start the path to rust

2026-02-10 15:54:09 +00:00
parent 237dba3bab
commit 8bd8c295b0
318 changed files with 28352 additions and 428 deletions
--- a/dist_ts/security/classes.contentscanner.d.ts
+++ b/dist_ts/security/classes.contentscanner.d.ts
@@ -0,0 +1,160 @@
+import { Email } from '../mail/core/classes.email.js';
+/**
+ * Scan result information
+ */
+export interface IScanResult {
+    isClean: boolean;
+    threatType?: string;
+    threatDetails?: string;
+    threatScore: number;
+    scannedElements: string[];
+    timestamp: number;
+}
+/**
+ * Options for content scanner configuration
+ */
+export interface IContentScannerOptions {
+    maxCacheSize?: number;
+    cacheTTL?: number;
+    scanSubject?: boolean;
+    scanBody?: boolean;
+    scanAttachments?: boolean;
+    maxAttachmentSizeToScan?: number;
+    scanAttachmentNames?: boolean;
+    blockExecutables?: boolean;
+    blockMacros?: boolean;
+    customRules?: Array<{
+        pattern: string | RegExp;
+        type: string;
+        score: number;
+        description: string;
+    }>;
+    minThreatScore?: number;
+    highThreatScore?: number;
+}
+/**
+ * Threat categories
+ */
+export declare enum ThreatCategory {
+    SPAM = "spam",
+    PHISHING = "phishing",
+    MALWARE = "malware",
+    EXECUTABLE = "executable",
+    SUSPICIOUS_LINK = "suspicious_link",
+    MALICIOUS_MACRO = "malicious_macro",
+    XSS = "xss",
+    SENSITIVE_DATA = "sensitive_data",
+    BLACKLISTED_CONTENT = "blacklisted_content",
+    CUSTOM_RULE = "custom_rule"
+}
+/**
+ * Content Scanner for detecting malicious email content
+ */
+export declare class ContentScanner {
+    private static instance;
+    private scanCache;
+    private options;
+    private static readonly MALICIOUS_PATTERNS;
+    private static readonly EXECUTABLE_EXTENSIONS;
+    private static readonly MACRO_DOCUMENT_EXTENSIONS;
+    /**
+     * Default options for the content scanner
+     */
+    private static readonly DEFAULT_OPTIONS;
+    /**
+     * Constructor for the ContentScanner
+     * @param options Configuration options
+     */
+    constructor(options?: IContentScannerOptions);
+    /**
+     * Get the singleton instance of the scanner
+     * @param options Configuration options
+     * @returns Singleton scanner instance
+     */
+    static getInstance(options?: IContentScannerOptions): ContentScanner;
+    /**
+     * Scan an email for malicious content
+     * @param email The email to scan
+     * @returns Scan result
+     */
+    scanEmail(email: Email): Promise<IScanResult>;
+    /**
+     * Generate a cache key from an email
+     * @param email The email to generate a key for
+     * @returns Cache key
+     */
+    private generateCacheKey;
+    /**
+     * Scan email subject for threats
+     * @param subject The subject to scan
+     * @param result The scan result to update
+     */
+    private scanSubject;
+    /**
+     * Scan plain text content for threats
+     * @param text The text content to scan
+     * @param result The scan result to update
+     */
+    private scanTextContent;
+    /**
+     * Scan HTML content for threats
+     * @param html The HTML content to scan
+     * @param result The scan result to update
+     */
+    private scanHtmlContent;
+    /**
+     * Scan an attachment for threats
+     * @param attachment The attachment to scan
+     * @param result The scan result to update
+     */
+    private scanAttachment;
+    /**
+     * Extract links from HTML content
+     * @param html HTML content
+     * @returns Array of extracted links
+     */
+    private extractLinksFromHtml;
+    /**
+     * Extract plain text from HTML
+     * @param html HTML content
+     * @returns Extracted text
+     */
+    private extractTextFromHtml;
+    /**
+     * Extract text from a binary buffer for scanning
+     * @param buffer Binary content
+     * @returns Extracted text (may be partial)
