steffen: server/kolab-resource-handlers/kolab-resource-handlers/resmgr kolabfilter.php, 1.5, 1.6

[cvs at intevation.de]

Author: steffen

Update of /kolabrepository/server/kolab-resource-handlers/kolab-resource-handlers/resmgr
In directory doto:/tmp/cvs-serv23595/kolab-resource-handlers/resmgr

Modified Files:
	kolabfilter.php 
Log Message:
Fix for Issue537 (comparing From and From:)

Index: kolabfilter.php
===================================================================
RCS file: /kolabrepository/server/kolab-resource-handlers/kolab-resource-handlers/resmgr/kolabfilter.php,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -d -r1.5 -r1.6
--- kolabfilter.php	17 Nov 2004 23:40:40 -0000	1.5
+++ kolabfilter.php	21 Nov 2004 16:19:41 -0000	1.6
@@ -32,16 +32,37 @@
 define( 'EX_TEMPFAIL', 75 );
 define( 'EX_UNAVAILABLE', 69 );
 
+// Temp file for storing the message
 $tmpfname = tempnam( TMPDIR, 'IN.' );
 $tmpf = fopen($tmpfname, "w");
 
+// Cleanup function
 function cleanup() {
   global $tmpfname;
   file_exists($tmpfname) && unlink($tmpfname);
 }
-
 register_shutdown_function( 'cleanup' );
 
+// Check that mail from our domains have trustable
+// From: header and that mail from the outside
+// does not impersonate any user from our domain
+function verify_sender( $sender, $from ) {
+  global $params;
+  if( is_array($params['email_domain']) ) {
+    $domains = $params['email_domain'];
+  } else {
+    $domains = array($params['email_domain']);
+  }
+  foreach( $domains as $domain ) {
+    if( (substr($sender, -strlen($domain)) == $domain ||
+	 substr($from, -strlen($domain)) == $domain ) &&
+	$sender != $from ) {
+      return false;
+    }
+  }
+  return true;
+}
+
 $options = getopt("s:r:");
 
 if (!array_key_exists('r', $options) || !array_key_exists('s', $options)) {
@@ -54,7 +75,6 @@
 
 myLog("Kolabfilter starting up, sender=$sender, recipient=$recipient", RM_LOG_DEBUG);
 
-
 $ical = false;
 $add_headers = array();
 while (!feof(STDIN)) {
@@ -66,7 +86,7 @@
     $adrs = imap_rfc822_parse_adrlist($regs[1], $params['email_domain']);
     foreach( $adrs as $adr ) {
       $from = $adr->mailbox.'@'.$adr->host;
-      if( strtolower($from) != strtolower($sender) ) {
+      if( !verify_sender( $sender, strtolower($from)) ) {
 	fwrite(STDOUT,"Invalid From: header. $from does not match envelope $sender\n");
 	exit(EX_UNAVAILABLE);
       }