Allow insecure mail auth with "Reply-To" header
ClosedPublic
Actions

Authored by epriestley on Aug 21 2011, 7:06 PM.

Tags

None

Referenced Files

	F13131749: D842.diff
	Wed, May 1, 5:35 PM

	Unknown Object (File)
	Sat, Apr 27, 6:42 PM

	Unknown Object (File)
	Sat, Apr 27, 6:42 PM

	Unknown Object (File)
	Sat, Apr 27, 6:42 PM

	Unknown Object (File)
	Sat, Apr 27, 10:35 AM

	Unknown Object (File)
	Mar 20 2024, 2:42 PM

	Unknown Object (File)
	Mar 18 2024, 2:35 PM

	Unknown Object (File)
	Feb 24 2024, 5:00 PM

View All 54 Files

Subscribers

aran

jungejason

Details

Reviewers

aran
jungejason
tuomaspelkonen

Maniphest Tasks

Restricted Maniphest Task

Commits

rPd1134810d616: Allow insecure mail auth with "Reply-To" header

Summary

Quora wants to handle some moderation tasks with Phabricator, but want to lower the barrier to entry for the install and let moderators adopt it gradually. One request is to allow auth rules to be relaxed so we can auth based on Reply-To to make things easier. This is insecure if configured but not really a big deal and the patch isn't big or complicated.

Test Plan

Sent a test email with bogus "From" but valid "Reply-To". It was rejected with this setting off, and allowed with this setting on.