diff --git a/mailscanner/conf.php.example b/mailscanner/conf.php.example index 70f8450bc..e42eaa7e1 100644 --- a/mailscanner/conf.php.example +++ b/mailscanner/conf.php.example @@ -49,6 +49,11 @@ define('USER_SELECTABLE_LANG', 'de,en,es-419,fr,it,ja,nl,pt_br'); // This can also be set individually per user in the MailWatch GUI for greater flexibility. define('SESSION_TIMEOUT', 600); +// MaxMind License key +// A free license key from MaxMind is required to download GeoLite2 data +// https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/ +// define('MAXMIND_LICENSE_KEY', 'mylicensekey'); + // Database settings // // As this file might be publically readable. It might be very userful to diff --git a/mailscanner/functions.php b/mailscanner/functions.php index fb36dad2d..c0f18b974 100644 --- a/mailscanner/functions.php +++ b/mailscanner/functions.php @@ -4289,7 +4289,8 @@ function checkConfVariables() 'ENABLE_SUPER_DOMAIN_ADMINS' => array('description' => 'allows domain admins to change domain admins from the same domain'), 'USE_IMAP' => array('description' => 'use IMAP for user authentication'), 'IMAP_HOST' => array('description' => 'IMAP host to be used for user authentication'), - 'IMAP_AUTOCREATE_VALID_USER' => array('description' => 'enable to autorcreate user from valid imap login') + 'IMAP_AUTOCREATE_VALID_USER' => array('description' => 'enable to autorcreate user from valid imap login'), + 'MAXMIND_LICENSE_KEY' => array('description' => 'needed to download MaxMind GeoLite2 data') ); $results = array(); @@ -4642,6 +4643,10 @@ function validateInput($input, $type) if (preg_match('/^[0-9]{1,5}$/', $input)) { return true; } + case 'maxmind': + if (preg_match('/^([0-9A-Za-z]{12}|[0-9A-Za-z]{16})$/', $input)) { + return true; + } break; default: return false; diff --git a/mailscanner/geoip_update.php b/mailscanner/geoip_update.php index 08dcf01e0..1375c1714 100644 --- a/mailscanner/geoip_update.php +++ b/mailscanner/geoip_update.php @@ -33,7 +33,10 @@ html_start(__('geoipupdate15'), 0, false, false); -if (!isset($_POST['run'])) { +if (!defined('MAXMIND_LICENSE_KEY') || !validateInput(MAXMIND_LICENSE_KEY, "maxmind")) { + $error_message = __('geoipnokey15') . '
' . "\n"; + die($error_message); +} elseif (!isset($_POST['run'])) { echo '
@@ -58,9 +61,9 @@ ob_start(); echo __('downfile15') . '
' . "\n"; - $files_base_url = 'http://geolite.maxmind.com'; + $files_base_url = 'https://download.maxmind.com'; $file['description'] = __('geoip15'); - $file['path'] = '/download/geoip/database/GeoLite2-Country.tar.gz'; + $file['path'] = '/app/geoip_download?edition_id=GeoLite2-Country&suffix=tar.gz&license_key=' . MAXMIND_LICENSE_KEY; $file['destination'] = __DIR__ . '/temp/GeoLite2-Country.tar.gz'; $file['destinationFileName'] = 'GeoLite2-Country.mmdb'; diff --git a/mailscanner/languages/de.php b/mailscanner/languages/de.php index 7b95ccee4..dd3eeb22c 100644 --- a/mailscanner/languages/de.php +++ b/mailscanner/languages/de.php @@ -269,7 +269,7 @@ 'report04' => 'Bericht:', 'spamassassin04' => 'SpamAssassin', 'spamassassinmcp04' => 'SpamAssassin MCP', - 'geoipnotsupported04' => 'GeoIP nicht unterstützt', + 'notsupported04' => 'GeoIP nicht unterstützt', // 05-status.php 'recentmsg05' => 'Aktuelle Nachrichten', @@ -568,6 +568,7 @@ 'geoipupdate15' => 'GeoIP Datenbank-Aktualisierung', 'dieproxy15' => 'Proxy-Typ sollte entweder "HTTP" oder "SOCKS5" sein, überprüfen Sie die Konfigurations-Datei', 'auditlog15' => 'GeoIP-Update wurde ausgeführt', + 'geoipnokey15' => 'Es wird ein Lizenz-Schlüssel von www.maxmind.com benötigt, um GeoLite2-Daten herunter zu ladenladen', // 16-rep_message_listing.php 'messlisting16' => 'Nachrichtenliste', diff --git a/mailscanner/languages/en.php b/mailscanner/languages/en.php index ee7e34ace..97812f4d5 100644 --- a/mailscanner/languages/en.php +++ b/mailscanner/languages/en.php @@ -569,6 +569,7 @@ 'geoipupdate15' => 'GeoIP Database Update', 'dieproxy15' => 'Proxy type should be either "HTTP" or "SOCKS5", check your configuration file', 'auditlog15' => 'Ran GeoIP update', + 'geoipnokey15' => 'A license key from www.maxmind.com is needed to download GeoLite2 data', // 16-rep_message_listing.php 'messlisting16' => 'Message Listing', diff --git a/mailscanner/languages/es-419.php b/mailscanner/languages/es-419.php index c96d1ac9b..1cfebbc1d 100644 --- a/mailscanner/languages/es-419.php +++ b/mailscanner/languages/es-419.php @@ -568,6 +568,7 @@ 'geoipupdate15' => 'Actualización de base de datos GeoIP', 'dieproxy15' => 'El tipo de Proxy debe ser "HTTP" o "SOCKS5", chequee su archivo de configuración', 'auditlog15' => 'Actualización GeoIP realizada', + 