diff --git a/.gitignore b/.gitignore
index 5650dce..4628ea3 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,6 @@
-vendor
+*.swp
+*.sgh
+*.zip
+translate_locales.php
+config.inc.php
diff --git a/banner_warn.php b/banner_warn.php
index a33e5ef..a08b146 100644
--- a/banner_warn.php
+++ b/banner_warn.php
@@ -68,10 +68,23 @@ public function warn($args)
}
// Warn users if mail from outside organization
- if ($this->addressExternal($message->sender['mailto'])) {
+ // Derive sender address safely (sender may be false or missing)
+ $from_mailto = '';
+ if (is_array($message->sender) && !empty($message->sender['mailto'])) {
+ $from_mailto = $message->sender['mailto'];
+ } else {
+ // Fallback to "From" header
+ $decoded_from = rcube_mime::decode_address_list($message->from ?? '', 1, true, null, false);
+ if (is_array($decoded_from) && !empty($decoded_from)) {
+ $first_from = reset($decoded_from);
+ if (is_array($first_from) && !empty($first_from['mailto'])) {
+ $from_mailto = $first_from['mailto'];
+ }
+ }
+ }
+ if (!empty($from_mailto) && $this->addressExternal($from_mailto)) {
array_push($content, '' . $this->gettext('from_outsite') . '
');
}
-
// Check X-Spam-Status
if ($this->isSpam($message->headers)) {
array_push($content, '' . $this->gettext('posible_spam') . '
');
@@ -94,39 +107,37 @@ public function mlist($p)
if (!$RCMAIL->config->get('avatars', true)) return;
$banner_avatar = array();
+
foreach ($p['messages'] as $index => $message) {
// Create entry
$banner_avatar[$message->uid] = array();
- // Parse from address
- $from = rcube_mime::decode_address_list($message->from, 1, true, null, false)[1];
-
- // Check if we have a from email address (uhh)
- if (isset($from)) {
- // Get first letter of name
- $name = $from["name"];
- if (empty($name)) {
- $name = $from["mailto"];
+ // SAFER: decode first address, compute defaults, avoid null-indexing
+ $decoded_from = rcube_mime::decode_address_list($message->from ?? '', 1, true, null, false);
+ $from = (is_array($decoded_from) && !empty($decoded_from)) ? reset($decoded_from) : null;
+
+ // Defaults
+ $name = '??';
+ $color = '999999';
+ $from_mailto = '';
+
+ if (is_array($from)) {
+ $from_mailto = $from['mailto'] ?? '';
+ $name_source = $from['name'] ?? $from_mailto;
+ $name_source = preg_replace("/[^A-Za-z0-9 ]/", '', (string)$name_source);
+ $name = strtoupper((string) mb_substr($name_source, 0, 1));
+ if (!empty($from_mailto)) {
+ $color = substr(md5($from_mailto), 0, 6);
}
- $name = preg_replace("/[^A-Za-z0-9 ]/", '', $name);
- $name = strtoupper($name[0]);
-
- // Get md5 color from email
- $color = substr(md5($from["mailto"]), 0, 6);
}
- // Check for SPF fail
- if (!isset($from) || $this->isSpam($message) || $this->spfFails($message)) {
- $color = 'ff0000';
- $name = '!';
- $banner_avatar[$message->uid]['alert'] = 1;
- }
- else if ($RCMAIL->config->get('avatars_external_hexagon', true) && $this->addressExternal($from["mailto"])) {
+ // Warn hexagon for external sender (config-controlled)
+ if ($RCMAIL->config->get('avatars_external_hexagon', true) && !empty($from_mailto) && $this->addressExternal($from_mailto)) {
$banner_avatar[$message->uid]['warn'] = 1;
}
- $banner_avatar[$message->uid]['name'] = $name;
- $banner_avatar[$message->uid]['from'] = $from['mailto'];
+ $banner_avatar[$message->uid]['name'] = $name;
+ $banner_avatar[$message->uid]['from'] = $from_mailto;
$banner_avatar[$message->uid]['color'] = $color;
}
@@ -142,7 +153,9 @@ private function first($obj) {
}
private function addressExternal($address) {
- return (!preg_match($this->org_mail_regex, $address));
+ $addr = (string) ($address ?? '');
+ if ($addr === '') return true; // treat unknown as external
+ return (!preg_match($this->org_mail_regex, $addr));
}
private function spfFails($headers) {
diff --git a/localization/ar.inc b/localization/ar.inc
new file mode 100644
index 0000000..72c8f9d
--- /dev/null
+++ b/localization/ar.inc
@@ -0,0 +1,6 @@
+ تجنب النقر على الروابط أو تنزيل المرفقات أو الرد بمعلومات شخصية.';
+?>
diff --git a/localization/ar_SA.inc b/localization/ar_SA.inc
new file mode 100644
index 0000000..72c8f9d
