Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Domain Restrictions on Sending Email #19744

Closed
okumuryu opened this issue Sep 16, 2022 · 4 comments
Closed

Domain Restrictions on Sending Email #19744

okumuryu opened this issue Sep 16, 2022 · 4 comments
Labels
Enhancement For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc. not-in-changelog For issues or pull requests that should not be included in our release changelog on matomo.org.
Milestone
5.0.0

Comments

@okumuryu
Copy link

Summary

Hello Matomo Teams.

With the implementation of the invite function in Matomo 4.11.0, there are many opportunities to send emails using Matomo applications.
As a result, the risk of sending incorrect emails due to mistakes in email addresses has increased.
Is there a function to restrict the domain of the email address to be sent to, so that it cannot be sent to other domains?
If not, would you implement it?

Your Environment

  • Matomo Version:4.11.0
  • PHP Version:8.1.10
  • Server Operating System:RHEL 7.9
@okumuryu okumuryu added the Enhancement For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc. label Sep 16, 2022
@bx80
Copy link
Contributor

bx80 commented Sep 20, 2022

Hi @okumuryu, thanks for the suggestion, this does sound like a useful security feature. At the moment there is no option to restrict emails sent by Matomo to specific domains.

Depending on how your Matomo server is configured to send email, it may be possible to implement this restriction using Mail Transport Agent rules on the server. For example, your server uses postfix as an MTA then you could add a transport rule to block delivery of any emails other than to your company domain.

@bx80 bx80 added this to the For Prioritization milestone Sep 20, 2022
@okumuryu
Copy link
Author

It is certainly possible to restrict mail domains with postfix.
However, I think it is possible to use Matomo safely by restricting not only by postfix but also by Matomo application.

@sgiehl
Copy link
Member

sgiehl commented Oct 4, 2022

This would be something that could also be implemented quite easily in a new plugin.

@bx80
Copy link
Contributor

bx80 commented Mar 14, 2024

Closing as this functionality has now been implemented by #20170

@bx80 bx80 closed this as completed Mar 14, 2024
@sgiehl sgiehl added the not-in-changelog For issues or pull requests that should not be included in our release changelog on matomo.org. label Apr 8, 2024
@sgiehl sgiehl modified the milestones: For Prioritization, 5.0.0 Apr 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Enhancement For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc. not-in-changelog For issues or pull requests that should not be included in our release changelog on matomo.org.
Projects
None yet
Milestone
5.0.0
Development

No branches or pull requests
3 participants
@sgiehl @bx80 @okumuryu