'geoipnokey15' => 'A license key from www.maxmind.com is needed to download GeoLite2 data', // 16-rep_message_listing.php 'messlisting16' => 'Lista de mensajes', diff --git a/mailscanner/languages/fr.php b/mailscanner/languages/fr.php index 9ad864682..6c3860b1b 100644 --- a/mailscanner/languages/fr.php +++ b/mailscanner/languages/fr.php @@ -568,6 +568,7 @@ 'geoipupdate15' => 'Mise à jour des bases GeoIP', 'dieproxy15' => 'Le type de proxy doit être en "HTTP" ou en "SOCKS5". Vérifiez votre fichier de configuration.', 'auditlog15' => 'Exécution de la mise à jour GeoIP', + 'geoipnokey15' => 'A license key from www.maxmind.com is needed to download GeoLite2 data', // 16-rep_message_listing.php 'messlisting16' => 'Listing des messages', diff --git a/mailscanner/languages/it.php b/mailscanner/languages/it.php index 638653a4f..0cbb77042 100644 --- a/mailscanner/languages/it.php +++ b/mailscanner/languages/it.php @@ -568,6 +568,7 @@ 'geoipupdate15' => 'GeoIP Database Update', 'dieproxy15' => 'Proxy type should be either "HTTP" or "SOCKS5", check your configuration file', 'auditlog15' => 'Ran GeoIP update', + 'geoipnokey15' => 'È necessaria una chiave di licenza ottenibile da www.maxmind.com per scaricare i dati GeoLite2', // 16-rep_message_listing.php 'messlisting16' => 'Message Listing', diff --git a/mailscanner/languages/ja.php b/mailscanner/languages/ja.php index 3e9c456a5..ad3c8ada0 100644 --- a/mailscanner/languages/ja.php +++ b/mailscanner/languages/ja.php @@ -559,6 +559,7 @@ 'geoipupdate15' => 'GeoIPデータベースの更新', 'dieproxy15' => 'プロキシタイプは "HTTP"か "SOCKS5" のどちらかで、設定ファイルをチェックしてください。', 'auditlog15' => 'GeoIP アップデートの実行', + 'geoipnokey15' => 'A license key from www.maxmind.com is needed to download GeoLite2 data', // 16-rep_message_listing.php 'messlisting16' => 'メッセージリスト', diff --git a/mailscanner/languages/nl.php b/mailscanner/languages/nl.php index 612c0788d..670188748 100644 --- a/mailscanner/languages/nl.php +++ b/mailscanner/languages/nl.php @@ -568,6 +568,7 @@ 'geoipupdate15' => 'GeoIP Database Update', 'dieproxy15' => 'Proxy type should be either "HTTP" or "SOCKS5", check your configuration file', 'auditlog15' => 'Ran GeoIP update', + 'geoipnokey15' => 'A license key from www.maxmind.com is needed to download GeoLite2 data', // 16-rep_message_listing.php 'messlisting16' => 'Message Listing', diff --git a/mailscanner/languages/pt_br.php b/mailscanner/languages/pt_br.php index 7b577742b..e82151e67 100644 --- a/mailscanner/languages/pt_br.php +++ b/mailscanner/languages/pt_br.php @@ -568,6 +568,7 @@ 'geoipupdate15' => 'Atualização do banco de dados GeoIP', 'dieproxy15' => 'O tipo de proxy deve ser "HTTP" ou "SOCKS5", verifique sua configuração', 'auditlog15' => 'Atualização do GeoIP executada', + 'geoipnokey15' => 'A license key from www.maxmind.com is needed to download GeoLite2 data', // 16-rep_message_listing.php 'messlisting16' => 'Lista de Mensagens', diff --git a/tools/Cron_jobs/INSTALL b/tools/Cron_jobs/INSTALL index 8de8d1a8c..b40f3be2b 100644 --- a/tools/Cron_jobs/INSTALL +++ b/tools/Cron_jobs/INSTALL @@ -49,6 +49,12 @@ See the instructions in tools/MailScanner_rule_editor/INSTALL GeoIP Update -------------------------------------------- +MaxMind now requires a free license key to obtain GeoLite2 data. + +Visit www.maxmind.com to create an account and generate a license key. +MaxMind will ask questions to generate a key, any choice will work. +Once you have generated a key, place the key in conf.php for MAXMIND_LICENSE_KEY. + Default update is one time per month in /etc/cron.monthly/. The sudoers file /etc/sudoers.d/mailwatch must be installed. diff --git a/tools/Cron_jobs/mailwatch_geoip_update.php b/tools/Cron_jobs/mailwatch_geoip_update.php index c257267b3..6f2a2e699 100755 --- a/tools/Cron_jobs/mailwatch_geoip_update.php +++ b/tools/Cron_jobs/mailwatch_geoip_update.php @@ -33,16 +33,22 @@ } require $pathToFunctions; +if (!defined('MAXMIND_LICENSE_KEY') || !validateInput(MAXMIND_LICENSE_KEY, "maxmind")) { + $error_message = __('geoipnokey15') . "\n\n"; + die($error_message); +} + require_once MAILWATCH_HOME . '/lib/request/Requests.php'; Requests::register_autoloader(); ob_start(); + echo 'Downloading file, please wait...' . "\n"; -$files_base_url = 'http://geolite.maxmind.com'; +$files_base_url = 'https://download.maxmind.com'; $file = array( 'description' => __('geoip15'), - 'path' => '/download/geoip/database/GeoLite2-Country.tar.gz', + 'path' => '/app/geoip_download?edition_id=GeoLite2-Country&suffix=tar.gz&license_key=' . MAXMIND_LICENSE_KEY, 'destination' => MAILWATCH_HOME . '/temp/GeoLite2-Country.tar.gz', 'destinationFileName' => 'GeoLite2-Country.mmdb' );