steffen: server/kolab-resource-handlers/kolab-resource-handlers/resmgr kolabfilter.php.in, 1.10, 1.11 resmgr.conf.in, 1.1, 1.2

[cvs at kolab.org]

Author: steffen

Update of /kolabrepository/server/kolab-resource-handlers/kolab-resource-handlers/resmgr
In directory doto:/tmp/cvs-serv17348/kolab-resource-handlers/resmgr

Modified Files:
	kolabfilter.php.in resmgr.conf.in 
Log Message:
forwardport of issue974

Index: kolabfilter.php.in
===================================================================
RCS file: /kolabrepository/server/kolab-resource-handlers/kolab-resource-handlers/resmgr/kolabfilter.php.in,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -d -r1.10 -r1.11
--- kolabfilter.php.in	21 May 2006 13:53:25 -0000	1.10
+++ kolabfilter.php.in	19 Oct 2006 20:56:26 -0000	1.11
@@ -163,6 +163,18 @@
   return $addrs;
 }
 
+/** Returns the format string used to rewrite
+    the From header for untrusted messages */
+function get_untrusted_subject_insert()
+{
+  global $params;
+  if( array_key_exists('untrusted_subject_insert', $params) ) {
+    return $param['untrusted_subject_insert'];
+  } else {
+    return "(UNTRUSTED, sender is <%s>)";
+  }
+}
+
 /** Check that the From header is not trying
     to impersonate a valid user that is not
     $sasluser. Returns one of:
@@ -173,7 +185,7 @@
       From acceptable
     * A PEAR_Error object if something croaked
 */
-function verify_sender( $sasluser, $sender, $from, $client_addr ) {
+function verify_sender( $sasluser, $sender, $fromhdr, $client_addr ) {
   global $params;
 
   /* Allow anything from localhost and
@@ -199,8 +211,8 @@
   } else {
     $allowed_addrs = false;
   }
-
-  $adrs = imap_rfc822_parse_adrlist($from, $params['email_domain'][0]);
+  $untrusted = sprintf(get_untrusted_subject_insert(), $sender);
+  $adrs = imap_rfc822_parse_adrlist($fromhdr, $params['email_domain'][0]);
   foreach ($adrs as $adr) {
     $from = $adr->mailbox.'@'.$adr->host;
     $fromdom = $adr->host;
@@ -220,7 +232,12 @@
 	  } else {
 	    /* Rewrite */
 	    myLog("$from is not an allowed From address for unauthenticated users, rewriting", RM_LOG_DEBUG);
-	    return '"'.str_replace(array("\\",'"'),array("\\\\",'\"'),$adr->personal).' (UNTRUSTED, sender is <'.$sender.'>)" '.'<'.$from.'>';
+	    
+	    if( strpos( $fromhdr, $untrusted )===false ) {
+	      return '"'.str_replace(array("\\",'"'),array("\\\\",'\"'),$adr->personal).' '.$untrusted.'" '.'<'.$from.'>';
+	    } else {
+	      return true;
+	    }
 	  }
 	}
       }

Index: resmgr.conf.in
===================================================================
RCS file: /kolabrepository/server/kolab-resource-handlers/kolab-resource-handlers/resmgr/resmgr.conf.in,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- resmgr.conf.in	5 Dec 2005 14:13:42 -0000	1.1
+++ resmgr.conf.in	19 Oct 2006 20:56:26 -0000	1.2
@@ -36,6 +36,9 @@
 // the envelope? Default is to rewrite the header
 $params['reject_forged_from_header'] = false;
 
+// Text to be inserted in From: when rewriting untrusted mails
+$params['untrusted_subject_insert']="(UNTRUSTED, sender is <%s>)";
+
 // Should we allow forwarded ical messages from Outlook
 // by encapsulating them in a MIME multipart
 $params['allow_outlook_ical_forward']  = true;