eric/mailpit
1
0
Fork 0
mirror of https://github.com/axllent/mailpit.git synced 2026-06-27 22:46:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,847 Commits 2 Branches 191 Tags
deeab9b04c36fa5cd1aef3b8ea72d6f7654d865d
Commit Graph

1847 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Lyapunov Vadim
deeab9b04c Feature: Add wait support to readyz (#697) 2026-06-11 16:32:10 +12:00
Ralph Slooten
78fa3db33e Don't print allowed CORS origins when there are none (empty) 2026-06-11 16:22:24 +12:00
Ralph Slooten
84821d13f9 Release v1.30.1 2026-05-28 22:00:30 +12:00
Ralph Slooten
ed26e0a879 Chore: Update caniemail test database 2026-05-28 21:58:51 +12:00
Ralph Slooten
7ddf44822e Chore: Update node dependencies 2026-05-28 21:58:28 +12:00
Ralph Slooten
baf06b0499 Chore: Update Go dependencies 2026-05-28 21:55:04 +12:00
Ralph Slooten
2ce675cc10 Security: Disable GitHub Actions credential persistence for checkout steps 2026-05-28 21:41:18 +12:00
Ralph Slooten
c1c98442df Security: Do not use npm cache to prevent cache poisoning 2026-05-28 21:36:01 +12:00
Ralph Slooten
3fb1b5e59c Chore: Update Github Action workflows 2026-05-28 21:28:47 +12:00
Ralph Slooten
83a183157d Security: Pin Github Actions workflow versions using full commit SHA 2026-05-28 19:55:08 +12:00
Ralph Slooten
5754c821d3 Security: Extend request body size cap to all JSON API endpoints (GHSA-28pq-6qxg-wg5r) 
The fix for GHSA-fpxj-m5q8-fphw only capped POST /api/v1/send.
Four sibling endpoints (SetReadStatus, DeleteMessages, SetMessageTags,
ReleaseMessage) decoded json.NewDecoder(r.Body) with no size limit,
allowing an unauthenticated attacker to drive unbounded memory growth
via a large IDs array.

Apply a 5 MB cap in middleWareFunc so all current and future API
handlers inherit it automatically. POST /api/v1/send is exempt via a
bodyLimitKey context value set in sendAPIAuthMiddleware, preserving
its existing config.MaxMessageSize (default 50 MB) limit.

Also fix TestAPIv1SendMaxMessageSize, which was broken by a Go 1.26
change: json.Decoder now wraps reader errors in *json.SyntaxError
rather than returning *http.MaxBytesError directly, causing the
errors.As check to miss it and return 400 instead of 413. Reading
the body with io.ReadAll before decoding surfaces the raw error,
restoring correct 413 behaviour on Go 1.25 and 1.26.
 2026-05-28 19:41:32 +12:00
Ralph Slooten
fdf3cde030 Explicitly ignore errors on search text extraction 2026-05-26 16:47:55 +12:00
Ralph Slooten
24f898ac67 Chore: Change log level to Info for database vacuuming message (#688) 2026-05-26 16:46:42 +12:00
Ralph Slooten
93d2222d62 Chore: Enhance schema application logging (#688) 2026-05-24 11:40:39 +12:00
Ralph Slooten
67a7ca83ff Update comments for clarity 
Resolves #687
 2026-05-20 18:01:11 +12:00
Olle Jonsson
4e150d81e4 Fix the Build & release badge (#685) 2026-05-18 20:26:54 +12:00
Ralph Slooten
2cc5168e97 Merge tag 'v1.30.0' into develop 
Release v1.30.0
 2026-05-14 16:59:31 +12:00
Ralph Slooten
af8756a32c Merge branch 'release/v1.30.0' v1.30.0 2026-05-14 16:59:29 +12:00
Ralph Slooten
a9058f40db Release v1.30.0 2026-05-14 16:59:29 +12:00
Ralph Slooten
3b65ee936a Chore: Update caniemail test database 2026-05-14 16:40:11 +12:00
Ralph Slooten
bb81b62357 Chore: Update node dependencies 2026-05-14 16:38:54 +12:00
Ralph Slooten
e27d30bda7 Chore: Update Go dependencies 2026-05-14 16:37:56 +12:00
Ralph Slooten
cae0f638af Enhance sendmail functionality with message size limit and input validation 2026-05-14 16:36:27 +12:00
Ralph Slooten
786f263d32 Chore: Add message ingest max-message-size flag and refactor message handling 2026-05-14 16:24:58 +12:00
Ralph Slooten
8041eac509 Cleanup 2026-05-14 16:23:29 +12:00
Ralph Slooten
b7e4146dbf Chore: Add message dump max-message-size flag and refactor message handling 2026-05-14 16:23:21 +12:00
Ralph Slooten
5ec074208c Use httpClient for HTTP requests in loadIDs and saveMessages functions 2026-05-14 15:13:52 +12:00
Ralph Slooten
b82960928a Fix typo 2026-05-14 15:13:43 +12:00
Ralph Slooten
4ab532b9aa Security: Fix concurrent map read & write in proxy CSS rewriter (GHSA-w4vj-r5pg-3722) 2026-05-14 15:02:07 +12:00
Ralph Slooten
35079d182c Security: Fix for path traversal & arbitrary file write in mailpit dump --http via attacker-controlled message IDs (GHSA-qx5x-85p8-vg4j) 
This fix also adds HTTP data limits to prevent excessively large files being transmitted by an attacker-controlled server (fake Mailpit).
 2026-05-14 15:02:07 +12:00
Ralph Slooten
04c779994b Security: Block internal IP access by default in HTML check (GHSA-j3fj-qppj-fmmc) 
This addresses an incomplete fix for GHSA-6jxm-fv7w-rw5j which did not restrict access to internal IP addresses.
 2026-05-14 15:02:07 +12:00
Ralph Slooten
bcd1bc71ee Security: Include CGNAT (Carrier-Grade NAT) in internal IP checks (GHSA-j3fj-qppj-fmmc) 
CGNAT (Carrier-Grade NAT) is a technique used by ISPs to conserve IPv4 addresses. Instead of assigning a unique public IP to every customer, the ISP places many customers behind a shared NAT, then gives them all addresses from the reserved 100.64.0.0/10 range (RFC 6598) on their internal network.

