Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
These changes are my first stab in closing up a hole where you can ha…
…ve multiple From: addresses - and having the first From: address found be, say, the list owner, but have a different From: address be a spoofing address. I doubt it's perfect, but it's much better than absolutely nothing.

Closes #11
  • Loading branch information
justingit committed Jan 6, 2010
1 parent 619c9f7 commit 0e4ba7a
Showing 1 changed file with 34 additions and 1 deletion.
35 changes: 34 additions & 1 deletion dada/plugins/dada_bridge.pl
Expand Up @@ -129,6 +129,9 @@ package dada_bridge;
# Gmail seems to have problems with this...
$Plugin_Config->{Check_Multiple_Return_Path_Headers} = 0;

# Stops From: header spoofing (a little bit, anyways)
$Plugin_Config->{Check_Multiple_From_Addresses} = 1;

# This is the message sent to the List Owner,
# telling them a message is waiting for their
# Approval! Yeah!
Expand Down Expand Up @@ -1586,6 +1589,7 @@ sub validate_msg {
# This should *really* mention each and every test....

my $errors = {
multiple_from_addresses => 0,
msg_from_list_address => 0,
list_email_address_is_list_owner_address => 0,
invalid_msg => 0,
Expand Down Expand Up @@ -1645,6 +1649,33 @@ sub validate_msg {
return ( 0, $errors );
}

# These checks make sure that multiple From: headers and addresses don't exist
if ( $Plugin_Config->{Check_Multiple_From_Addresses} == 1 ) {
eval {
if ( $entity->head->count('From') > 1 ) {
print "\t\tMessage has more than one 'From' header? Unsupported email message - will reject!\n"
if $verbose;
$errors->{multiple_from_addresses} = 1;
}
else {
my @count = Email::Address->parse($entity->head->get( 'From', 0));
if(scalar(@count) > 1){
print "\t\tMessage has more than one 'From' header? Unsupported email message - will reject!\n"
if $verbose;
$errors->{multiple_from_addresses} = 1;
}
}
};
if($@){
print "\t\tError with multiple from address check! Marking as a problem! - $@"
if $verbose;
$errors->{multiple_from_addresses} = 1;

}
}
# /These checks make sure that multiple From: headers and addresses don't exist


if ( $Plugin_Config->{Check_Multiple_Return_Path_Headers} == 1 ) {

if ( $entity->head->count('Return-Path') > 1 ) {
Expand Down Expand Up @@ -1678,11 +1709,13 @@ sub validate_msg {
my $from_address = '';

if ( defined($rough_from) ) {
;
eval {
$from_address = ( Email::Address->parse($rough_from) )[0]->address;
};
}
else {
# ...
}

print '\t\tWarning! Something\'s wrong with the From address - ' . $@
if $@ && $verbose;
Expand Down

0 comments on commit 0e4ba7a

Please sign in to comment.