--- /dev/null
+++ b/localization/ar_SA.inc
@@ -0,0 +1,6 @@
+ تجنب النقر على الروابط أو تنزيل المرفقات أو الرد بمعلومات شخصية.';
+?>
diff --git a/localization/bg_BG.inc b/localization/bg_BG.inc
new file mode 100644
index 0000000..2e6a440
--- /dev/null
+++ b/localization/bg_BG.inc
@@ -0,0 +1,6 @@
+ Избягвайте да кликвате върху връзки, да изтегляте прикачени файлове или да отговаряте с лична информация.';
+?>
diff --git a/localization/cs_CZ.inc b/localization/cs_CZ.inc
new file mode 100644
index 0000000..fa41855
--- /dev/null
+++ b/localization/cs_CZ.inc
@@ -0,0 +1,6 @@
+ Vyvarujte se klikání na odkazy, stahování příloh nebo odpovídání s uvedením osobních údajů.';
+?>
diff --git a/localization/da_DK.inc b/localization/da_DK.inc
new file mode 100644
index 0000000..c1071df
--- /dev/null
+++ b/localization/da_DK.inc
@@ -0,0 +1,6 @@
+ Undgå at klikke på links, downloade vedhæftede filer eller svare med personlige oplysninger.';
+?>
diff --git a/localization/de_CH.inc b/localization/de_CH.inc
new file mode 100644
index 0000000..7eae786
--- /dev/null
+++ b/localization/de_CH.inc
@@ -0,0 +1,6 @@
+ Vermeiden Sie es, auf Links zu klicken, Anhänge herunterzuladen oder mit persönlichen Informationen zu antworten.';
+?>
diff --git a/localization/de_DE.inc b/localization/de_DE.inc
index eaf565c..7eae786 100644
--- a/localization/de_DE.inc
+++ b/localization/de_DE.inc
@@ -1,7 +1,6 @@
Vermeiden Sie auf Links zu klicken, Anhänge zu öffnen oder persönlichen Details herauszugeben.";
+$labels['from_outsite'] = 'Diese E-Mail stammt von außerhalb Ihrer Organisation. Klicken Sie nicht auf Links und öffnen Sie keine Anhänge, wenn Sie den Absender nicht kennen und wissen, dass der Inhalt sicher ist.';
+$labels['posible_spam'] = 'Diese E-Mail wurde als möglicher Spam identifiziert. Seien Sie besonders vorsichtig, wenn Sie mit ihrem Inhalt interagieren.';
+$labels['spf_fail'] = 'Die Authentizität des Absenders dieser E-Mail konnte nicht überprüft werden.
Vermeiden Sie es, auf Links zu klicken, Anhänge herunterzuladen oder mit persönlichen Informationen zu antworten.';
+?>
diff --git a/localization/el_GR.inc b/localization/el_GR.inc
new file mode 100644
index 0000000..69c0974
--- /dev/null
+++ b/localization/el_GR.inc
@@ -0,0 +1,6 @@
+ Αποφύγετε να κάνετε κλικ σε συνδέσμους, να κατεβάσετε συνημμένα αρχεία ή να απαντήσετε με προσωπικές πληροφορίες.';
+?>
diff --git a/localization/en_CA.inc b/localization/en_CA.inc
new file mode 100644
index 0000000..a97fb75
--- /dev/null
+++ b/localization/en_CA.inc
@@ -0,0 +1,6 @@
+ Avoid clicking links, downloading attachments or replying with personal information.';
+?>
diff --git a/localization/en_GB.inc b/localization/en_GB.inc
new file mode 100644
index 0000000..a97fb75
--- /dev/null
+++ b/localization/en_GB.inc
@@ -0,0 +1,6 @@
+ Avoid clicking links, downloading attachments or replying with personal information.';
+?>
diff --git a/localization/es_419.inc b/localization/es_419.inc
new file mode 100644
index 0000000..983c500
--- /dev/null
+++ b/localization/es_419.inc
@@ -0,0 +1,6 @@
+ Evite hacer clic en enlaces, descargar archivos adjuntos o responder con información personal.';
+?>
diff --git a/localization/es_AR.inc b/localization/es_AR.inc
new file mode 100644
index 0000000..983c500
--- /dev/null
+++ b/localization/es_AR.inc
@@ -0,0 +1,6 @@
+ Evite hacer clic en enlaces, descargar archivos adjuntos o responder con información personal.';
+?>
diff --git a/localization/es_ES.inc b/localization/es_ES.inc
index 4ece5b4..983c500 100644
--- a/localization/es_ES.inc
+++ b/localization/es_ES.inc
@@ -1,7 +1,6 @@
Evite abrir enlaces, descargar adjuntos o responder con información personal.";
+$labels['from_outsite'] = 'Este correo procede de fuera de su organización. No haga clic en enlaces ni abra archivos adjuntos a menos que reconozca al remitente y sepa que el contenido es seguro.';
+$labels['posible_spam'] = 'Este correo ha sido identificado como posible spam. Tenga mucho cuidado al interactuar con su contenido.';
+$labels['spf_fail'] = 'No se ha podido verificar la autenticidad del remitente de este correo electrónico.
