recaptime.dev / phorge
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Don't send error/exception mail to unverified addresses

Summary:
Depends on D19017. Fixes T12491. Ref T13053. After SES threw us in the dungeon for sending mail to a spamtrap we changed outbound mail rules to stop sending to unverified addresses, except a small amount of registration mail which we can't avoid.

However, we'll still reply to random inbound messages with a helpful error, even if the sender is unverified.

Instead, only send exception mail back if we know who the sender is.

Test Plan: Processed inbound mail with `scripts/mail/mail_handler.php`. No more outbound mail for "bad address", etc. Still got outbound mail for "unknown command !quack".

Reviewers: amckinley

Maniphest Tasks: T13053, T12491

Differential Revision: https://secure.phabricator.com/D19018

epriestley dbe479f0 5792032d

+12 -7
+12 -7
src/applications/metamta/storage/PhabricatorMetaMTAReceivedMail.php
··· 105 105 106 106 public function processReceivedMail() { 107 107 108 + $sender = null; 108 109 try { 109 110 $this->dropMailFromPhabricator(); 110 111 $this->dropMailAlreadyReceived(); ··· 140 141 // This error is explicitly ignored. 141 142 break; 142 143 default: 143 - $this->sendExceptionMail($ex); 144 + $this->sendExceptionMail($ex, $sender); 144 145 break; 145 146 } 146 147 ··· 150 151 ->save(); 151 152 return $this; 152 153 } catch (Exception $ex) { 153 - $this->sendExceptionMail($ex); 154 + $this->sendExceptionMail($ex, $sender); 154 155 155 156 $this 156 157 ->setStatus(MetaMTAReceivedMailStatus::STATUS_UNHANDLED_EXCEPTION) ··· 305 306 return head($accept); 306 307 } 307 308 308 - private function sendExceptionMail(Exception $ex) { 309 - $from = $this->getHeader('from'); 310 - if (!strlen($from)) { 309 + private function sendExceptionMail( 310 + Exception $ex, 311 + PhabricatorUser $viewer = null) { 312 + 313 + // If we've failed to identify a legitimate sender, we don't send them 314 + // an error message back. We want to avoid sending mail to unverified 315 + // addresses. See T12491. 316 + if (!$viewer) { 311 317 return; 312 318 } 313 319 ··· 364 370 365 371 $mail = id(new PhabricatorMetaMTAMail()) 366 372 ->setIsErrorEmail(true) 367 - ->setForceDelivery(true) 368 373 ->setSubject($title) 369 - ->addRawTos(array($from)) 374 + ->addTos(array($viewer->getPHID())) 370 375 ->setBody($body) 371 376 ->saveAndSend(); 372 377 }