Wbl patch

config/config.php.sample

@@ -79,16 +79,16 @@ $conf['amavisd']['spam_release_port'] = '9998';
 $conf['db']['dbType'] = 'mysql';
 
 // Database user who can access the amavisd database
-$conf['db']['dbUser'] = 'user';
+$conf['db']['dbUser'] = 'amavis';
 
 // Password for above user to access the amavisd database
-$conf['db']['dbPass'] = 'pass';
+$conf['db']['dbPass'] = 'minion';
 
 // Name of database
-$conf['db']['dbName'] = 'dbname';
+$conf['db']['dbName'] = 'amavis';
 
 // Database host specification (hostname[:port]) [localhost]
-$conf['db']['hostSpec'] = 'hostname.example.com:3306';
+$conf['db']['hostSpec'] = 'localhost:3306';
 
 // If using the bytea or BLOB mail_text quarantine type set to
 // True. Since amavisd-2.4.4.
@@ -109,7 +109,7 @@ $conf['db']['binquar'] = false;
 	exchange  -> MS Exchange 5.5
 	imap  -> IMAP protocol
 */
-$conf['auth']['serverType'] = 'ldap';
+$conf['auth']['serverType'] = 'imap';
 
 
 /*** LDAP Authentication Settings ***/
@@ -252,7 +252,7 @@ $conf['auth']['exch_domain'] = '';
 
 /*** IMAP Authentication Settings ***/
 // List of IMAP servers and ports (e.g.: 10.1.1.20:143)
-$conf['auth']['imap_hosts'] = array( 'imaphost.example.com:143' );
+$conf['auth']['imap_hosts'] = array( 'localhost:993' );
 
 // IMAP type
 /* Options are:
@@ -262,10 +262,10 @@ $conf['auth']['imap_hosts'] = array( 'imaphost.example.com:143' );
 	imapcert -> use the Secure Socket Layer to encrypt the session,
 		    do not validate certificates from TLS/SSL server, needed if server uses self-signed certificates
 */
-$conf['auth']['imap_type'] = 'imapssl';
+$conf['auth']['imap_type'] = 'imapcert';
 
 // Domain name part of the email address, (e.g.: example.com)
-$conf['auth']['imap_domain_name'] = 'example.com';
+$conf['auth']['imap_domain_name'] = 'husku.net';
 
 
 /**
@@ -291,7 +291,13 @@ $conf['auth']['imap_domain_name'] = 'example.com';
 // List of Super Admins
 // Super Admins can do anything mail admins can plus
 // change settings
-$conf['auth']['s_admins'] = array ('user1', 'user2');
+$conf['auth']['s_admins'] = array ('husku');
+
+// List of Mail Admins
+// Mail Admins can see other users' spam and attachments
+// and can perform any action on them
+$conf['auth']['m_admins'] = array ('');
+
 
 // List Of Domain Admins
 // List of usernames that can control whole domain they belong to
@@ -300,10 +306,6 @@ $conf['auth']['s_admins'] = array ('user1', 'user2');
 //     administer all quarantines under porche.com and lambo.com
 $conf['auth']['d_admins'] = array ('john');
 
-// List of Mail Admins
-// Mail Admins can see other users' spam and attachments
-// and can perform any action on them
-$conf['auth']['m_admins'] = array ();
 
 // User login restriction (Does not affect admins)
 // If set to true, users will not be able to login. This is if you do
@@ -334,7 +336,7 @@ $conf['ui']['welcome'] = 'Welcome to MailZu!';
 
 // The full url to the root directory of MailZu
 // Please do not include the trailing slash
-$conf['app']['weburi'] = 'https://mailzuhost.example.com/mailzu';
+$conf['app']['weburi'] = 'http://husku.net/mailzu';
 
 // How to send email ['mail']
 /* Options are:
@@ -343,11 +345,11 @@ $conf['app']['weburi'] = 'https://mailzuhost.example.com/mailzu';
         'sendmail' for sendmail
         'qmail' for qmail MTA
 */
-$conf['app']['emailType'] = 'mail';
+$conf['app']['emailType'] = 'smtp';
 
 // SMTP email host address []
 // This is only required if emailType is SMTP
-$conf['app']['smtpHost'] = '';
+$conf['app']['smtpHost'] = 'localhost';
 
 // SMTP port [25]
 // This is only required if emailType is SMTP
@@ -370,7 +372,7 @@ $conf['recipient_delimiter'] = '';
 // The email addresses of the support staff and/or administrator
 // An email is sent to these addresses when a user reports an error
 // or clicks the "Email Administrator" link
-$conf['app']['adminEmail'] = array('support@example.com');
+$conf['app']['adminEmail'] = array('husku@husku.net');
 
 // Email admin upon Release Request
 // When users try to release a banned file a request is sent to an
@@ -388,7 +390,7 @@ $conf['app']['notifyAdmin'] = 0;
 // with releasing attachments. Default is 1 (show link).
 //
 // $conf['app']['showEmailAdmin'] = 0;
-$conf['app']['showEmailAdmin'] = 1;
+$conf['app']['showEmailAdmin'] = 0;
 
 // Site Quarantine Summary display toggle.
 // Enable and display the "Site Quarantine Summary" link for admins.
@@ -397,10 +399,8 @@ $conf['app']['showEmailAdmin'] = 1;
 // $conf['app']['siteSummary'] = 1
 $conf['app']['siteSummary'] = 1;
 