Evite hacer clic en enlaces, descargar archivos adjuntos o responder con información personal.';
+?>
diff --git a/localization/et_EE.inc b/localization/et_EE.inc
new file mode 100644
index 0000000..ddbbb96
--- /dev/null
+++ b/localization/et_EE.inc
@@ -0,0 +1,6 @@
+ Vältige linkidele klõpsamist, manuste allalaadimist või vastamist isiklike andmetega.';
+?>
diff --git a/localization/fi_FI.inc b/localization/fi_FI.inc
new file mode 100644
index 0000000..6ec9ab7
--- /dev/null
+++ b/localization/fi_FI.inc
@@ -0,0 +1,6 @@
+ Vältä linkkien klikkaamista, liitteiden lataamista tai vastaamista henkilökohtaisilla tiedoilla.';
+?>
diff --git a/localization/fr_FR.inc b/localization/fr_FR.inc
index afa2717..6711ca9 100644
--- a/localization/fr_FR.inc
+++ b/localization/fr_FR.inc
@@ -1,7 +1,6 @@
Évitez de cliquer sur des liens, de télécharger des pièces jointes ou de répondre avec des informations personnelles.";
+$labels['from_outsite'] = 'Ce courrier provient d\'une personne extérieure à votre organisation. Ne cliquez pas sur les liens et n\'ouvrez pas les pièces jointes si vous ne reconnaissez pas l\'expéditeur et si vous ne savez pas que le contenu est sûr.';
+$labels['posible_spam'] = 'Ce courrier a été identifié comme un possible spam. Soyez très prudent lorsque vous interagissez avec son contenu.';
+$labels['spf_fail'] = 'L\'authenticité de l\'expéditeur de cet e-mail n\'a pas pu être vérifiée. <Évitez de cliquer sur les liens, de télécharger les pièces jointes ou de répondre avec des informations personnelles.';
+?>
diff --git a/localization/he_IL.inc b/localization/he_IL.inc
new file mode 100644
index 0000000..c986801
--- /dev/null
+++ b/localization/he_IL.inc
@@ -0,0 +1,6 @@
+ הימנע מללחוץ על קישורים, להוריד קבצים מצורפים או להשיב עם מידע אישי.';
+?>
diff --git a/localization/hu_HU.inc b/localization/hu_HU.inc
index 7772d09..071244b 100644
--- a/localization/hu_HU.inc
+++ b/localization/hu_HU.inc
@@ -1,7 +1,6 @@
Kerüld a linkek és csatolmányok megnyitását, illetve válaszodban a személyes adatok küldését!";
+$labels['from_outsite'] = 'Ez a levél az Ön szervezetén kívülről érkezett. Ne kattintson a linkekre, és ne nyissa meg a mellékleteket, hacsak nem ismeri fel a feladót, és nem tudja, hogy a tartalom biztonságos.';
+$labels['posible_spam'] = 'Ezt a levelet lehetséges spamként azonosították. Legyen különösen óvatos a tartalmával való interakció során.';
+$labels['spf_fail'] = 'Az e-mail feladójának hitelességét nem sikerült ellenőrizni.
