[tor-commits] [bridgedb/master] Change MailMessage.validateFrom() to respect internal proxy hosts.
isis at torproject.org
isis at torproject.org
Fri Jun 6 23:39:14 UTC 2014
commit add31550fb5d4ff1ab53d8e1079a89e2b4652336
Author: Isis Lovecruft <isis at torproject.org>
Date: Sat May 17 02:13:21 2014 +0000
Change MailMessage.validateFrom() to respect internal proxy hosts.
The online server was getting `ORIGIN: "<bridges at ponticum>"' for the
`origin` parameter to bridgedb.email.server.MailMessage.validateFrom().
In order to automatically allow forwarded emails from localhost, we
passthrough on the first check on canonical domains in the
validateFrom() method if the domain matches the one returned from a
socket.gethostbyname() or socket.gethostname(), otherwise we fallback to
canonicalizeEmailDomain() later.
---
lib/bridgedb/email/server.py | 36 ++++++++++++++++++++++++++++++------
1 file changed, 30 insertions(+), 6 deletions(-)
diff --git a/lib/bridgedb/email/server.py b/lib/bridgedb/email/server.py
index 8549e8a..5b7ceb2 100644
--- a/lib/bridgedb/email/server.py
+++ b/lib/bridgedb/email/server.py
@@ -19,6 +19,7 @@ from __future__ import unicode_literals
import logging
import io
+import socket
import time
from twisted.internet import defer
@@ -224,6 +225,8 @@ class MailContext(object):
self.nBridges = config.EMAIL_N_BRIDGES_PER_ANSWER
self.username = (config.EMAIL_USERNAME or "bridges")
+ self.hostname = socket.gethostname()
+ self.hostaddr = socket.gethostbyname(self.hostname)
self.fromAddr = (config.EMAIL_FROM_ADDR or "bridges at torproject.org")
self.smtpFromAddr = (config.EMAIL_SMTP_FROM_ADDR or self.fromAddr)
self.smtpServerPort = (config.EMAIL_SMTP_PORT or 25)
@@ -682,18 +685,39 @@ class MailDelivery(object):
return hdr
def validateFrom(self, helo, origin):
+ """Validate the ``"From:"`` address on the incoming email.
+
+ This is done at the SMTP layer. Meaning that if a Postfix or other
+ email server is proxying emails from the outside world to BridgeDB,
+ the ``origin.domain`` will be set to the local hostname.
+
+ :type helo: tuple
+ :param helo: The lines received during SMTP client HELO.
+ :type origin: :api:`twisted.mail.smtp.Address`
+ :param origin: The email address we received this message from.
+ :raises: :api:`twisted.mail.smtp.SMTPBadSender` if the
+ ``origin.domain`` was neither our local hostname, nor one of the
+ canonical domains listed in :ivar:`context.canon`.
+ :rtype: :api:`twisted.mail.smtp.Address`
+ :returns: The ``origin``. We *must* return some non-``None`` data from
+ this method, or else Twisted will reply to the sender with a 503
+ error.
+ """
try:
- logging.debug("ORIGIN: %r" % repr(origin.addrstr))
- canonical = canonicalizeEmailDomain(origin.domain,
- self.context.canon)
+ if ((origin.domain == self.context.hostname) or
+ (origin.domain == self.context.hostaddr)):
+ return origin
+ else:
+ logging.debug("ORIGIN DOMAIN: %r" % origin.domain)
+ canonical = canonicalizeEmailDomain(origin.domain,
+ self.context.canon)
+ logging.debug("Got canonical domain: %r" % canonical)
+ self.fromCanonical = canonical
except UnsupportedDomain as error:
logging.info(error)
raise smtp.SMTPBadSender(origin.domain)
except Exception as error:
logging.exception(error)
- else:
- logging.debug("Got canonical domain: %r" % canonical)
- self.fromCanonical = canonical
return origin # This method *cannot* return None, or it'll cause a 503.
def validateTo(self, user):
More information about the tor-commits
mailing list