This means traffic from multiple customers exits through a small pool of public IPs - a second layer of NAT on top of whatever NAT the customer's own router does (hence "double NAT").
 2026-05-14 15:01:36 +12:00
Ralph Slooten
136bdde953 Security: Set a default 50MB p/m limit to prevent DoS via unlimited SMTP DATA and /api/v1/send body sizes (GHSA-fpxj-m5q8-fphw) 
This is a configurable limit (in MB's) which can optionally be disabled by setting it to 0.
 2026-05-12 17:22:00 +12:00
Ralph Slooten
499a543963 Feature: New loading indicator, reduce flash during message transitions (#682) 2026-05-12 15:27:12 +12:00
Ralph Slooten
8b4c9d1267 Update AppAbout.vue: Enhance version notification display for stable and development builds 2026-05-10 10:41:38 +12:00
Ralph Slooten
1cabac31ad Update README.md: Adjust email processing rates and clarify email pruning methods 2026-05-10 10:24:29 +12:00
Ralph Slooten
da7b82378c Build: Tag Docker edge build with next patch versions 2026-05-09 17:55:03 +12:00
Ralph Slooten
0702241fa5 Fix test expectations and handle Strip function return values in html2text tests 2026-05-09 17:26:15 +12:00
Ralph Slooten
8d72191704 Prevent duplicate extraction calls in the extract function 2026-05-09 17:22:51 +12:00
Ralph Slooten
052afdf929 Rename variable for clarity in extract function 2026-05-09 17:22:07 +12:00
Ralph Slooten
c1fbbffded Refactor html2text.Strip to return an error and handle it in storage and tools packages 2026-05-09 17:21:36 +12:00
Ralph Slooten
6e2c42d2bc Improve error handling in autoForwardMessage and ensure proper client closure in createForwardingSMTPClient 2026-05-09 17:16:52 +12:00
Ralph Slooten
da8eb3ece8 Fix: Validate SMTP XCLIENT args before processing 2026-05-09 17:13:22 +12:00
Ralph Slooten
4502cdc358 Handle error in writePump when sending ping messages 2026-05-09 17:06:14 +12:00
Ralph Slooten
fbb63c89dd Chore: Simplify writePump by using WriteMessage and remove unnecessary newline handling 2026-05-09 17:05:22 +12:00
Ralph Slooten
71bd44bbb5 Chore: Ensure websocket connection is closed on client unregistration 2026-05-09 17:02:48 +12:00
Ralph Slooten
b997fff7eb Chore: Refactor Hub to use atomic clientCount for safe concurrent client tracking 2026-05-09 17:01:47 +12:00
Ralph Slooten
034a480a39 Chore: Refactor addMessageTag function to remove mutex and ensure safe concurrent inserts 2026-05-09 16:48:05 +12:00
Ralph Slooten
f575b53854 Chore: Refactor pruneMessages function to eliminate duplicate ID checks using a map 2026-05-09 16:43:40 +12:00
Ralph Slooten
d469aac87c Chore: Optimize MarkRead and MarkUnread functions to reduce database calls and improve performance 2026-05-09 16:40:27 +12:00