Kerülje a linkekre való kattintást, a mellékletek letöltését vagy a személyes adatokkal való válaszadást.';
+?>
diff --git a/localization/id_ID.inc b/localization/id_ID.inc
new file mode 100644
index 0000000..80c3f48
--- /dev/null
+++ b/localization/id_ID.inc
@@ -0,0 +1,6 @@
+ Hindari mengklik tautan, mengunduh lampiran, atau membalas dengan informasi pribadi.';
+?>
diff --git a/localization/it_IT.inc b/localization/it_IT.inc
index f71edd6..8662f10 100644
--- a/localization/it_IT.inc
+++ b/localization/it_IT.inc
@@ -1,17 +1,6 @@
Si
- consiglia di evitare di fare clic su eventuali link, scaricare
- allegati o rispondere inviando dati personali";
-
+$labels['from_outsite'] = 'Questo messaggio di posta elettronica proviene dall\'esterno della vostra organizzazione. Non cliccate sui link o aprite gli allegati a meno che non riconosciate il mittente e sappiate che il contenuto è sicuro.';
+$labels['posible_spam'] = 'Questo messaggio è stato identificato come possibile spam. Fate molta attenzione quando interagite con i suoi contenuti.';
+$labels['spf_fail'] = 'Non è stato possibile verificare l\'autenticità del mittente di questa e-mail.
Evitate di cliccare sui link, scaricare gli allegati o rispondere con informazioni personali.';
+?>
diff --git a/localization/ja_JP.inc b/localization/ja_JP.inc
new file mode 100644
index 0000000..a28700f
--- /dev/null
+++ b/localization/ja_JP.inc
@@ -0,0 +1,6 @@
+リンクをクリックしたり、添付ファイルをダウンロードしたり、個人情報を返信したりすることは避けてください。';
+?>
diff --git a/localization/ko_KR.inc b/localization/ko_KR.inc
new file mode 100644
index 0000000..6be2ce5
--- /dev/null
+++ b/localization/ko_KR.inc
@@ -0,0 +1,6 @@
+ 링크를 클릭하거나 첨부 파일을 다운로드하거나 개인 정보가 포함된 답장을 보내지 마세요.';
+?>
diff --git a/localization/lt_LT.inc b/localization/lt_LT.inc
new file mode 100644
index 0000000..da60239
--- /dev/null
+++ b/localization/lt_LT.inc
@@ -0,0 +1,6 @@
+ Venkite spausti nuorodas, siųstis priedus ar atsakyti, nurodydami asmeninę informaciją.';
+?>
diff --git a/localization/lv_LV.inc b/localization/lv_LV.inc
new file mode 100644
index 0000000..c2f58fe
--- /dev/null
+++ b/localization/lv_LV.inc
@@ -0,0 +1,6 @@
+ Izvairieties noklikšķināt uz saitēm, lejupielādēt pielikumus vai atbildēt, norādot personisko informāciju.';
+?>
diff --git a/localization/nl_BE.inc b/localization/nl_BE.inc
new file mode 100644
index 0000000..260f126
--- /dev/null
+++ b/localization/nl_BE.inc
@@ -0,0 +1,6 @@
+ Vermijd het klikken op links, het downloaden van bijlagen of het beantwoorden met persoonlijke informatie.';
+?>
diff --git a/localization/nl_NL.inc b/localization/nl_NL.inc
index 0e0a9b8..260f126 100644
--- a/localization/nl_NL.inc
+++ b/localization/nl_NL.inc
@@ -1,7 +1,6 @@
Klik niet op links, download geen bijlagen en reageer niet met persoonlijke informatie.";
+$labels['from_outsite'] = 'Deze e-mail is afkomstig van buiten uw organisatie. Klik niet op koppelingen en open geen bijlagen tenzij u de afzender herkent en weet dat de inhoud veilig is.';
+$labels['posible_spam'] = 'Deze e-mail is geïdentificeerd als mogelijke spam. Wees extra voorzichtig met de inhoud.';
+$labels['spf_fail'] = 'De authenticiteit van de afzender van deze e-mail kon niet worden geverifieerd.
Vermijd het klikken op links, het downloaden van bijlagen of het beantwoorden met persoonlijke informatie.';
+?>
diff --git a/localization/nn_NO.inc b/localization/nn_NO.inc
new file mode 100644
index 0000000..a360b84
--- /dev/null
+++ b/localization/nn_NO.inc
@@ -0,0 +1,6 @@
+
diff --git a/localization/pl_PL.inc b/localization/pl_PL.inc
new file mode 100644
index 0000000..c87288d
--- /dev/null
+++ b/localization/pl_PL.inc
@@ -0,0 +1,6 @@
+
diff --git a/localization/pt_BR.inc b/localization/pt_BR.inc
index 028d6e7..3a58513 100644
--- a/localization/pt_BR.inc
+++ b/localization/pt_BR.inc
@@ -1,7 +1,6 @@
Evite clicar em links, baixar anexos ou responder com informações pessoais.";
+$labels['from_outsite'] = 'Este e-mail foi originado de fora de sua organização. Não clique em links nem abra anexos a menos que você reconheça o remetente e saiba que o conteúdo é seguro.';
+$labels['posible_spam'] = 'Este e-mail foi identificado como possível spam. Tenha muito cuidado ao interagir com seu conteúdo.';
+$labels['spf_fail'] = 'A autenticidade do remetente deste e-mail não pôde ser verificada.
