mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-23 05:50:55 +01:00
No description
a37b28ef79
Summary: Depends on D19952. Ref T13222. Never process mail targets if they match: - The "default" address which we send mail "From". - The "void" address which we use as a placholder "To" when we only have "CC" addresses. - Any address from a list of reserved/administrative names. The first two prevent loops. The third one prevents abuse. There's a reasonably well-annotated list of reservations and reasons here: https://webmasters.stackexchange.com/questions/104811/is-there-any-list-of-email-addresses-reserved-because-of-security-concerns-for-a Stuff like `support@` seems fine; stuff like `ssladmin@` might let you get SSL certs issued for a domain you don't control. Also, forbid users from creating application emails with these reserved addresses. Finally, build the default and void addresses somewhat more cleverly. Test Plan: Added unit tests, tried to configured reserved addresses, hit the default/void cases manually with `bin/mail receive-test`. Reviewers: amckinley Reviewed By: amckinley Subscribers: olexiy.myronenko Maniphest Tasks: T13222 Differential Revision: https://secure.phabricator.com/D19953 |
||
---|---|---|
bin | ||
conf | ||
externals | ||
resources | ||
scripts | ||
src | ||
support | ||
webroot | ||
.arcconfig | ||
.arclint | ||
.arcunit | ||
.editorconfig | ||
.gitignore | ||
LICENSE | ||
NOTICE | ||
README.md |
Phabricator is a collection of web applications which help software companies build better software.
Phabricator includes applications for:
- reviewing and auditing source code;
- hosting and browsing repositories;
- tracking bugs;
- managing projects;
- conversing with team members;
- assembling a party to venture forth;
- writing stuff down and reading it later;
- hiding stuff from coworkers; and
- also some other things.
You can learn more about the project (and find links to documentation and resources) at Phabricator.org
Phabricator is developed and maintained by Phacility.
SUPPORT RESOURCES
For resources on filing bugs, requesting features, reporting security issues, and getting other kinds of support, see Support Resources.
NO PULL REQUESTS!
We do not accept pull requests through GitHub. If you would like to contribute code, please read our Contributor's Guide.
LICENSE
Phabricator is released under the Apache 2.0 license except as otherwise noted.