Allow insecure mail auth with "Reply-To" header
ClosedPublic
Actions

Authored by epriestley on Aug 21 2011, 7:06 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Wed, Mar 20, 2:42 PM

	Unknown Object (File)
	Mar 18 2024, 2:35 PM

	Unknown Object (File)
	Feb 24 2024, 5:00 PM

	Unknown Object (File)
	Jan 24 2024, 7:52 PM

	Unknown Object (File)
	Jan 24 2024, 2:27 PM

	Unknown Object (File)
	Jan 24 2024, 2:27 PM

	Unknown Object (File)
	Dec 25 2023, 4:19 AM

	Unknown Object (File)
	Nov 29 2023, 10:07 PM

View All 49 Files

Subscribers

aran

jungejason

Details

Reviewers

aran
jungejason
tuomaspelkonen

Maniphest Tasks

Restricted Maniphest Task

Commits

rPd1134810d616: Allow insecure mail auth with "Reply-To" header

Summary

Quora wants to handle some moderation tasks with Phabricator, but want to lower the barrier to entry for the install and let moderators adopt it gradually. One request is to allow auth rules to be relaxed so we can auth based on Reply-To to make things easier. This is insecure if configured but not really a big deal and the patch isn't big or complicated.

Test Plan

Sent a test email with bogus "From" but valid "Reply-To". It was rejected with this setting off, and allowed with this setting on.