On Fri, 27 Mar 2009 at 02:52:17 +0000, Simon McVittie wrote: > The attached patch adds a trust_from_address option, which is basically the > opposite of fix_from_address. If set, then each user's configurable From > address is used as the SMTP envelope sender (if possible), and the user's > authenticated username is placed in an X-header. It builds on > usernames_with_at.patch. > > (Also, as a bugfix for usernames_with_at.patch, if the authenticated username > contains '@', return_domain is no longer appended.) > > This is analogous to Exim's untrusted_set_sender option, and Postfix's > default behaviour.
With a patch attached this time... (The patch is in the right format to add to debian/patches directly.)
Index: prayer-1.2.2.1/files/etc/prayer.cf.SRC
===================================================================
--- prayer-1.2.2.1.orig/files/etc/prayer.cf.SRC 2009-03-27 02:26:38.000000000 +0000
+++ prayer-1.2.2.1/files/etc/prayer.cf.SRC 2009-03-27 02:26:38.000000000 +0000
@@ -346,6 +346,9 @@
# fix_from_address suppresses From address option from Preferences and
# Roles screens.
fix_from_address = FALSE
+# If enabled, Sender is not set on outgoing email, so From address will be
+# believed
+# trust_from_address = FALSE
# Defaults for Cyrus (actually Hermes derivative) spam_purge command.
spam_purge_name = "spam_purge"
Index: prayer-1.2.2.1/session/draft.c
===================================================================
--- prayer-1.2.2.1.orig/session/draft.c 2009-03-27 02:26:38.000000000 +0000
+++ prayer-1.2.2.1/session/draft.c 2009-03-27 02:29:39.000000000 +0000
@@ -1371,6 +1371,39 @@
/* ====================================================================== */
+/* draft_make_sender() ***************************************************
+ *
+ * Get the SMTP envelope sender of the message.
+ *
+ * draft: A draft
+ * len: Returns length of resulting string if non-NIL.
+ *
+ * Returns: NULL terminated string allocated from session->request->pool.
+ ************************************************************************/
+
+char *draft_make_sender(struct draft *draft)
+{
+ struct session *session = draft->session;
+ struct config *config = session->config;
+ struct pool *pool = session->request->pool;
+ char *sender = NIL;
+
+ if (draft->from_address && draft->from_address[0] &&
+ config->trust_from_address) {
+ sender = draft->from_address;
+ } else if (strchr(session->username, '@')) {
+ sender = pool_strdup(pool, session->username);
+ } else {
+ sender =
+ pool_printf(pool, "%...@%s", session->username,
+ config->return_path_domain);
+ }
+
+ return sender;
+}
+
+/* ====================================================================== */
+
/* draft_make_msg() ******************************************************
*
* Convert draft into RFC822 format message suitable for SMTP or
@@ -1434,7 +1467,12 @@
bputs(mb, "" CRLF);
if (use_sender) {
- if (strchr(session->username, '@')) {
+ if (config->trust_from_address) {
+ /* We're trusting the user to set the envelope sender, so don't add
+ * a Sender header either, but do leave some sort of audit trail */
+ bprintf(mb, "X-Originating-User: %s" CRLF, session->username);
+ }
+ else if (strchr(session->username, '@')) {
bprintf(mb, "Sender: %s" CRLF, session->username);
} else {
bprintf(mb, "Sender: %...@%s" CRLF, session->username,
Index: prayer-1.2.2.1/shared/config.c
===================================================================
--- prayer-1.2.2.1.orig/shared/config.c 2009-03-27 02:26:38.000000000 +0000
+++ prayer-1.2.2.1/shared/config.c 2009-03-27 02:26:38.000000000 +0000
@@ -261,6 +261,7 @@
config->ispell_path = NIL;
config->return_path_domain = NIL;
config->fix_from_address = NIL;
+ config->trust_from_address = NIL;
config->spam_purge_timeout = 60;
config->spam_purge_name = "spam_purge";
config->spam_purge_prefix = "# Spam Purge Timeout:";
@@ -705,6 +706,8 @@
, {
"tmp_dir", config_path, OFFSET(tmp_dir)}
, {
+ "trust_from_address", config_bool, OFFSET(trust_from_address)}
+ , {
"use_agg_unmark", config_bool, OFFSET(use_agg_unmark)}
, {
"use_cookie", config_bool, OFFSET(use_cookie)}
Index: prayer-1.2.2.1/shared/config.h
===================================================================
--- prayer-1.2.2.1.orig/shared/config.h 2009-03-27 02:26:32.000000000 +0000
+++ prayer-1.2.2.1/shared/config.h 2009-03-27 02:26:38.000000000 +0000
@@ -188,6 +188,7 @@
char *ispell_path; /* Path to ispell */
char *return_path_domain; /* Return path domain */
BOOL fix_from_address; /* Stop user changing from address */
+ BOOL trust_from_address; /* From address also sets Sender */
unsigned long spam_purge_timeout; /* Default value used by IMAP server */
char *spam_purge_name; /* Name of sieve folder used for spam purge */
char *spam_purge_prefix; /* Prefix to use in spam purge file */
Index: prayer-1.2.2.1/cmd/cmd_send.c
===================================================================
--- prayer-1.2.2.1.orig/cmd/cmd_send.c 2009-03-27 02:29:21.000000000 +0000
+++ prayer-1.2.2.1/cmd/cmd_send.c 2009-03-27 02:29:32.000000000 +0000
@@ -115,7 +115,7 @@
char *s;
int c;
unsigned long offset;
- char *recips, *msg;
+ char *recips, *msg, *sender;
STRING ms;
char *command;
struct channel *channel;
@@ -150,6 +150,11 @@
return;
}
+ if (!(sender = draft_make_sender(draft))) {
+ session_redirect(session, request, "compose");
+ return;
+ }
+
if (draft->save_copy && draft->fcc && draft->fcc[0]) {
char *fcc_name;
@@ -186,9 +191,8 @@
}
/* -oi important: allows lines with single '.' in message body */
- bprintf(cb, "%s -oi -f %...@%s %s",
- sendmail, session->username, config->return_path_domain,
- recips);
+ bprintf(cb, "%s -oi -f %s %s",
+ sendmail, sender, recips);
command = buffer_fetch(cb, 0, buffer_size(cb), NIL);
Index: prayer-1.2.2.1/session/draft.h
===================================================================
--- prayer-1.2.2.1.orig/session/draft.h 2009-03-27 02:29:21.000000000 +0000
+++ prayer-1.2.2.1/session/draft.h 2009-03-27 02:29:32.000000000 +0000
@@ -84,6 +84,7 @@
void draft_init_rich_headers(struct draft *d);
char *draft_make_recipients(struct draft *draft, unsigned long *len);
+char *draft_make_sender(struct draft *draft);
char *draft_make_msg(struct draft *draft, BOOL postpone,
unsigned long *len);
signature.asc
Description: Digital signature