-// Enable/Disable Domain Quarantine Summary
 $conf['app']['domainSummary'] = 1;
 
-
 // Show Site Quarantine in search only mode if set to 1.
 // No message is displayed when clicking on 'Site quarantine'.
 // Keep the default for for large sites.
@@ -453,11 +453,19 @@ $conf['app']['allowBadHeaders'] = 0;
 // Virues are treated like Banned files and are placed 
 // in the Pending Requests and require Admin release
 // $conf['app']['allowViruses'] = 0
-$conf['app']['allowViruses'] = 0;
+$conf['app']['allowViruses'] = 1;
 
 // Allow users to search by Mailid
 // $conf['app']['allowMailid'] = 0
 $conf['app']['allowMailid'] = 0;
 
+// if set to true mailzu will generate users
+// automatically when whitelisting. when false, mailzu
+// will whitelist to whole domain if user does not
+// exist it amavis.users table
+$conf['app']['autocreate_wbl_users'] = true;
+$conf['app']['release_when_listing'] = true;
+$conf['app']['delete_when_listing'] = true;
+
 include_once('init.php');
 ?>

lang/en_GB.lang.php

@@ -266,6 +266,7 @@ $strings['Message Unavailable'] = 'Message Unavailable';
 $strings['My Quarantine'] = 'My Quarantine';
 $strings['Site Quarantine'] = 'Site Quarantine';
 $strings['Message Processing'] = 'Message Processing';
+$strings['Rules Processing'] = 'Rules Processing';
 $strings['Quarantine Summary'] = 'Quarantine Summary';
 $strings['Site Quarantine Summary'] = 'Site Quarantine Summary';
 $strings['Login'] = 'Login';
@@ -277,6 +278,14 @@ $strings['bad header(s)'] = 'bad header(s)';
 $strings['You have to type some text'] = 'You have to type some text';
 $strings['Release'] = 'Release';
 $strings['Release/Request release'] = 'Release/Request release';
+$strings['Whitelist by strict addressing'] = 'Whitelist by strict addressing';
+$strings['Whitelist by sender domain'] = 'Whitelist by sender domain';
+$strings['Whitelist by recipient domain'] = 'Whitelist by recipient domain';
+$strings['Whitelist by both domains'] = 'Whitelist by both domains';
+$strings['Blacklist by strict addressing'] = 'Blacklist by strict addressing';
+$strings['Blacklist by sender domain'] = 'Blacklist by sender domain';
+$strings['Blacklist by recipient domain'] = 'Blacklist by recipient domain';
+$strings['Blacklist by both domains'] = 'Blacklist by both domains';
 $strings['Request release'] = 'Request release';
 $strings['Delete'] = 'Delete';
 $strings['Delete All'] = 'Delete All';
@@ -319,4 +328,9 @@ $strings['Total'] = 'Total';
 $strings['X-Amavis-Alert'] = 'X-Amavis-Alert';
 $strings['Loading Summary...'] = 'Loading Summary...';
 $strings['Retrieving Messages...'] = 'Retrieving Messages...';
+$strings['Showing rules'] = "Showing rules%s through %s    (%s total)\r\n";
+$strings['Rule'] = 'Rule';
+$strings['My rules'] = 'My Rules';
+$strings['Site Rules'] = 'Site Rules';
+$strings['Search for rules whose:'] = 'Search for rules whose:';
 ?>

