archive/phabricator
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Don't send error/exception mail to unverified addresses

Browse Source 
Summary:
Depends on D19017. Fixes T12491. Ref T13053. After SES threw us in the dungeon for sending mail to a spamtrap we changed outbound mail rules to stop sending to unverified addresses, except a small amount of registration mail which we can't avoid.

However, we'll still reply to random inbound messages with a helpful error, even if the sender is unverified.

Instead, only send exception mail back if we know who the sender is.

Test Plan: Processed inbound mail with `scripts/mail/mail_handler.php`. No more outbound mail for "bad address", etc. Still got outbound mail for "unknown command !quack".

Reviewers: amckinley

Maniphest Tasks: T13053, T12491

Differential Revision: https://secure.phabricator.com/D19018
This commit is contained in:
epriestley
2018-02-07 05:09:21 -08:00
parent 5792032dc9
commit dbe479f0d9
1 changed files with 12 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/applications/metamta/storage/PhabricatorMetaMTAReceivedMail.php
View File

@@ -105,6 +105,7 @@ final class PhabricatorMetaMTAReceivedMail extends PhabricatorMetaMTADAO {
public function processReceivedMail() { public function processReceivedMail() {
$sender = null;
try { try {
$this->dropMailFromPhabricator(); $this->dropMailFromPhabricator();
$this->dropMailAlreadyReceived(); $this->dropMailAlreadyReceived();
@@ -140,7 +141,7 @@ final class PhabricatorMetaMTAReceivedMail extends PhabricatorMetaMTADAO {
// This error is explicitly ignored. // This error is explicitly ignored.
break; break;
default: default:
$this->sendExceptionMail($ex); $this->sendExceptionMail($ex, $sender);
break; break;
} }
@@ -150,7 +151,7 @@ final class PhabricatorMetaMTAReceivedMail extends PhabricatorMetaMTADAO {
->save(); ->save();
return $this; return $this;
} catch (Exception $ex) { } catch (Exception $ex) {
$this->sendExceptionMail($ex); $this->sendExceptionMail($ex, $sender);
$this $this
->setStatus(MetaMTAReceivedMailStatus::STATUS_UNHANDLED_EXCEPTION) ->setStatus(MetaMTAReceivedMailStatus::STATUS_UNHANDLED_EXCEPTION)
@@ -305,9 +306,14 @@ final class PhabricatorMetaMTAReceivedMail extends PhabricatorMetaMTADAO {
return head($accept); return head($accept);
} }
private function sendExceptionMail(Exception $ex) { private function sendExceptionMail(
$from = $this->getHeader('from'); Exception $ex,
if (!strlen($from)) { PhabricatorUser $viewer = null) {
// If we've failed to identify a legitimate sender, we don't send them
// an error message back. We want to avoid sending mail to unverified
// addresses. See T12491.
if (!$viewer) {
return; return;
} }
@@ -364,9 +370,8 @@ EOBODY
$mail = id(new PhabricatorMetaMTAMail()) $mail = id(new PhabricatorMetaMTAMail())
->setIsErrorEmail(true) ->setIsErrorEmail(true)
->setForceDelivery(true)
->setSubject($title) ->setSubject($title)
->addRawTos(array($from)) ->addTos(array($viewer->getPHID()))
->setBody($body) ->setBody($body)
->saveAndSend(); ->saveAndSend();
} }