revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-01-11 07:11:04 +01:00
Code Issues Releases Wiki Activity

Don't send error/exception mail to unverified addresses

Browse source 
Summary:
Depends on D19017. Fixes T12491. Ref T13053. After SES threw us in the dungeon for sending mail to a spamtrap we changed outbound mail rules to stop sending to unverified addresses, except a small amount of registration mail which we can't avoid.

However, we'll still reply to random inbound messages with a helpful error, even if the sender is unverified.

Instead, only send exception mail back if we know who the sender is.

Test Plan: Processed inbound mail with `scripts/mail/mail_handler.php`. No more outbound mail for "bad address", etc. Still got outbound mail for "unknown command !quack".

Reviewers: amckinley

Maniphest Tasks: T13053, T12491

Differential Revision: https://secure.phabricator.com/D19018
This commit is contained in:
epriestley 2018-02-07 05:09:21 -08:00
parent 5792032dc9
commit dbe479f0d9
1 changed files with 12 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
src/applications/metamta/storage/PhabricatorMetaMTAReceivedMail.php
View file

@ -105,6 +105,7 @@ final class PhabricatorMetaMTAReceivedMail extends PhabricatorMetaMTADAO {
public function processReceivedMail() {
$sender = null;
try {
$this->dropMailFromPhabricator();
$this->dropMailAlreadyReceived();
@ -140,7 +141,7 @@ final class PhabricatorMetaMTAReceivedMail extends PhabricatorMetaMTADAO {
// This error is explicitly ignored.
break;
default:
$this->sendExceptionMail($ex);
$this->sendExceptionMail($ex, $sender);
break;
}
@ -150,7 +151,7 @@ final class PhabricatorMetaMTAReceivedMail extends PhabricatorMetaMTADAO {
->save();
return $this;
} catch (Exception $ex) {
$this->sendExceptionMail($ex);
$this->sendExceptionMail($ex, $sender);
$this
->setStatus(MetaMTAReceivedMailStatus::STATUS_UNHANDLED_EXCEPTION)
@ -305,9 +306,14 @@ final class PhabricatorMetaMTAReceivedMail extends PhabricatorMetaMTADAO {
return head($accept);
}
private function sendExceptionMail(Exception $ex) {
$from = $this->getHeader('from');
if (!strlen($from)) {
private function sendExceptionMail(
Exception $ex,
PhabricatorUser $viewer = null) {
// If we've failed to identify a legitimate sender, we don't send them
// an error message back. We want to avoid sending mail to unverified
// addresses. See T12491.
if (!$viewer) {
return;
}
@ -364,9 +370,8 @@ EOBODY
$mail = id(new PhabricatorMetaMTAMail())
->setIsErrorEmail(true)
->setForceDelivery(true)
->setSubject($title)
->addRawTos(array($from))
->addTos(array($viewer->getPHID()))
->setBody($body)
->saveAndSend();
}