lang/en_US.lang.php

@@ -258,19 +258,21 @@ $strings['Date'] = 'Date';
 $strings['Score'] = 'Score';
 $strings['Mail ID'] = 'Mail ID';
 $strings['Status'] = 'Status';
+$strings['Rule'] = 'Rule';
 $strings['Print'] = 'Print';
 $strings['CloseWindow'] = 'Close';
 $strings['Unknown server type'] = 'Unknown server type ...';
 $strings['Showing messages'] = "Showing messages %s through %s    (%s total)\r\n";
+$strings['Showing rules'] = "Showing rules %s through %s    (%s total)\r\n";
 $strings['View this message'] = 'View this message';
 $strings['Message Unavailable'] = 'Message Unavailable';
 $strings['My Quarantine'] = 'My Quarantine';
 $strings['Domain Quarantine'] = 'Domain Quarantine';
 $strings['Site Quarantine'] = 'Site Quarantine';
 $strings['Message Processing'] = 'Message Processing';
+$strings['Rules Processing'] = 'Rules Processing';
 $strings['Quarantine Summary'] = 'Quarantine Summary';
 $strings['Site Quarantine Summary'] = 'Site Quarantine Summary';
-$strings['Domain Quarantine Summary'] = 'Domain Quarantine Summary';
 $strings['Login'] = 'Login';
 $strings['spam(s)'] = 'spam(s)';
 $strings['attachment(s)'] = 'attachment(s)';
@@ -281,6 +283,16 @@ $strings['You have to type some text'] = 'You have to type some text';
 $strings['Release'] = 'Release';
 $strings['Release/Request release'] = 'Release/Request release';
 $strings['Request release'] = 'Request release';
+$strings['Whitelist'] = 'Whitelist';
+$strings['Whitelist by strict addressing'] = 'Whitelist by strict addressing';
+$strings['Whitelist by sender domain'] = 'Whitelist by sender domain';
+$strings['Whitelist by recipient domain'] = 'Whitelist by recipient domain';
+$strings['Whitelist by both domains'] = 'Whitelist by both domains';
+$strings['Blacklist'] = 'Blacklist';
+$strings['Blacklist by strict addressing'] = 'Blacklist by strict addressing';
+$strings['Blacklist by sender domain'] = 'Blacklist by sender domain';
+$strings['Blacklist by recipient domain'] = 'Blacklist by recipient domain';
+$strings['Blacklist by both domains'] = 'Blacklist by both domains';
 $strings['Delete'] = 'Delete';
 $strings['Delete All'] = 'Delete All';
 $strings['Send report and go back'] = 'Send report and go back';
@@ -289,7 +301,6 @@ $strings['Select All'] = "Select All";
 $strings['Clear All'] = "Clear All";
 $strings['Access Denied'] = "Access Denied";
 $strings['My Pending Requests'] = "My Pending Requests";
-$strings['Domain Pending Requests'] = "Domain Pending Requests";
 $strings['Site Pending Requests'] = "Site Pending Requests";
 $strings['Cancel Request'] = "Cancel Request";
 $strings['User is not allowed to login'] = "User is not allowed to login";
@@ -323,4 +334,11 @@ $strings['Total'] = 'Total';
 $strings['X-Amavis-Alert'] = 'X-Amavis-Alert';
 $strings['Loading Summary...'] = 'Loading Summary...';
 $strings['Retrieving Messages...'] = 'Retrieving Messages...';
+$strings['Domain Quarantine Summary'] = 'Domain Quarantine Summary';
+$strings['Domain Pending Requests'] = "Domain Pending Requests";
+$strings['Showing rules'] = "Showing rules%s through %s    (%s total)\r\n";
+$strings['Rule'] = 'Rule';
+$strings['My rules'] = 'My Rules';
+$strings['Site Rules'] = 'Site Rules';
+$strings['Search for rules whose:'] = 'Search for rules whose:';
 ?>

lib/CmnFns.class.php

@@ -623,6 +623,17 @@ class CmnFns {
                 return $result;
         }
 
+	/**
+        * Gets the 'wb_action' value
+        * @param none
+        * @return value
+        */
+        function get_wb_action($get_name = 'wb_action') {
+                // If there isnt one set, return NULL
+                $result = (isset($_POST[$get_name])) ? $_POST[$get_name] : NULL;
+                return $result;
+        }
+	
 	/**
         * Gets the 'query_string' value
         * @param none
@@ -704,5 +715,62 @@ class CmnFns {
                        	echo "parent.location.href = '" . $location . "';";
         		echo "</SCRIPT>";
 	}
+	
+	
+	
+	/**
+	* Generate HTML for search engine
+	* @param $content_type: 'B' (attachment) or 'S' (spam)
+	*/
+	function rulesSearchEngine($content_type, $submit_page) {
+		global $conf;
+
+		$fields_array = array("f" => translate('From'), "t" => translate('To'));
+
+		?>	
+		<table border=0 width="100%">
+		<form action="<? echo $submit_page ?>" method="get" name="wblist">
+
+			<tr><td colspan=2 align="center"><? echo translate('Search for rules whose:'); ?>&nbsp;</td></tr>
+			<tr><td align="right">&nbsp;
+		<?
+			$i = 1;
+			$array_size = count($fields_array);
+			foreach ($fields_array as $k => $name) {
+				echo "\t\t\t$name: \n";
+				echo "\t\t\t<select name='" . $k . "_criterion' class='button'>\n";
+				echo "\t\t\t<option value='contains'";
+				echo "contains" == CmnFns::getGlobalVar($k . '_criterion', GET) ? " selected='true'>" : ">";
+				echo translate('contains') . "</option>\n";
+				echo "\t\t\t<option value='not_contain'";
+				echo "not_contain" == CmnFns::getGlobalVar($k . '_criterion', GET) ? " selected='true'>" : ">";
+				echo translate('doesn\'t contain') . "</option>\n";
+				echo "\t\t\t<option value='equals'";
+				echo "equals" == CmnFns::getGlobalVar($k . '_criterion', GET) ? " selected='true'>" : ">";
+				echo translate('equals') . "</option>\n";
+				echo "\t\t\t<option value='not_equal'";
+				echo "not_equal" == CmnFns::getGlobalVar($k . '_criterion', GET) ? " selected='true'>" : ">";
+				echo translate('doesn\'t equal') . "</option>\n";
+				echo "\t\t\t</select>\n";
+				echo "\t\t\t<input type='text' name='" . $k . "_string' size='20' value='"
+					. CmnFns::getGlobalVar($k . '_string', GET) . "' />\n";
+				echo ($i % 2) ? "\t\t\t&nbsp;</td>\n\t\t\t<td align='left'>&nbsp\n" : "\t\t\t&nbsp;</td></tr>\n\t\t\t<tr><td align='right'>&nbsp\n";
+				$i ++;
+			}
+			
+			$i ++;
+			echo ($i % 2) ? "&nbsp;</td></tr>\n\t\t\t<tr><td colspan='2' align='center'>&nbsp\n" : "&nbsp;</td><td align='left'>&nbsp";
+			?>
+			<input type="submit" class="button" name="search_action" value="<? echo translate('Search'); ?>" />
+			<? if (CmnFns::didSearch()) 
+				echo "<input type=\"submit\" class=\"button\" name=\"search_action\" value=\"" . translate('Clear search results') . "\" />";
+			?>
+			&nbsp;</td></tr>
+		</form>
+		</table>
+		<?
+
+	}
+	
 }
 ?>

lib/DBEngine.class.php

@@ -113,7 +113,6 @@ class DBEngine {
 		$this->db = $db;
 	}
 
-
 	/**
 	* Return counts for spam, banned, viruses, bad headers, and pending
 	* @return array of the 5 counts
@@ -222,8 +221,6 @@ class DBEngine {
 		return $return;
 	}
 	
