[
https://issues.apache.org/jira/browse/JAMES-4034?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Benoit Tellier closed JAMES-4034.
---------------------------------
Resolution: Fixed
> SMTP submission: validate FROM header
> -------------------------------------
>
> Key: JAMES-4034
> URL: https://issues.apache.org/jira/browse/JAMES-4034
> Project: James Server
> Issue Type: Improvement
> Components: SMTPServer
> Reporter: Benoit Tellier
> Priority: Major
> Labels: security
> Time Spent: 10m
> Remaining Estimate: 0h
>
> h3. Why?
> Prevent and limit email forgery by local users.
> As a James administrator I should have a way to configure SMTP submission to
> reject emails spoofing somebody else mail adress.
> As of today:
> - JMAP stacks controls both the transport envelope and the headers (From) as
> mandated by the JMAP Mail RFC (RFC-8621)
> - However SMTP only controls the transport envelop and not the headers.
> This control is currently implemented into SenderAuthIdentifyVerificationHook
> and is intendeed as a hook on MAIL FROM SMTP command.
> We shall also enforce a control of the From header upon submission in SMTP.
> Such controls would be mandatory for use of Apache James in an environment
> where local users could not be fully trusted, as for instance a SaaS offer.
> h3. How?
> Modify SenderAuthIdentifyVerificationHook in order that it also is a
> JamesMessageHook called before enqueing and checks each and every From header
> the same way it checks "MAIL FROM" command.
> Modifying SenderAuthIdentifyVerificationHook would enforce this only for
> connected users IE mail submission and would not affect email relay. This
> also ensure this behaviour will apply by default.
> Refactoring of the underlying AbstractSenderAuthIdentifyVerificationHook
> might be required.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
