header;\n";
# boolean
print CF "\$disable_thread_sort = $disable_thread_sort;\n";
print CF "\$smtp_sitewide_pass = '". quote_single($smtp_sitewide_pass) ."';\n";
# string
print CF "\$imap_auth_mech = '$imap_auth_mech';\n";
- # boolean
+ # integer
print CF "\$use_imap_tls = $use_imap_tls;\n";
- # boolean
+ # integer
print CF "\$use_smtp_tls = $use_smtp_tls;\n";
# boolean
print CF "\$display_imap_login_error = $display_imap_login_error;\n";
# boolean
print CF "\$use_transparent_security_image = $use_transparent_security_image;\n";
+ print CF "\$allow_svg_display = $allow_svg_display;\n";
+ print CF "\$block_svg_download = $block_svg_download;\n";
+ print CF "\$fix_broken_base64_encoded_messages = $fix_broken_base64_encoded_messages;\n";
+
print CF "\n";
# boolean
$domain = "gmail.com";
$imapServerAddress = "imap.gmail.com";
$imapPort = 993;
- $use_imap_tls = true;
+ $use_imap_tls = 1;
$imap_auth_mech = "login";
$smtpServerAddress = "smtp.gmail.com";
$smtpPort = 465;
$pop_before_smtp = false;
$useSendmail = false;
- $use_smtp_tls = true;
+ $use_smtp_tls = 1;
$smtp_auth_mech = "login";
$continue = 1;