-	
-	
 	// User methods -------------------------------------------	
 
 	/**
@@ -350,6 +347,7 @@ class DBEngine {
 		return $return;
 	}
 
+
 	/**
 	* Return all message in quarantine associated with $emailaddress
 	* @param string $content_type message type ('B', 'S', ...)
@@ -435,6 +433,7 @@ class DBEngine {
 					$search_clause
 					AND msgs.quar_type <> ''
 					ORDER BY $order $vert ";
+
 		// Prepare query
 		$q = $this->db->prepare($query);
 
@@ -771,6 +770,214 @@ class DBEngine {
 		return "($result)";
 	}
 
+
+	/**
+	* Fetch amavis userid according to email address,
+	* if not found, then it returns domain-id or
+	* creates user record and retrieves new id
+	* @param string $recip_email
+	* @return string containing user / domain id
+	*/
+	function mail2userid($recip_email, $domain_only = false) {
+		global $conf;
+		/*
+		1) Return user-id from amavis.users that corresponds to $recip_email
+		  # select id from users where email = $recip_email limit 1;
+		*/
+		$query = 'select id from users where email = ? limit 1;';
+
+		if ($domain_only) {
+			$recip_email = substr($recip_email,strpos($recip_email,"@"));
+		}
+		
+		// Query
+		$q = $this->db->prepare($query);
+		$result = $this->db->execute($q, array($recip_email));
+		$this->check_for_error($result, $query); 
+	
+		if ($result->numRows() == 1) {
+			$return = $result->fetchRow();
+			return $return['id'];
+		} else if ($result->numRows() == 0
+				  && strpos($recip_email,"@")) {
+			
+			// this result set is no longer needed
+			$result->free();
+			
+			$create_or_use_domain = false;
+			
+			if (!$conf['app']['autocreate_wbl_users']) {
+				/* If user-id was not found, then we fetch/return the domain id */
+				return $this->mail2userid(substr($recip_email,strpos($recip_email,"@")));
+				
+			} else {
+				/*
+				  this should handle creation of user records, but im not sure what to
+				  do about email aliases...
+				  
+				  1. Fetch domain policy_id, priority, local */
+				  $query = 'select priority, policy_id, ("'.$recip_email.'") AS email, local from users where email = ? limit 1;';
+				  $q = $this->db->prepare($query);
+				  $result = $this->db->execute($q, array(substr($recip_email,strpos($recip_email,"@"))));
+				  $this->check_for_error($result, $query);
+				  $policy = $result->fetchRow();
+				/*
+				  2. Insert new user
+				*/
+				  $query = 'insert into users (priority, policy_id, email, fullname, local) values (?, ?, ?, "mailzu autocreated user", ?);';
+				  $q = $this->db->prepare($query);
+				  $result = $this->db->execute($q, $policy);
+				  $this->check_for_error($result, $query);
+				  return $this->mail2userid($recip_email);
+			}
+			
+		} else if (strpos($recip_email,"@") == 0) {
+			return 0;
+		}
+		
+	}
+
+
+
+	//function wblist($flag, $r, $mail_id) {
+	function mailid2sid($mail_id, $domain_only = false) {
+		/**
+		return sender id from mailaddr for whitelisting purposes	
+		*/
+		
+		$query = 
+		'SELECT mailaddr.id AS sid, '
+			.($domain_only ? 'SUBSTRING(maddr.email, INSTR(maddr.email, "@")) AS email' : 'maddr.email AS email')
+		.' FROM msgs'
+		.' LEFT JOIN maddr ON msgs.sid=maddr.id'
+		.' LEFT JOIN mailaddr ON '.($domain_only ? 'SUBSTRING(maddr.email, INSTR(maddr.email, "@"))' : 'maddr.email').'=mailaddr.email'
+		.' WHERE mail_id = ?'
+		. 'LIMIT 1;';
+		
+		$q = $this->db->prepare($query);
+		$result = $this->db->execute($q, array($mail_id));
+		$this->check_for_error($result, $query); 
+		$row = $result->fetchRow();
+		
+		if ($row['sid'] > 0) {
+			return $row['sid'];
+		} else {
+			$query = 'INSERT INTO mailaddr (priority, email) VALUES (5, ?);';
+			$q = $this->db->prepare($query);
+			$result = $this->db->execute($q, array($row['email']));
+			$this->check_for_error($result, $query);
+			$query = 'SELECT id FROM mailaddr WHERE email LIKE ?;';
+			$q = $this->db->prepare($query);
+			$result = $this->db->execute($q, array($row['email']));
+			$this->check_for_error($result, $query);
+			$row = $result->fetchRow();
+			return $row['id'];
+		}
+
+	}
+	
+	function wbinsert($wb, $rid, $sid) {
+		/**
+		   check for existence of the wb-listing rule.
+		   insert/update wblist entry with approriate flag and id:s.
+		*/
+
+		$query = 'select wb from wblist where rid = ? and sid = ? limit 1;';
+		$q = $this->db->prepare($query);
+		$result = $this->db->execute($q, array($rid,$sid));
+		$this->check_for_error($result, $query); 
+		
+		if (is_array($result->fetchRow())) {
+			$query = 'update wblist set wb = ? where rid = ? and sid = ? limit 1;';
+		} else {
+			$query = 'insert into wblist (wb, rid, sid) values (?, ?, ?);';
+		}
+		$q = $this->db->prepare($query);
+		$result = $this->db->execute($q, array($wb,$rid,$sid));
+		$this->check_for_error($result, $query); 
+		
+	}
+
+	function wbdelete($wb, $rid, $sid) {
+		$query = "DELETE FROM wblist WHERE wb=? AND rid=? AND sid=? LIMIT 1;";
+		// Prepare query
+                $q = $this->db->prepare($query);
+                // Execute query
+                $result = $this->db->execute($q, array($wb,$rid,$sid));
+                // Check if error
+                $this->check_for_error($result, $query); 
+       }
+       
+       
+	/**
+	* Return all wblist entries associated with $emailaddresses
+	* used to delete wblist entries
+	*/
+
+	function get_user_control_list( $emailaddresses, $order = 'sender', $vert = 'ASC', $search_array, $page, $all = false) {
+		global $conf;
+		$return = Array();
+		
+		// grab the display size limit set in config.php
+		$sizeLimit = (isset ( $conf['app']['displaySizeLimit'] ) && is_numeric( $conf['app']['displaySizeLimit'] ) ?
+												 $conf['app']['displaySizeLimit'] : 50);
+							
+		if (is_array($search_array)) {
+			$search_clause = "";
+			foreach($search_array as $filter) {
+					$search_clause .= ' AND ' . $filter;
+				}
+		}
+					 
+		if ( !$all ) {
+			// Get where clause for recipient email address(es)
+			$recipEmailClause =  $this->convertEmailaddresses2SQL($emailaddresses);
+		} else {
+			$recipEmailClause = 1; // palikka hakee kaikki, milloin tukee domaineja, no domain patsissa tietty!
+		}
+		$query = "
+			SELECT mailaddr.email AS sender,
+				recip.email AS recipient,
+				wblist.wb AS rule,
+				mailaddr.id AS sender_id,
+				recip.id AS recip_id
+			FROM wblist
+				LEFT JOIN mailaddr ON wblist.sid=mailaddr.id
+				LEFT JOIN users AS recip ON wblist.rid=recip.id
+			WHERE $recipEmailClause $search_clause
+			ORDER BY $order $vert;
+		";
+		
+		//. ($msgs_all ? ' ' : $emailaddr_clause)
+		
+		// Prepare query
+		$q = $this->db->prepare($query);
+		// Execute query
+		$result = $this->db->execute($q);
+		// Check if error
+		$this->check_for_error($result, $query); 
+			
+		$this->numRows = $result->numRows();
+		
+		// the row to start fetching
+		$from = $page * $sizeLimit;
+		// how many results per page
+		$res_per_page = $sizeLimit;
+		// the last row to fetch for this page
+		$to = $from + $res_per_page - 1;
+		foreach (range($from, $to) as $rownum) {
+			if (!$row = $result->fetchrow(DB_FETCHMODE_ASSOC, $rownum)) {
+				break;
+			}
+			$return[] = $this->cleanRow($row);
+		}
+
+		
+		$result->free();
+
+		return $return;
+       }
+
 }
 
