Page MenuHomePhabricator
Differential D19000

Mask the sender for "Must Encrypt" mail
ClosedPublic
Actions

Authored by epriestley on Feb 6 2018, 12:34 PM.
Tags
None
Referenced Files
F18083988: D19000.id45565.diff
Tue, Aug 5, 12:55 PM
F17969632: D19000.id45599.diff
Fri, Aug 1, 2:20 PM
F17889719: D19000.id.diff
Tue, Jul 29, 2:53 AM
F17885087: D19000.diff
Tue, Jul 29, 12:14 AM
F17802818: D19000.diff
Fri, Jul 25, 9:31 AM
F17764981: D19000.diff
Wed, Jul 23, 1:16 AM
Unknown Object (File)
Jun 18 2025, 12:20 PM
Unknown Object (File)
Jun 18 2025, 11:15 AM
View All Files
Subscribers
None

Details

Reviewers
amckinley
Maniphest Tasks
T13053: Plans: Mail Tags and Failover
Commits
rP7765299f8399: Mask the sender for "Must Encrypt" mail
Summary

Depends on D18998. Ref T13053. When we send "Must Encrypt" mail, we currently send it with a normal "From" address.

This discloses a little information about the object (for example, if the Director of Silly Walks is interacting with a "must encrypt" object, the vulnerability is probably related to Silly Walks), so anonymize who is interacting with the object.

Test Plan

Processed some mail. (The actual final "From" is ephemeral and a little tricky to examine and I didn't actually transmit mail over the network, but it should be obvious if this works or not on secure.)

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
src/
applications/
metamta/
storage/
6 lines

Diff 45599

View Options

src/applications/metamta/storage/PhabricatorMetaMTAMail.php

Loading...
Phabricator · Built by Phacility