+     */
+    private extractTextFromBuffer;
+    /**
+     * Check if an Office document likely contains macros
+     * This is a simplified check - real implementation would use specialized libraries
+     * @param attachment The attachment to check
+     * @returns Whether the file likely contains macros
+     */
+    private likelyContainsMacros;
+    /**
+     * Map a pattern category to a threat type
+     * @param category The pattern category
+     * @returns The corresponding threat type
+     */
+    private mapCategoryToThreatType;
+    /**
+     * Log a high threat finding to the security logger
+     * @param email The email containing the threat
+     * @param result The scan result
+     */
+    private logHighThreatFound;
+    /**
+     * Log a threat finding to the security logger
+     * @param email The email containing the threat
+     * @param result The scan result
+     */
+    private logThreatFound;
+    /**
+     * Get threat level description based on score
+     * @param score Threat score
+     * @returns Threat level description
+     */
+    static getThreatLevel(score: number): 'none' | 'low' | 'medium' | 'high';
+}
--- a/dist_ts/security/classes.contentscanner.js
+++ b/dist_ts/security/classes.contentscanner.js
--- a/dist_ts/security/classes.ipreputationchecker.d.ts
+++ b/dist_ts/security/classes.ipreputationchecker.d.ts
@@ -0,0 +1,150 @@
+/**
+ * Reputation check result information
+ */
+export interface IReputationResult {
+    score: number;
+    isSpam: boolean;
+    isProxy: boolean;
+    isTor: boolean;
+    isVPN: boolean;
+    country?: string;
+    asn?: string;
+    org?: string;
+    blacklists?: string[];
+    timestamp: number;
+    error?: string;
+}
+/**
+ * Reputation threshold scores
+ */
+export declare enum ReputationThreshold {
+    HIGH_RISK = 20,// Score below this is considered high risk
+    MEDIUM_RISK = 50,// Score below this is considered medium risk
+    LOW_RISK = 80
+}
+/**
+ * IP type classifications
+ */
+export declare enum IPType {
+    RESIDENTIAL = "residential",
+    DATACENTER = "datacenter",
+    PROXY = "proxy",
+    TOR = "tor",
+    VPN = "vpn",
+    UNKNOWN = "unknown"
+}
+/**
+ * Options for the IP Reputation Checker
+ */
+export interface IIPReputationOptions {
+    maxCacheSize?: number;
+    cacheTTL?: number;
+    dnsblServers?: string[];
+    highRiskThreshold?: number;
+    mediumRiskThreshold?: number;
+    lowRiskThreshold?: number;
+    enableLocalCache?: boolean;
+    enableDNSBL?: boolean;
+    enableIPInfo?: boolean;
+}
+/**
+ * Class for checking IP reputation of inbound email senders
+ */
+export declare class IPReputationChecker {
+    private static instance;
+    private reputationCache;
+    private options;
+    private storageManager?;
+    private static readonly DEFAULT_DNSBL_SERVERS;
+    private static readonly DEFAULT_OPTIONS;
+    /**
+     * Constructor for IPReputationChecker
+     * @param options Configuration options
+     * @param storageManager Optional StorageManager instance for persistence
+     */
+    constructor(options?: IIPReputationOptions, storageManager?: any);
+    /**
+     * Get the singleton instance of the checker
+     * @param options Configuration options
+     * @param storageManager Optional StorageManager instance for persistence
+     * @returns Singleton instance
+     */
+    static getInstance(options?: IIPReputationOptions, storageManager?: any): IPReputationChecker;
+    /**
+     * Check an IP address's reputation
+     * @param ip IP address to check
+     * @returns Reputation check result
+     */
+    checkReputation(ip: string): Promise<IReputationResult>;
+    /**
+     * Check an IP against DNS blacklists
+     * @param ip IP address to check
+     * @returns DNSBL check results
+     */
+    private checkDNSBL;
+    /**
+     * Get information about an IP address
+     * @param ip IP address to check