 ?>

lib/Quarantine.lib.php

@@ -294,6 +294,65 @@ function updateMessages($flag, $content_type, $emailaddresses, $mail_id_array, $
 	return $result_array;
 }
 
+/**
+* Update white/blaclist function
+* @param string $flag 'W', 'B'
+* @param array $emailaddresses recipient email address(es)
+* @param array $mail_id_array containing mail_id of messages to be whitelisted
+* @result return array of messages whose release failed 
+*/
+function updateWblist($flag, $emailaddresses, $mail_id_array, $action) {
+
+	$result_array = array();
+	$db = new DBEngine();
+
+	$i = 0;
+
+	foreach ($mail_id_array as $mail_id_recip) {
+	
+		// Get mail_id and recipient email address
+		$temp = preg_split('/_/', $mail_id_recip, 2);
+		$mail_id = $temp[0];
+		$recip_email = $temp[1];
+
+		// Check if logged in user is admin or logged in user is trying to delete his own messages
+		if ( Auth::isMailAdmin() || in_array($recip_email, $emailaddresses) ) {
+			switch ($action) {
+				case translate('Whitelist by strict addressing'):
+				case translate('Blacklist by strict addressing'):
+						$rid = $db->mail2userid($recip_email);
+						$sid = $db->mailid2sid($mail_id);
+						$db->wbinsert($flag, $rid, $sid);
+					break;
+				case translate('Whitelist by sender domain'):
+				case translate('Blacklist by sender domain'):
+						$rid = $db->mail2userid($recip_email);
+						$sid = $db->mailid2sid($mail_id, true );
+						$db->wbinsert($flag, $rid, $sid);
+					break;
+				case translate('Whitelist by recipient domain'):
+				case translate('Blacklist by recipient domain'):
+						$rid = $db->mail2userid($recip_email, true);
+						$sid = $db->mailid2sid($mail_id);
+						$db->wbinsert($flag, $rid, $sid);
+					break;
+				case translate('Whitelist by both domains'):
+				case translate('Blacklist by both domains'):
+						$rid = $db->mail2userid($recip_email, true);
+						$sid = $db->mailid2sid($mail_id, true);
+						$db->wbinsert($flag, $rid, $sid);
+					break;
+			}
+	
+		} else {
+			continue;
+		}
+		
+	}
+
+	// Return array of messages whose release failed
+	return $result_array;
+}
 
