Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F15422224
D17329.id41675.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
5 KB
Referenced Files
None
Subscribers
None
D17329.id41675.diff
View Options
diff --git a/src/applications/metamta/query/PhabricatorMetaMTAActor.php b/src/applications/metamta/query/PhabricatorMetaMTAActor.php
--- a/src/applications/metamta/query/PhabricatorMetaMTAActor.php
+++ b/src/applications/metamta/query/PhabricatorMetaMTAActor.php
@@ -20,12 +20,14 @@
const REASON_FORCE_HERALD = 'force-herald';
const REASON_ROUTE_AS_NOTIFICATION = 'route-as-notification';
const REASON_ROUTE_AS_MAIL = 'route-as-mail';
+ const REASON_UNVERIFIED = 'unverified';
private $phid;
private $emailAddress;
private $name;
private $status = self::STATUS_DELIVERABLE;
private $reasons = array();
+ private $isVerified = false;
public function setName($name) {
$this->name = $name;
@@ -45,6 +47,15 @@
return $this->emailAddress;
}
+ public function setIsVerified($is_verified) {
+ $this->isVerified = $is_verified;
+ return $this;
+ }
+
+ public function getIsVerified() {
+ return $this->isVerified;
+ }
+
public function setPHID($phid) {
$this->phid = $phid;
return $this;
@@ -104,6 +115,7 @@
self::REASON_FORCE_HERALD => pht('Forced by Herald'),
self::REASON_ROUTE_AS_NOTIFICATION => pht('Route as Notification'),
self::REASON_ROUTE_AS_MAIL => pht('Route as Mail'),
+ self::REASON_UNVERIFIED => pht('Address Not Verified'),
);
return idx($names, $reason, pht('Unknown ("%s")', $reason));
@@ -158,6 +170,8 @@
self::REASON_ROUTE_AS_MAIL => pht(
'This message was upgraded to email by outbound mail rules '.
'in Herald.'),
+ self::REASON_UNVERIFIED => pht(
+ 'This recipient does not have a verified primary email address.'),
);
return idx($descriptions, $reason, pht('Unknown Reason ("%s")', $reason));
diff --git a/src/applications/metamta/query/PhabricatorMetaMTAActorQuery.php b/src/applications/metamta/query/PhabricatorMetaMTAActorQuery.php
--- a/src/applications/metamta/query/PhabricatorMetaMTAActorQuery.php
+++ b/src/applications/metamta/query/PhabricatorMetaMTAActorQuery.php
@@ -89,6 +89,7 @@
$actor->setUndeliverable(PhabricatorMetaMTAActor::REASON_NO_ADDRESS);
} else {
$actor->setEmailAddress($email->getAddress());
+ $actor->setIsVerified($email->getIsVerified());
}
}
}
@@ -119,6 +120,13 @@
}
$actor->setEmailAddress($xuser->getAccountID());
+
+ // NOTE: This effectively drops all outbound mail to unrecognized
+ // addresses unless "phabricator.allow-email-users" is set. See T12237
+ // for context.
+ $allow_key = 'phabricator.allow-email-users';
+ $allow_value = PhabricatorEnv::getEnvConfig($allow_key);
+ $actor->setIsVerified((bool)$allow_value);
}
}
diff --git a/src/applications/metamta/receiver/PhabricatorMailReceiver.php b/src/applications/metamta/receiver/PhabricatorMailReceiver.php
--- a/src/applications/metamta/receiver/PhabricatorMailReceiver.php
+++ b/src/applications/metamta/receiver/PhabricatorMailReceiver.php
@@ -153,6 +153,10 @@
->loadOneOrCreate();
return $xuser->getPhabricatorUser();
} else {
+ // NOTE: Currently, we'll always drop this mail (since it's headed to
+ // an unverified recipient). See T12237. These details are still useful
+ // because they'll appear in the mail logs and Mail web UI.
+
$reasons[] = pht(
'Phabricator is also not configured to allow unknown external users '.
'to send mail to the system using just an email address.');
@@ -174,13 +178,13 @@
if ($user) {
return $user;
}
- }
- $reasons[] = pht(
- "Phabricator is misconfigured, the application email ".
- "'%s' is set to user '%s' but that user does not exist.",
- $application_email->getAddress(),
- $default_user_phid);
+ $reasons[] = pht(
+ 'Phabricator is misconfigured: the application email '.
+ '"%s" is set to user "%s", but that user does not exist.',
+ $application_email->getAddress(),
+ $default_user_phid);
+ }
}
$reasons = implode("\n\n", $reasons);
diff --git a/src/applications/metamta/storage/PhabricatorMetaMTAMail.php b/src/applications/metamta/storage/PhabricatorMetaMTAMail.php
--- a/src/applications/metamta/storage/PhabricatorMetaMTAMail.php
+++ b/src/applications/metamta/storage/PhabricatorMetaMTAMail.php
@@ -951,6 +951,16 @@
}
}
+ // Unless delivery was forced earlier (password resets, confirmation mail),
+ // never send mail to unverified addresses.
+ foreach ($actors as $phid => $actor) {
+ if ($actor->getIsVerified()) {
+ continue;
+ }
+
+ $actor->setUndeliverable(PhabricatorMetaMTAActor::REASON_UNVERIFIED);
+ }
+
return $actors;
}
diff --git a/src/applications/metamta/storage/__tests__/PhabricatorMetaMTAMailTestCase.php b/src/applications/metamta/storage/__tests__/PhabricatorMetaMTAMailTestCase.php
--- a/src/applications/metamta/storage/__tests__/PhabricatorMetaMTAMailTestCase.php
+++ b/src/applications/metamta/storage/__tests__/PhabricatorMetaMTAMailTestCase.php
@@ -153,6 +153,22 @@
$this->assertTrue(
in_array($phid, $mail->buildRecipientList()),
'Recipients restored after tag preference removed.');
+
+ $email = id(new PhabricatorUserEmail())->loadOneWhere(
+ 'userPHID = %s AND isPrimary = 1',
+ $phid);
+
+ $email->setIsVerified(0)->save();
+
+ $this->assertFalse(
+ in_array($phid, $mail->buildRecipientList()),
+ pht('Mail not sent to unverified address.'));
+
+ $email->setIsVerified(1)->save();
+
+ $this->assertTrue(
+ in_array($phid, $mail->buildRecipientList()),
+ pht('Mail sent to verified address.'));
}
public function testThreadIDHeaders() {
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Sun, Mar 23, 6:45 AM (2 w, 2 d ago)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
7635429
Default Alt Text
D17329.id41675.diff (5 KB)
Attached To
Mode
D17329: Never send normal mail to unverified addresses
Attached
Detach File
Event Timeline
Log In to Comment