Remove "metamta.insecure-auth-with-reply-to" Config option

@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge

phorge phabricator

fork

Summary:
Ref T7477. This option was added in D842 in 2011, to support a specific narrow use case at Quora with community moderators using some kind of weird Gmail config.

I don't recall it ever coming up since then, and a survey of a subset of hosted instances (see T11760) reveals that no instances are using this option today. Presumably, even Quora has completed the onboarding discussed in D842, if they still use Phabricator. This option generally does not seem very useful outside of very unusual/narrow cases like the one Quora had.

This would be relatively easy to restore as a local patch if installs //do// need it, but I suspect this has no use cases anywhere.

Test Plan: Grepped for option, blame-delved to figure out why we added it in the first place, surveyed instances for usage.

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T7477

Differential Revision: https://secure.phabricator.com/D19949

epriestley 7 years ago 84f94994 57b36191

+3 -33

3 changed files

expand all

src

applications

config

check

PhabricatorExtraConfigSetupCheck.php

option

PhabricatorMetaMTAConfigOptions.php

metamta

receiver

PhabricatorMailReceiver.php

src/applications/config/check/PhabricatorExtraConfigSetupCheck.php

··· 391 391 392 392 'phabricator.csrf-key' => pht( 393 393 'CSRF HMAC keys are now managed automatically.'), 394 + 395 + 'metamta.insecure-auth-with-reply-to' => pht( 396 + 'Authenticating users based on "Reply-To" is no longer supported.'), 394 397 ); 395 398 396 399 return $ancient_config;

-8

src/applications/config/option/PhabricatorMetaMTAConfigOptions.php

··· 245 245 )) 246 246 ->setSummary(pht('Show email preferences link in email.')) 247 247 ->setDescription($email_preferences_description), 248 - $this->newOption('metamta.insecure-auth-with-reply-to', 'bool', false) 249 - ->setBoolOptions( 250 - array( 251 - pht('Allow Insecure Reply-To Auth'), 252 - pht('Disallow Reply-To Auth'), 253 - )) 254 - ->setSummary(pht('Trust "Reply-To" headers for authentication.')) 255 - ->setDescription($reply_to_description), 256 248 $this->newOption('metamta.public-replies', 'bool', false) 257 249 ->setBoolOptions( 258 250 array(

-25

src/applications/metamta/receiver/PhabricatorMailReceiver.php

··· 109 109 $raw_from); 110 110 } 111 111 112 - // If we missed on "From", try "Reply-To" if we're configured for it. 113 - $raw_reply_to = $mail->getHeader('Reply-To'); 114 - if (strlen($raw_reply_to)) { 115 - $reply_to_key = 'metamta.insecure-auth-with-reply-to'; 116 - $allow_reply_to = PhabricatorEnv::getEnvConfig($reply_to_key); 117 - if ($allow_reply_to) { 118 - $reply_to = self::getRawAddress($raw_reply_to); 119 - 120 - $user = PhabricatorUser::loadOneWithEmailAddress($reply_to); 121 - if ($user) { 122 - return $user; 123 - } else { 124 - $reasons[] = pht( 125 - 'Phabricator is configured to authenticate users using the '. 126 - '"Reply-To" header, but the reply address ("%s") on this '. 127 - 'message does not correspond to any known user account.', 128 - $raw_reply_to); 129 - } 130 - } else { 131 - $reasons[] = pht( 132 - '(Phabricator is not configured to authenticate users using the '. 133 - '"Reply-To" header, so it was ignored.)'); 134 - } 135 - } 136 - 137 112 // If we don't know who this user is, load or create an external user 138 113 // account for them if we're configured for it. 139 114 $email_key = 'phabricator.allow-email-users';

Configure Feed

Configure Feed