 /**
 * Function that sends:

messagesProcessing.php

@@ -13,6 +13,7 @@
 /**
 * Include Template class
 */
+
 include_once('lib/Template.class.php');
 /**
 * Include Quarantine functions 
@@ -40,13 +41,15 @@ $t = new Template(translate('Message Processing'));
 $t->printHTMLHeader();
 $t->printWelcome();
 $t->startMain();
-
 // Break table into 2 columns, put quick links on left side and all other tables on the right
 startQuickLinksCol();
 showQuickLinks();		// Print out My Quick Links
 startDataDisplayCol();
+global $conf;
 
 $action = CmnFns::get_action();
+$w_action = CmnFns::get_wb_action('w_action');
+$b_action = CmnFns::get_wb_action('b_action');
 $content_type = CmnFns::get_ctype();
 $query_string = CmnFns::get_query_string();
 $mail_id_array = CmnFns::getGlobalVar('mail_id_array', POST);
@@ -86,10 +89,12 @@ if ( ! isset($mail_id_array) && $action != translate('Delete All') )
 	printNoMesgWarning();
 
 elseif ( isset( $action ) ) {
-
 	switch ( $action ) {
 		case translate('Release'):
 		case translate('Release/Request release'):
+			if ($w_action != "" ) {
+				updateWblist('W', $_SESSION['sessionMail'], $mail_id_array, $w_action);
+			}
 			$failed_array = releaseMessages($_SESSION['sessionMail'], $mail_id_array);
 			if ( is_array($failed_array) && !empty($failed_array) ) {
 				showFailedMessagesTable($action, $content_type, $failed_array);
@@ -109,7 +114,11 @@ elseif ( isset( $action ) ) {
 				CmnFns::redirect_js($referral . '?' . $query_string);
 			}
 			break;
+			
 		case translate('Delete'):
+			if ($b_action != "" ) {
+				updateWblist('B', $_SESSION['sessionMail'], $mail_id_array, $b_action);
+			}			
 			$failed_array = updateMessages('D', $content_type, $_SESSION['sessionMail'], $mail_id_array);
 			if ( is_array($failed_array) && !empty($failed_array) ) {
 				showFailedMessagesTable($action, $content_type, $failed_array);

templates/common.template.php

@@ -68,6 +68,11 @@ function showQuickLinks() {
 			" <p><b>&#8250;</b>\t";
               	$link->doLink('messagesIndex.php?ctype=A', translate('My Quarantine'));
             	echo '</p>';
+		echo "My rules" == $_SESSION['sessionNav'] ? 
+			' <p class="selectedLink"><b>&raquo;</b>':
+			" <p><b>&#8250;</b>\t";
+              	$link->doLink('rulesIndex.php', translate('My rules'));
+            	echo '</p>';
 		if (! Auth::isMailAdmin()) {	
 		  echo "My Pending Requests" == $_SESSION['sessionNav'] ?
                       ' <p class="selectedLink"><b>&raquo;</b>':
@@ -120,6 +125,11 @@ function showQuickLinks() {
                         " <p><b>&#8250;</b>\t";
                   $link->doLink('messagesPendingAdmin.php?ctype=A', translate('Site Pending Requests'));
 		  echo '</p>';
+		  echo "Site Rules" == $_SESSION['sessionNav'] ?
+                        ' <p class="selectedLink"><b>&raquo;</b>':
+                        " <p><b>&#8250;</b>\t";
+                  $link->doLink('rulesAdmin.php', translate('Site Rules'));
+		  echo '</p>';
 		  echo '<br>';
 		}  
     if ((! Auth::isMailAdmin() && ! Auth::isDomainAdmin()) && ($conf['app']['showEmailAdmin'])) {
@@ -205,33 +215,74 @@ function endDataDisplayCol() {
 <?
 }
 
