I would like to restrict some file extensions when user is creating ticket via email message sending a message to the admin email (then osTicket will create a ticket from this message). I tried from the admin panel

but no success. I may say that these here from the photo don't even work cause I restricted all and created successfully tickets with attachments from email, from api and even from the original form in the osticket project!
Im kinda confused what's going on, saw some different discussions here in the forum, but they didn't help me!
Thanks in advance!

    KevinTheJedi This does not work, I ve tried it.. Still when I create a ticket via email I can attach file attachments that I restricted and they appear like nothing has happened..

        mgeorgievv

        You can’t restrict attachments via email. You can only allow them or not. Limiting is when the attachment upload field is rendered for Users in the web portal.

        Cheers.

            KevinTheJedi Im afraid for example if someone send harmful script via email, guess I have to find where and write extra code that somehow filter the files and removes some of the files with certain extensions? Or what would be the best solution

                mgeorgievv

                You can simply ignore such file types; don’t download them and don’t open them. Other than that you’d have to modify the codebase.

                Cheers.

                    KevinTheJedi If I decide to touch in the code where should I watch? As core dev you may know best, also I would like to ask again about the osticket 2.0 should we wait for it in the next 1-2 years ? In my case I already wrote api for my needs, but whatever 😃

                        mgeorgievv

                        I cannot assist with customizations as you are deviating from core. You would proceed at your own risk.

                        Also, v2.0 is not simply adding an API. It’s a FULL codebase rewrite. Not only are we rewriting the entire core but we are also adding some long awaited features in the process. This takes a lot of time, especially since the software has to actually function like legacy with all the latest UI/UX and fully rewritten backend code and it has to be done right from the start. So we are planning, theorizing, scoping, writing, testing, etc.

                        Cheers.

                            KevinTheJedi Can you tell me from the picture I provided eariler, these settings for the attachments are used only for the ticket creaton form in the osTicket project or how ?
                            ...I checked the roadmap wishing you good luck with the 2.0 version!

                                mgeorgievv

                                It’s pretty self explanatory. Enable Attachments simply enables attachments. Maximum Filesize caps the filesize allowed via the portals. Restrict By Filetype restricts files by types via the portals. Additional Filetype Filters is used with Restrict By Filetype to allow additional filetypes by extension. Strict Mime Check ensures the mime type of the file matches the file's extension to avoid people faking malicious files.

                                Cheers.

                                  Write a Reply...