steffen: server/kolab-resource-handlers/kolab-resource-handlers/resmgr kolabfilter.php, 1.25, 1.26
cvs at intevation.de
cvs at intevation.de
Wed Jun 15 13:05:47 CEST 2005
Author: steffen
Update of /kolabrepository/server/kolab-resource-handlers/kolab-resource-handlers/resmgr
In directory doto:/tmp/cvs-serv29743
Modified Files:
kolabfilter.php
Log Message:
Issue783 (From rewriting)
Index: kolabfilter.php
===================================================================
RCS file: /kolabrepository/server/kolab-resource-handlers/kolab-resource-handlers/resmgr/kolabfilter.php,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -d -r1.25 -r1.26
--- kolabfilter.php 10 Jun 2005 23:54:37 -0000 1.25
+++ kolabfilter.php 15 Jun 2005 11:05:45 -0000 1.26
@@ -79,6 +79,25 @@
}
register_shutdown_function( 'cleanup' );
+function is_my_domain( $addr ) {
+ global $params;
+ if( is_array($params['email_domain']) ) {
+ $domains = $params['email_domain'];
+ } else {
+ $domains = array($params['email_domain']);
+ }
+
+ $adrs = imap_rfc822_parse_adrlist($addr, $params['email_domain']);
+ foreach ($adrs as $adr) {
+ $adrdom = $adr->host;
+ foreach( $domains as $dom ) {
+ if( $dom == $adrdom ) return true;
+ if( $params['verify_subdomains'] && substr($adrdom, -strlen($dom)-1) == ".$dom" ) return true;
+ }
+ }
+ return false;
+}
+
// Check that mail from our domains have trustable
// From: header and that mail from the outside
// does not impersonate any user from our domain
@@ -98,22 +117,22 @@
$senderdom = substr(strrchr($sender, '@'), 1);
foreach( $domains as $domain ) {
if( $params['verify_subdomains'] ) {
- //myLog( "Checking if ".substr($senderdom, -strlen($domain)-1)." == .$domain", RM_LOG_DEBUG );
- //myLog( "Checking if ".substr($fromdom, -strlen($domain)-1)." == .$domain", RM_LOG_DEBUG );
- if( $client_addr != '127.0.0.1' &&
- ($senderdom == $domain ||
- $fromdom == $domain ||
- substr($senderdom, -strlen($domain)-1) == ".$domain" ||
- substr($fromdom, -strlen($domain)-1) == ".$domain" ) &&
- $sender != $from ) {
- return false;
- }
+ //myLog( "Checking if ".substr($senderdom, -strlen($domain)-1)." == .$domain", RM_LOG_DEBUG );
+ //myLog( "Checking if ".substr($fromdom, -strlen($domain)-1)." == .$domain", RM_LOG_DEBUG );
+ if( $client_addr != '127.0.0.1' &&
+ ($senderdom == $domain ||
+ $fromdom == $domain ||
+ substr($senderdom, -strlen($domain)-1) == ".$domain" ||
+ substr($fromdom, -strlen($domain)-1) == ".$domain" ) &&
+ $sender != $from ) {
+ return false;
+ }
} else {
- if( ($senderdom == $domain ||
- $fromdom == $domain ) &&
- $sender != $from ) {
- return false;
- }
+ if( ($senderdom == $domain ||
+ $fromdom == $domain ) &&
+ $sender != $from ) {
+ return false;
+ }
}
}
}
@@ -162,10 +181,17 @@
if( !verify_sender( strtolower($sender), strtolower($from), $client_address) ) {
myLog("$sender and $from differ!", RM_LOG_DEBUG);
if( $params['reject_forged_from_header'] ) {
+ // Always reject mismatches
$senderok = false;
} else {
- myLog("Rewriting From header", RM_LOG_DEBUG);
- $rewrittenfrom = "From: $from (UNTRUSTED, sender is \"$sender\")\r\n";
+ // Only rewrite if from is ours and envelope not
+ if( is_my_domain( $from ) && !is_my_domain( $sender )) {
+ myLog("Rewriting From header", RM_LOG_DEBUG);
+ $rewrittenfrom = "From: $from (UNTRUSTED, sender is \"$sender\")\r\n";
+ } else {
+ // Not our domain in From, reject
+ $senderok = false;
+ }
}
}
}
More information about the commits
mailing list