Merge branch 'master' into fix2274

2025-03-03 14:52:36 +02:00 · 2022-03-09 19:33:04 +01:00 · 2022-03-09 19:33:04 +01:00 · a7f9a35fa1
commit a7f9a35fa1
parent a4ed464170 fe7397bedf
2 changed files with 13 additions and 17 deletions
--- a/core/admin/mailu/internal/nginx.py
+++ b/core/admin/mailu/internal/nginx.py
@ -93,8 +93,8 @@ def handle_authentication(headers):
            app.logger.warn(f'Received undecodable user/password from nginx: {raw_user_email!r}/{raw_password!r}')
        else:
            try:
-                user = models.User.query.get(user_email)
-                is_valid_user = True
+                user = models.User.query.get(user_email) if '@' in user_email else None
+                is_valid_user = user is not None
            except sqlalchemy.exc.StatementError as exc:
                exc = str(exc).split('\n', 1)[0]
                app.logger.warn(f'Invalid user {user_email!r}: {exc}')
--- a/core/admin/mailu/internal/views/postfix.py
+++ b/core/admin/mailu/internal/views/postfix.py
@ -5,6 +5,7 @@ from flask import current_app as app
 import flask
 import idna
 import re
+import sqlalchemy.exc
 import srslib

@internal.route("/postfix/dane/<domain_name>")
@ -158,18 +159,13 @@ def postfix_sender_rate(sender):
 def postfix_sender_access(sender):
    """ Simply reject any sender that pretends to be from a local domain
    """
-    if not is_void_address(sender):
-        localpart, domain_name = models.Email.resolve_domain(sender)
-        return flask.jsonify("REJECT") if models.Domain.query.get(domain_name) else flask.abort(404)
-    else:
-        return flask.abort(404)
-
-
-def is_void_address(email):
-    '''True if the email is void (null) email address.
-    '''
-    if email.startswith('<') and email.endswith('>'):
-        email = email[1:-1]
-    # Some MTAs use things like '<MAILER-DAEMON>' instead of '<>'; so let's
-    # consider void any such thing.
-    return '@' not in email
+    if '@' in sender:
+        if sender.startswith('<') and sender.endswith('>'):
+            sender = sender[1:-1]
+        try:
+            localpart, domain_name = models.Email.resolve_domain(sender)
+            if models.Domain.query.get(domain_name):
+                return flask.jsonify("REJECT")
+        except sqlalchemy.exc.StatementError:
+            pass
+    return flask.abort(404)