From 4b7b366298958128ea6e756b5a2d549c9d0cb337 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Wed, 19 Nov 2025 09:31:26 +0000
Subject: [PATCH 1/3] Initial plan


From 0c941c1c7de070d0fd0dea91ac6b4d6b6acfcb5e Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Wed, 19 Nov 2025 09:38:25 +0000
Subject: [PATCH 2/3] Add backend check to skip mail_security filtering for
 backend requests

Co-authored-by: skerbis <791247+skerbis@users.noreply.github.com>
---
 lib/MailSecurityFilter.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/lib/MailSecurityFilter.php b/lib/MailSecurityFilter.php
index c07769c..ffb4434 100644
--- a/lib/MailSecurityFilter.php
+++ b/lib/MailSecurityFilter.php
@@ -180,6 +180,11 @@ public static function filterMail(rex_extension_point $ep): mixed
             return $ep->getSubject();
         }
 
+        // Mail Security soll nur im Frontend gelten, nicht im Backend
+        if (rex::isBackend()) {
+            return $ep->getSubject();
+        }
+
         $mailer = $ep->getSubject();
         $clientIp = self::getClientIp();
         

From adf726cdd92e9fa70afcb0774f931c645db50837 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Wed, 19 Nov 2025 09:39:57 +0000
Subject: [PATCH 3/3] Update documentation to clarify backend email exemption

Co-authored-by: skerbis <791247+skerbis@users.noreply.github.com>
---
 MAIL_SECURITY.md | 2 ++
 README.md        | 1 +
 2 files changed, 3 insertions(+)

diff --git a/MAIL_SECURITY.md b/MAIL_SECURITY.md
index 67be02b..d4fbd50 100644
--- a/MAIL_SECURITY.md
+++ b/MAIL_SECURITY.md
@@ -4,6 +4,8 @@
 
 Das Mail Security System ist ein umfassendes Sicherheitsmodul des Upkeep AddOns, das E-Mail-Kommunikation vor Spam, Badwords und schädlichen Inhalten schützt. Es integriert sich nahtlos in PHPMailer und bietet erweiterte Funktionen wie IP/Domain-Blocklisting, Rate-Limiting und umfangreiche Protokollierung.
 
+**Wichtig**: Mail Security filtert nur E-Mails, die von Frontend-Anfragen ausgelöst werden. E-Mails aus dem REDAXO-Backend werden nicht gefiltert, um administrative Aktionen nicht zu behindern.
+
 ## Features
 
 ### 🛡️ Kernfunktionen
diff --git a/README.md b/README.md
index 365a424..f363ac2 100644
--- a/README.md
+++ b/README.md
@@ -57,6 +57,7 @@ All features include comprehensive documentation directly in the Backend interfa
 - Badword filtering for PHPMailer messages
 - Spam protection with customizable patterns
 - Integration via `PHPMAILER_PRE_SEND` extension point
+- **Note**: Applies only to frontend emails; backend emails are not filtered
 
 ### 🔀 Domain & URL Management
 **Location**: `Backend → Upkeep → Domains`