Security configuration options added

Webklex · Jan 17, 2025 · cafda4f · cafda4f
1 parent 916e273
commit cafda4f
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -10,6 +10,7 @@ Updates should follow the [Keep a CHANGELOG](http://keepachangelog.com/) princip
 - Address parsing improved and extended to include more cases
 
 ### Added
+- Security configuration options added
 - Spoofing detection added #40
 
 ### Breaking changes

diff --git a/src/config/imap.php b/src/config/imap.php
@@ -35,6 +35,32 @@
     */
     'default' => 'default',
 
+    /*
+    |--------------------------------------------------------------------------
+    | Security options
+    |--------------------------------------------------------------------------
+    |
+    | You can enable or disable certain security features here by setting them to true or false to enable or disable
+    | them.
+    | -detect_spoofing:
+    |       Detect spoofing attempts by checking the message sender against the message headers.
+    |       Default TRUE
+    | -detect_spoofing_exception:
+    |       Throw an exception if a spoofing attempt is detected.
+    |       Default FALSE
+    | -sanitize_filenames:
+    |       Sanitize attachment filenames by removing any unwanted and potentially dangerous characters. This is not a
+    |       100% secure solution, but it should help to prevent some common attacks. Please sanitize the filenames
+    |       again if you need a more secure solution.
+    |       Default TRUE
+    |
+    */
+    'security' => [
+        "detect_spoofing" => true,
+        "detect_spoofing_exception" => false,
+        "sanitize_filenames" => true,
+    ],
+
     /*
     |--------------------------------------------------------------------------
     | Available accounts