Evite clicar em links, fazer download de anexos ou responder com informações pessoais.';
+?>
diff --git a/localization/pt_PT.inc b/localization/pt_PT.inc
new file mode 100644
index 0000000..3a58513
--- /dev/null
+++ b/localization/pt_PT.inc
@@ -0,0 +1,6 @@
+ Evite clicar em links, fazer download de anexos ou responder com informações pessoais.';
+?>
diff --git a/localization/ro_RO.inc b/localization/ro_RO.inc
new file mode 100644
index 0000000..e766d2c
--- /dev/null
+++ b/localization/ro_RO.inc
@@ -0,0 +1,6 @@
+ Evitați să faceți clic pe linkuri, să descărcați atașamente sau să răspundeți cu informații personale.';
+?>
diff --git a/localization/ru_RU.inc b/localization/ru_RU.inc
index 57cdbdf..d7b091f 100644
--- a/localization/ru_RU.inc
+++ b/localization/ru_RU.inc
@@ -1,10 +1,6 @@
Не переходите по ссылкам, не загружайте вложения и не сообщайте личную информацию.";
\ No newline at end of file
+$labels['from_outsite'] = 'Это письмо пришло не из вашей организации. Не переходите по ссылкам и не открывайте вложения, если вы не узнали отправителя и не уверены в безопасности содержимого.';
+$labels['posible_spam'] = 'Это письмо было идентифицировано как возможный спам. Будьте особенно осторожны при работе с его содержимым.';
+$labels['spf_fail'] = 'Подлинность отправителя этого письма проверить не удалось.
Не переходите по ссылкам, не загружайте вложения и не сообщайте личную информацию.';
+?>
diff --git a/localization/sk_SK.inc b/localization/sk_SK.inc
new file mode 100644
index 0000000..68617d4
--- /dev/null
+++ b/localization/sk_SK.inc
@@ -0,0 +1,6 @@
+ Vyhnite sa klikaniu na odkazy, sťahovaniu príloh alebo odpovediam s osobnými údajmi.';
+?>
diff --git a/localization/sl_SI.inc b/localization/sl_SI.inc
new file mode 100644
index 0000000..8dff5cc
--- /dev/null
+++ b/localization/sl_SI.inc
@@ -0,0 +1,6 @@
+ Ne klikajte na povezave, ne prenašajte priponk in ne odgovarjajte z osebnimi podatki.';
+?>
diff --git a/localization/sv_SE.inc b/localization/sv_SE.inc
new file mode 100644
index 0000000..3b17f92
--- /dev/null
+++ b/localization/sv_SE.inc
@@ -0,0 +1,6 @@
+ Undvik att klicka på länkar, ladda ner bilagor eller svara med personlig information.';
+?>
diff --git a/localization/tr_TR.inc b/localization/tr_TR.inc
new file mode 100644
index 0000000..e4acf77
--- /dev/null
+++ b/localization/tr_TR.inc
@@ -0,0 +1,6 @@
+ Bağlantılara tıklamaktan, ekleri indirmekten veya kişisel bilgilerle yanıt vermekten kaçının.';
+?>
diff --git a/localization/uk_UA.inc b/localization/uk_UA.inc
new file mode 100644
index 0000000..256cf38
--- /dev/null
+++ b/localization/uk_UA.inc
@@ -0,0 +1,6 @@
+ Не переходьте за посиланнями, не завантажуйте вкладення та не відповідайте, вказуючи особисту інформацію.';
+?>
diff --git a/localization/vi_VN.inc b/localization/vi_VN.inc
new file mode 100644
index 0000000..47ef8cc
--- /dev/null
+++ b/localization/vi_VN.inc
@@ -0,0 +1,6 @@
+ Tránh nhấp vào các liên kết, tải xuống tệp đính kèm hoặc trả lời với thông tin cá nhân.';
+?>
diff --git a/localization/zh_CN.inc b/localization/zh_CN.inc
new file mode 100644
index 0000000..222292b
--- /dev/null
+++ b/localization/zh_CN.inc
@@ -0,0 +1,6 @@
+ 避免点击链接、下载附件或回复个人信息。';
+?>
diff --git a/localization/zh_TW.inc b/localization/zh_TW.inc
new file mode 100644
index 0000000..222292b
--- /dev/null
+++ b/localization/zh_TW.inc
@@ -0,0 +1,6 @@
+ 避免点击链接、下载附件或回复个人信息。';
+?>