+     * @returns IP information
+     */
+    private getIPInfo;
+    /**
+     * Simplified method to determine country from IP
+     * In a real implementation, this would use a geolocation database or service
+     * @param ip IP address
+     * @returns Country code
+     */
+    private determineCountry;
+    /**
+     * Simplified method to determine organization from IP
+     * In a real implementation, this would use an IP-to-org database or service
+     * @param ip IP address
+     * @returns Organization name
+     */
+    private determineOrg;
+    /**
+     * Reverse an IP address for DNSBL lookups (e.g., 1.2.3.4 -> 4.3.2.1)
+     * @param ip IP address to reverse
+     * @returns Reversed IP for DNSBL queries
+     */
+    private reverseIP;
+    /**
+     * Create an error result for when reputation check fails
+     * @param ip IP address
+     * @param errorMessage Error message
+     * @returns Error result
+     */
+    private createErrorResult;
+    /**
+     * Validate IP address format
+     * @param ip IP address to validate
+     * @returns Whether the IP is valid
+     */
+    private isValidIPAddress;
+    /**
+     * Log reputation check to security logger
+     * @param ip IP address
+     * @param result Reputation result
+     */
+    private logReputationCheck;
+    /**
+     * Save cache to disk or storage manager
+     */
+    private saveCache;
+    /**
+     * Load cache from disk or storage manager
+     */
+    private loadCache;
+    /**
+     * Get the risk level for a reputation score
+     * @param score Reputation score (0-100)
+     * @returns Risk level description
+     */
+    static getRiskLevel(score: number): 'high' | 'medium' | 'low' | 'trusted';
+    /**
+     * Update the storage manager after instantiation
+     * This is useful when the storage manager is not available at construction time
+     * @param storageManager The StorageManager instance to use
+     */
+    updateStorageManager(storageManager: any): void;
+}
--- a/dist_ts/security/classes.ipreputationchecker.js
+++ b/dist_ts/security/classes.ipreputationchecker.js
--- a/dist_ts/security/classes.securitylogger.d.ts
+++ b/dist_ts/security/classes.securitylogger.d.ts
@@ -0,0 +1,140 @@
+/**
+ * Log level for security events
+ */
+export declare enum SecurityLogLevel {
+    INFO = "info",
+    WARN = "warn",
+    ERROR = "error",
+    CRITICAL = "critical"
+}
+/**
+ * Security event types for categorization
+ */
+export declare enum SecurityEventType {
+    AUTHENTICATION = "authentication",
+    ACCESS_CONTROL = "access_control",
+    EMAIL_VALIDATION = "email_validation",
+    EMAIL_PROCESSING = "email_processing",
+    EMAIL_FORWARDING = "email_forwarding",
+    EMAIL_DELIVERY = "email_delivery",
+    DKIM = "dkim",
+    SPF = "spf",
+    DMARC = "dmarc",
+    RATE_LIMIT = "rate_limit",
+    RATE_LIMITING = "rate_limiting",
+    SPAM = "spam",
+    MALWARE = "malware",
+    CONNECTION = "connection",
+    DATA_EXPOSURE = "data_exposure",
+    CONFIGURATION = "configuration",
+    IP_REPUTATION = "ip_reputation",
+    REJECTED_CONNECTION = "rejected_connection"
+}
+/**
+ * Security event interface
+ */
+export interface ISecurityEvent {
+    timestamp: number;
+    level: SecurityLogLevel;
+    type: SecurityEventType;
+    message: string;
+    details?: any;
+    ipAddress?: string;
+    userId?: string;
+    sessionId?: string;
+    emailId?: string;
+    domain?: string;
+    action?: string;
+    result?: string;
+    success?: boolean;
+}
+/**
+ * Security logger for enhanced security monitoring
+ */
+export declare class SecurityLogger {
+    private static instance;
+    private securityEvents;
+    private maxEventHistory;
+    private enableNotifications;
+    private constructor();
+    /**
+     * Get singleton instance
+     */
+    static getInstance(options?: {
+        maxEventHistory?: number;
