steffen: server/kolab-resource-handlers/kolab-resource-handlers/resmgr kolabfilter.php, 1.5, 1.6
cvs at intevation.de
cvs at intevation.de
Sun Nov 21 17:19:43 CET 2004
Author: steffen
Update of /kolabrepository/server/kolab-resource-handlers/kolab-resource-handlers/resmgr
In directory doto:/tmp/cvs-serv23595/kolab-resource-handlers/resmgr
Modified Files:
kolabfilter.php
Log Message:
Fix for Issue537 (comparing From and From:)
Index: kolabfilter.php
===================================================================
RCS file: /kolabrepository/server/kolab-resource-handlers/kolab-resource-handlers/resmgr/kolabfilter.php,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -d -r1.5 -r1.6
--- kolabfilter.php 17 Nov 2004 23:40:40 -0000 1.5
+++ kolabfilter.php 21 Nov 2004 16:19:41 -0000 1.6
@@ -32,16 +32,37 @@
define( 'EX_TEMPFAIL', 75 );
define( 'EX_UNAVAILABLE', 69 );
+// Temp file for storing the message
$tmpfname = tempnam( TMPDIR, 'IN.' );
$tmpf = fopen($tmpfname, "w");
+// Cleanup function
function cleanup() {
global $tmpfname;
file_exists($tmpfname) && unlink($tmpfname);
}
-
register_shutdown_function( 'cleanup' );
+// Check that mail from our domains have trustable
+// From: header and that mail from the outside
+// does not impersonate any user from our domain
+function verify_sender( $sender, $from ) {
+ global $params;
+ if( is_array($params['email_domain']) ) {
+ $domains = $params['email_domain'];
+ } else {
+ $domains = array($params['email_domain']);
+ }
+ foreach( $domains as $domain ) {
+ if( (substr($sender, -strlen($domain)) == $domain ||
+ substr($from, -strlen($domain)) == $domain ) &&
+ $sender != $from ) {
+ return false;
+ }
+ }
+ return true;
+}
+
$options = getopt("s:r:");
if (!array_key_exists('r', $options) || !array_key_exists('s', $options)) {
@@ -54,7 +75,6 @@
myLog("Kolabfilter starting up, sender=$sender, recipient=$recipient", RM_LOG_DEBUG);
-
$ical = false;
$add_headers = array();
while (!feof(STDIN)) {
@@ -66,7 +86,7 @@
$adrs = imap_rfc822_parse_adrlist($regs[1], $params['email_domain']);
foreach( $adrs as $adr ) {
$from = $adr->mailbox.'@'.$adr->host;
- if( strtolower($from) != strtolower($sender) ) {
+ if( !verify_sender( $sender, strtolower($from)) ) {
fwrite(STDOUT,"Invalid From: header. $from does not match envelope $sender\n");
exit(EX_UNAVAILABLE);
}
More information about the commits
mailing list