Page MenuHomePhabricator
Differential D19025

Configure a whitelist of remote addresses for Postmark inbound webhooks
ClosedPublic
Actions

Authored by epriestley on Feb 8 2018, 3:03 PM.
Tags
None
Referenced Files
F13342554: D19025.diff
Thu, Jun 20, 3:21 PM
F13338343: D19025.diff
Wed, Jun 19, 10:45 AM
F13338062: D19025.id45619.diff
Wed, Jun 19, 10:22 AM
F13325939: D19025.diff
Sat, Jun 15, 2:25 AM
F13311116: D19025.id.diff
Tue, Jun 11, 1:03 AM
F13295462: D19025.id45621.diff
Thu, Jun 6, 3:13 AM
F13285274: D19025.id45620.diff
Mon, Jun 3, 6:07 PM
F13275547: D19025.id45619.diff
Fri, May 31, 4:54 AM
View All Files
Subscribers
None

Details

Reviewers
None
Maniphest Tasks
T13053: Plans: Mail Tags and Failover
Commits
rP948b0ceca466: Configure a whitelist of remote addresses for Postmark inbound webhooks
Summary

Ref T13053. Postmark support recommends testing requests against a whitelist of known remote addresses to determine request authenticity. Today, the list can be found here:

https://postmarkapp.com/support/article/800-ips-for-firewalls

This is potentially less robust than, e.g., HMAC verification, since they may need to add new datacenters or support IPv6 or something. Users might also have weird network topologies where everything is proxied, and this makes testing/simulating more difficult.

Allow users to configure the list so that they don't need to hack things apart if Postmark adds a new datacenter or remote addresses are unreliable for some other reason, but ship with safe defaults for today.

Test Plan

Tried to make local requests, got kicked out. Added 0.0.0.0/0 to the list, stopped getting kicked out.

I don't have a convenient way to route real Postmark traffic to my development laptop with an authentic remote address so I haven't verified that the published remote address is legitimate, but I'll vet that in production when I go through all the other mailers.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

epriestley created this revision.Feb 8 2018, 3:03 PM
Harbormaster completed remote builds in B19414: Diff 45619.Feb 8 2018, 3:04 PM
epriestley requested review of this revision.Feb 8 2018, 3:04 PM
epriestley updated this revision to Diff 45620.Feb 8 2018, 3:07 PM
  • Also mention this whitelist in the "Inbound Mail" documentation.
Harbormaster completed remote builds in B19415: Diff 45620.Feb 8 2018, 3:08 PM
This revision was not accepted when it landed; it landed in state Needs Review.Feb 8 2018, 4:23 PM
Closed by commit rP948b0ceca466: Configure a whitelist of remote addresses for Postmark inbound webhooks (authored by epriestley). · Explain Why
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

Diff 45621

View Options

src/applications/metamta/adapter/PhabricatorMailImplementationPostmarkAdapter.php

Loading...
View Options

src/applications/metamta/controller/PhabricatorMetaMTAPostmarkReceiveController.php

Loading...
View Options

src/docs/user/configuration/configuring_inbound_email.diviner

Loading...
View Options

src/docs/user/configuration/configuring_outbound_email.diviner

Loading...
Phabricator · Built by Phacility