+        enableNotifications?: boolean;
+    }): SecurityLogger;
+    /**
+     * Log a security event
+     * @param event The security event to log
+     */
+    logEvent(event: Omit<ISecurityEvent, 'timestamp'>): void;
+    /**
+     * Get recent security events
+     * @param limit Maximum number of events to return
+     * @param filter Filter for specific event types
+     * @returns Recent security events
+     */
+    getRecentEvents(limit?: number, filter?: {
+        level?: SecurityLogLevel;
+        type?: SecurityEventType;
+        fromTimestamp?: number;
+        toTimestamp?: number;
+    }): ISecurityEvent[];
+    /**
+     * Get events by security level
+     * @param level The security level to filter by
+     * @param limit Maximum number of events to return
+     * @returns Security events matching the level
+     */
+    getEventsByLevel(level: SecurityLogLevel, limit?: number): ISecurityEvent[];
+    /**
+     * Get events by security type
+     * @param type The event type to filter by
+     * @param limit Maximum number of events to return
+     * @returns Security events matching the type
+     */
+    getEventsByType(type: SecurityEventType, limit?: number): ISecurityEvent[];
+    /**
+     * Get security events for a specific IP address
+     * @param ipAddress The IP address to filter by
+     * @param limit Maximum number of events to return
+     * @returns Security events for the IP address
+     */
+    getEventsByIP(ipAddress: string, limit?: number): ISecurityEvent[];
+    /**
+     * Get security events for a specific domain
+     * @param domain The domain to filter by
+     * @param limit Maximum number of events to return
+     * @returns Security events for the domain
+     */
+    getEventsByDomain(domain: string, limit?: number): ISecurityEvent[];
+    /**
+     * Send a notification for critical security events
+     * @param event The security event to notify about
+     * @private
+     */
+    private sendNotification;
+    /**
+     * Clear event history
+     */
+    clearEvents(): void;
+    /**
+     * Get statistical summary of security events
+     * @param timeWindow Optional time window in milliseconds
+     * @returns Summary of security events
+     */
+    getEventsSummary(timeWindow?: number): {
+        total: number;
+        byLevel: Record<SecurityLogLevel, number>;
+        byType: Record<SecurityEventType, number>;
+        topIPs: Array<{
+            ip: string;
+            count: number;
+        }>;
+        topDomains: Array<{
+            domain: string;
+            count: number;
+        }>;
+    };
+}
--- a/dist_ts/security/classes.securitylogger.js
+++ b/dist_ts/security/classes.securitylogger.js
--- a/dist_ts/security/index.d.ts
+++ b/dist_ts/security/index.d.ts
@@ -0,0 +1,3 @@
+export { SecurityLogger, SecurityLogLevel, SecurityEventType, type ISecurityEvent } from './classes.securitylogger.js';
+export { IPReputationChecker, ReputationThreshold, IPType, type IReputationResult, type IIPReputationOptions } from './classes.ipreputationchecker.js';
+export { ContentScanner, ThreatCategory, type IScanResult, type IContentScannerOptions } from './classes.contentscanner.js';
--- a/dist_ts/security/index.js
+++ b/dist_ts/security/index.js
@@ -0,0 +1,4 @@
+export { SecurityLogger, SecurityLogLevel, SecurityEventType } from './classes.securitylogger.js';
+export { IPReputationChecker, ReputationThreshold, IPType } from './classes.ipreputationchecker.js';
+export { ContentScanner, ThreatCategory } from './classes.contentscanner.js';
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi90cy9zZWN1cml0eS9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEVBQ0wsY0FBYyxFQUNkLGdCQUFnQixFQUNoQixpQkFBaUIsRUFFbEIsTUFBTSw2QkFBNkIsQ0FBQztBQUVyQyxPQUFPLEVBQ0wsbUJBQW1CLEVBQ25CLG1CQUFtQixFQUNuQixNQUFNLEVBR1AsTUFBTSxrQ0FBa0MsQ0FBQztBQUUxQyxPQUFPLEVBQ0wsY0FBYyxFQUNkLGNBQWMsRUFHZixNQUFNLDZCQUE2QixDQUFDIn0=