Page 1 of 1
Deny Domain_Admin access to Message Viewer
Posted: 30 Oct 2019 09:03
by ItemsGmbH
Hi there,
is there a way to deny USER and DOMAIN_ADMIN access to view the content of a mail?
The "main" ADMINISTRATOR can still look inside the mail content
I mean the link at "Path to message"
Re: Deny Domain_Admin access to Message Viewer
Posted: 30 Oct 2019 10:35
by ItemsGmbH
Found it myself
/var/www/html/mailscanner/
detail.php
Code: Select all
// Domain admins can view the file only if enabled
if (
(
// $item['dangerous'] === 'N' ||
$_SESSION['user_type'] === 'A' ||
(defined('DOMAINADMIN_CAN_SEE_DANGEROUS_CONTENTS') && true === DOMAINADMIN_CAN_SEE_DANGEROUS_CONTENTS && $_SESSION['user_type'] === 'D' && $item['dangerous'] === 'Y')
) && preg_match('!message/rfc822!', $item['type'])
) {
conf.php
Code: Select all
// Give Domain Admins ability to release dangerous content, like viruses
define('DOMAINADMIN_CAN_RELEASE_DANGEROUS_CONTENTS', true);
define('DOMAINADMIN_CAN_SEE_DANGEROUS_CONTENTS', false);
Re: Deny Domain_Admin access to Message Viewer
Posted: 31 Oct 2019 11:02
by pdwalker
Thanks for posting the answer to your problem. That'll help the next person who needs it.
Re: Deny Domain_Admin access to Message Viewer
Posted: 31 Oct 2019 11:49
by ItemsGmbH
That was my intention
I really hate these people "Found it, thanks and bye"