X-Git-Url: http://www.git.stargrave.org/?a=blobdiff_plain;f=lib%2FPublicInbox%2FMDA.pm;h=d5af8f94081d3ab3f73d7403ca42f035e3f6b7de;hb=3d41aa23f35501ca92aab8aa42980fa73f7fa74f;hp=d2ce79eb210fe62b52160ab5ad0b08178e98d4a6;hpb=2998925e315acfd8799421d06d0590798b3076ff;p=public-inbox.git diff --git a/lib/PublicInbox/MDA.pm b/lib/PublicInbox/MDA.pm index d2ce79eb..d5af8f94 100644 --- a/lib/PublicInbox/MDA.pm +++ b/lib/PublicInbox/MDA.pm @@ -1,13 +1,27 @@ -# Copyright (C) 2013, Eric Wong and all contributors -# License: AGPLv3 or later (https://www.gnu.org/licenses/agpl-3.0.txt) +# Copyright (C) 2013-2018 all contributors +# License: AGPL-3.0+ +# +# For the -mda script (mail delivery agent) package PublicInbox::MDA; use strict; use warnings; -use Email::Address; -use Encode qw/decode/; +use Email::Simple; use Date::Parse qw(strptime); use constant MAX_SIZE => 1024 * 500; # same as spamc default, should be tunable -use constant cmd => qw/ssoma-mda -1/; +use constant MAX_MID_SIZE => 244; # max term size - 1 in Xapian + +our @BAD_HEADERS = ( + # postfix + qw(delivered-to x-original-to), # prevent training loops + + # The rest are taken from Mailman 2.1.15: + # could contain passwords: + qw(approved approve x-approved x-approve urgent), + # could be used phishing: + qw(return-receipt-to disposition-notification-to x-confirm-reading-to), + # Pegasus mail: + qw(x-pmrqc) +); # drop plus addressing for matching sub __drop_plus { @@ -18,15 +32,17 @@ sub __drop_plus { # do not allow Bcc, only Cc and To if recipient is set sub precheck { - my ($klass, $filter, $address) = @_; - my $simple = $filter->simple; - my $mid = $simple->header("Message-ID"); + my ($klass, $simple, $address) = @_; + my @mid = $simple->header('Message-ID'); + return 0 if scalar(@mid) != 1; + my $mid = $mid[0]; + return 0 if (length($mid) > MAX_MID_SIZE); return 0 unless usable_str(length(''), $mid) && $mid =~ /\@/; - return 0 unless usable_str(length('u@h'), $filter->from); + return 0 unless usable_str(length('u@h'), $simple->header("From")); return 0 unless usable_str(length(':o'), $simple->header("Subject")); return 0 unless usable_date($simple->header("Date")); return 0 if length($simple->as_string) > MAX_SIZE; - alias_specified($filter, $address); + alias_specified($simple, $address); } sub usable_str { @@ -40,17 +56,17 @@ sub usable_date { } sub alias_specified { - my ($filter, $address) = @_; + my ($simple, $address) = @_; my @address = ref($address) eq 'ARRAY' ? @$address : ($address); my %ok = map { - my @recip = Email::Address->parse($_); - lc(__drop_plus($recip[0]->address)) => 1; + lc(__drop_plus($_)) => 1; } @address; - foreach my $line ($filter->cc, $filter->to) { - foreach my $addr (Email::Address->parse($line)) { - if ($ok{lc(__drop_plus($addr->address))}) { + foreach my $line ($simple->header('Cc'), $simple->header('To')) { + my @addrs = ($line =~ /([^,<\s]+\@[^,>\s]+)/g); + foreach my $addr (@addrs) { + if ($ok{lc(__drop_plus($addr))}) { return 1; } } @@ -58,34 +74,15 @@ sub alias_specified { return 0; } -# RFC2919 and RFC2369 sub set_list_headers { my ($class, $simple, $dst) = @_; - my $pa = "<$dst->{-primary_address}>"; - $simple->header_set("List-Id", $pa); - $simple->header_set("List-Post", $pa); - - # prevent training loops - $simple->header_set('Delivered-To'); - - my $url = $dst->{url}; - if (defined $url) { - $simple->header_set("List-Archive", "<$url>"); - $simple->header_set("List-Help", "<${url}help>"); + unless (defined $simple->header('List-Id')) { + my $pa = $dst->{-primary_address}; + $pa =~ tr/@/./; # RFC2919 + $simple->header_set("List-Id", "<$pa>"); } -} - -# returns a 3-element array: name, email, date -sub author_info { - my ($class, $mime) = @_; - my $from = $mime->header('From'); - my @from = Email::Address->parse($from); - my $name = $from[0]->name; - defined $name or $name = ''; - my $email = $from[0]->address; - defined $email or $email = ''; - ($name, $email, $mime->header('Date')); + $simple->header_set($_) foreach @BAD_HEADERS; } 1;