+/**
+* Print Delete button for Control List Index
+*/
+function printControlButtons() {
+	echo '<table width="100%" border="0" cellspacing="1" cellpadding="0">';
+	echo '<tr>';
+	echo '<td align="right">';
+	echo '<input type="submit" class="button" name="action" value="'.translate('Delete').'">';
+	echo '</td>';
+	echo '</tr>';
+	echo '</table>';
+}
+
+
 /**
 * Print 'Release', 'Delete' and 'Delete All' buttons 
 * @param string $content_type: 'S' (default), 'B', ...
 * @param bool $printDeleteAll: if true (default) print 'Delete All' button
 */
-function printActionButtons( $printDeleteAll = true ) {
+function printActionButtons( $printDeleteAll = true,  $wbselect = true ) {
 ?>
 <table width="100%" border="0" cellspacing="1" cellpadding="0">
 <tr>
 <? 
-	echo "<td align=\"left\"><input type=\"submit\" class=\"button\" name=\"action\" value=\"";
+	echo "<td align=\"left\">";
+	if (Auth::isMailAdmin()) {
+		if ($wbselect) {
+			echo '<select name="w_action" class="button">';
+			echo '<option value="">Extra options</option>';
+			echo '<option value="'.translate('Whitelist by strict addressing').'">'.translate('Whitelist by strict addressing').'</option>';
+			echo '<option value="'.translate('Whitelist by sender domain').'">'.translate('Whitelist by sender domain').'</option>';
+			echo '<option value="'.translate('Whitelist by recipient domain').'">'.translate('Whitelist by recipient domain').'</option>';
+			echo '<option value="'.translate('Whitelist by both domains').'">'.translate('Whitelist by both domains').'</option>';
+			echo '</select>';
+		}
+	} else {
+		echo '<input type="submit" class="button" name="action" value="'.translate('Whitelist').'" />';
+	}	
+	echo "<input type=\"submit\" class=\"button\" name=\"action\" value=\"";
 	if ($_SESSION['sessionNav'] == "My Pending Requests") {
-		echo ( Auth::isMailAdmin()|| Auth::isDomainAdmin() ? translate('Release') : translate('Cancel Request') );
+		echo ( Auth::isMailAdmin() ? translate('Release') : translate('Cancel Request') );
-		
+	} else {
+		echo ( Auth::isMailAdmin() ? translate('Release') : translate('Release/Request release') );
+	}
+	echo "\" />";
+	echo '</td>';
+	
+	echo '<td align="right">';
+	if (Auth::isMailAdmin()) {
+		if ($wbselect) {
+			echo '<select name="b_action" class="button">';
+			echo '<option value="">Extra options</option>';
+			echo '<option value="'.translate('Blacklist by strict addressing').'">'.translate('Blacklist by strict addressing').'</option>';
+			echo '<option value="'.translate('Blacklist by sender domain').'">'.translate('Blacklist by sender domain').'</option>';
+			echo '<option value="'.translate('Blacklist by recipient domain').'">'.translate('Blacklist by recipient domain').'</option>';
+			echo '<option value="'.translate('Blacklist by both domains').'">'.translate('Blacklist by both domains').'</option>';
+			echo '</select>';
+		}
 	} else {
 		echo ( Auth::isMailAdmin() || Auth::isDomainAdmin() ? translate('Release') : translate('Release/Request release') );
 	}
-	echo "\"></td>";
+	echo '<input type="submit" class="button" name="action" value="'.translate('Delete').'" />';
-?>
+ 	if ( $printDeleteAll )
-	<td align="right"><input type="submit" class="button" name="action" value="<? echo translate('Delete'); ?>">
+		echo "<input type=\"submit\" class=\"button\" name=\"action\" value=\"".translate('Delete All')."\" />";
-<? 	if ( $printDeleteAll )
+	echo '</td>';
-		echo "<input type=\"submit\" class=\"button\" name=\"action\" value=\"".translate('Delete All')."\">";
+echo '</tr>';
-?>
+echo '</table>';
-	</td>
+
-</tr>
-</table>
-<?
 }
 
 /**

templates/quarantine.template.php

@@ -206,8 +206,7 @@ function showMessagesTable($content_type, $res, $page, $order, $vert, $numRows =
 		<? // Draw 'Select All, Clear All' and multi pages links 
 		printSelectAndPager($pager_html);
 		// Draw 'Release', 'Delete' and 'Delete All' buttons
-// 		printActionButtons((! CmnFns::didSearch() && ! ("Site Quarantine" == $_SESSION['sessionNav'])) );
+		printActionButtons((! CmnFns::didSearch() && ! ("Site Quarantine" == $_SESSION['sessionNav']) && !("Domain Quarantine" == $_SESSION['sessionNav'])), 0);
-		printActionButtons((! CmnFns::didSearch() && ! ("Site Quarantine" == $_SESSION['sessionNav']) && !("Domain Quarantine" == $_SESSION['sessionNav'])) );
 
 		unset($res); ?>
 
@@ -218,6 +217,105 @@ function showMessagesTable($content_type, $res, $page, $order, $vert, $numRows =
 		echo '</table>';
 	}
 
