self-hosted/Mailu
1
0
Fork 0
mirror of https://github.com/Mailu/Mailu.git synced 2025-03-03 14:52:36 +02:00
Code Issues Releases Activity

Merge branch 'master' into fix2274

Browse Source
This commit is contained in:
Florent Daigniere 2022-03-09 19:33:04 +01:00 committed by GitHub
commit a7f9a35fa1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 13 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
core/admin/mailu/internal/nginx.py
View File

@ -93,8 +93,8 @@ def handle_authentication(headers):
app.logger.warn(f'Received undecodable user/password from nginx: {raw_user_email!r}/{raw_password!r}') app.logger.warn(f'Received undecodable user/password from nginx: {raw_user_email!r}/{raw_password!r}')
else: else:
try: try:
user = models.User.query.get(user_email) user = models.User.query.get(user_email) if '@' in user_email else None
is_valid_user = True is_valid_user = user is not None
except sqlalchemy.exc.StatementError as exc: except sqlalchemy.exc.StatementError as exc:
exc = str(exc).split('\n', 1)[0] exc = str(exc).split('\n', 1)[0]
app.logger.warn(f'Invalid user {user_email!r}: {exc}') app.logger.warn(f'Invalid user {user_email!r}: {exc}')

26
core/admin/mailu/internal/views/postfix.py
View File

@ -5,6 +5,7 @@ from flask import current_app as app
import flask import flask
import idna import idna
import re import re
import sqlalchemy.exc
import srslib import srslib
@internal.route("/postfix/dane/<domain_name>") @internal.route("/postfix/dane/<domain_name>")
@ -158,18 +159,13 @@ def postfix_sender_rate(sender):
def postfix_sender_access(sender): def postfix_sender_access(sender):
""" Simply reject any sender that pretends to be from a local domain """ Simply reject any sender that pretends to be from a local domain
""" """
if not is_void_address(sender): if '@' in sender:
localpart, domain_name = models.Email.resolve_domain(sender) if sender.startswith('<') and sender.endswith('>'):
return flask.jsonify("REJECT") if models.Domain.query.get(domain_name) else flask.abort(404) sender = sender[1:-1]
else: try:
return flask.abort(404) localpart, domain_name = models.Email.resolve_domain(sender)
if models.Domain.query.get(domain_name):
return flask.jsonify("REJECT")
def is_void_address(email): except sqlalchemy.exc.StatementError:
'''True if the email is void (null) email address. pass
''' return flask.abort(404)
if email.startswith('<') and email.endswith('>'):
email = email[1:-1]
# Some MTAs use things like '<MAILER-DAEMON>' instead of '<>'; so let's
# consider void any such thing.
return '@' not in email