+}
+
+/**
+* Print White/Black Listing rules table
+* $param $list
+*/
+
+function showRulesTable($list, $page = 0, $order = "sender", $vert = "ASC", $numRows = 0) {
+	global $conf;
+	global $link;
+	
+	// grab the display size limit set in config.php
+	$sizeLimit = isset ( $conf['app']['displaySizeLimit'] ) && is_numeric( $conf['app']['displaySizeLimit'] ) ?
+			$conf['app']['displaySizeLimit'] : 50;
+
+	if ('ASC' == $vert) {
+		$new_vert = 'DESC';
+		$mouseover_text = translate('Sort by descending order');
+	} else {
+		$new_vert='ASC';
+		$mouseover_text = translate('Sort by ascending order');
+	}
+	
+	if ( is_array($list) ) {
+       		$count = $numRows;
+		$start_entry = 0;
+		$end_entry = count($list);
+		$query_string = $_SERVER['QUERY_STRING'];
+
+		$pager_html = ( $count > $sizeLimit ) ? CmnFns::genMultiPagesLinks( $page, $sizeLimit, $count) : '';
+		
+		
+		echo '<form name="messages_process_form" action="rulesProcessing.php" method="POST">';
+		echo '<input type="hidden" name="ctype" value="'.$content_type.'">';
+		echo '<input type="hidden" name="query_string" value="'.$query_string.'">';
+		
+		// Draw 'Release', 'Delete' and 'Delete All' buttons 
+		//printActionButtons((! CmnFns::didSearch() && ! ("Site Quarantine" == $_SESSION['sessionNav'])) );
+		// printControlButtons();
+		
+		// Draw 'Select All, Clear All' and multi pages links 
+		printSelectAndPager($pager_html);
+	 
+        	flush();
+		
+		echo '<table width="100%" border="0" cellspacing="0" cellpadding="1" align="center">';
+		echo '<tr>';
+		echo '<td class="tableBorder">';
+			echo '<table width="100%" border="0" cellspacing="1" cellpadding="0">';
+			echo '<tr>';
+				echo '<td colspan="5" class="tableTitle">'
+					.translate('Showing rules',
+						array( number_format($page*$sizeLimit+1), number_format($page*$sizeLimit+$end_entry), $count ));
+				echo '</td>';
+				echo '<td class="tableTitle">';
+					echo '<div align="right"></div>';
+				echo '</td>';
+			echo '</tr>';
+			echo '</table>';
+			
+             	echo '<table width="100%" border="0" cellspacing="1" cellpadding="0">';
+		echo '<tr class="rowHeaders">';
+			echo '<td class="reservedCell">#</td>';
+			echo '<td class="reservedCell">';
+				$link->doLink($_SERVER['PHP_SELF'] . '?' . CmnFns::querystring_exclude_vars( array('order','vert'))
+					. '&amp;order=sender&amp;vert=' . $new_vert, translate('From'), '', '', $mouseover_text);
+			echo '</td>';
+			echo '<td class="reservedCell">';
+				$link->doLink($_SERVER['PHP_SELF'] . '?' . CmnFns::querystring_exclude_vars( array('order','vert'))
+					. '&amp;order=recipient&amp;vert=' . $new_vert, translate('To'), '', '', $mouseover_text);			
+			echo '</td>';
+			echo '<td class="reservedCell">';
+				$link->doLink($_SERVER['PHP_SELF'] . '?' . CmnFns::querystring_exclude_vars( array('order','vert'))
+					. '&amp;order=rule&amp;vert=' . $new_vert, translate('Rule'), '', '', $mouseover_text);
+			echo '</td>';
+		echo '</tr>';
+      
+		for ($i = $start_entry;  $i < $end_entry; $i++) {
+			$row = $list[$i];
+			$class =  'cellColor' . ($i%2);
+        		echo '<tr class="'.$class.'" align="center">';
+			echo '<td><input type="checkbox" onclick="ColorRow(this,\'lightyellow\')"  name="wblist_rule_array[]" value="' . $row['sender_id']. '_' .$row['recip_id']. '_' .$row['rule']. '"></td>';
+			echo '<td>'.$row['sender'].'</td>';
+			echo '<td>'.$row['recipient'].'</td>';
+			echo '<td>'.($row['rule'] == "W" ? "Whitelisted" : "Blacklisted").'</td>';
+			echo '</tr>';
+		
+		}
+		
+		echo '</table>';
+		echo '</td>';
+		echo '</tr>';
+		echo '<tr><td>'.printControlButtons().'</td></tr>';
+		echo '</table>';
+		echo '</form>';
+       }
+	
+	
+       
 }
 
 /**
@@ -368,4 +466,39 @@ function showFailedMessagesTable($action, $content_type, $res) {
 <?
 }
 
+
+/**
+* Print Search Engine
+* $param $content_type 
+*/
+function printRulesSearchEngine($content_type, $submit_page, $full_search = false) {
+	global $link;
+?>
+<table width="100%" border="0" cellspacing="0" cellpadding="1" align="center">
+  <tr>
+    <td class="tableBorder">
+      <table width="100%" border="0" cellspacing="1" cellpadding="0">
+      	<tr>
+	  <td class="tableTitle">
+	    <a href="javascript: void(0);" onclick="showHideSearch('search');">&#8250; <?=translate('Search')?></a>
+	  </td>
+	  <td class="tableTitle">
+            <div align="right">
+              <? $link->doLink('javascript: help(\'search\');', '?', '', 'color: #FFFFFF;', translate('Help') . ' - ' . translate('My Re
+servations')) ?>
+            </div>
+          </td>
+	</tr>
+</table>
+<div id="search" style="display: <?= getShowHide('search') ?>">
+  <table width="100%" border="0" cellspacing="1" cellpadding="0">
+    <tr class="cellColor"><td><center><? CmnFns::rulesSearchEngine($content_type, $submit_page, $full_search); ?></center></td></tr>
+  </table>
+</div>
+    </td>
+  </tr>
+</table>
+<?
+}
+
 ?>