Page MenuHomePhabricator
Create Task
Maniphest T12491

Error reply emails which are generated before identifying the sender should no longer be sent, now that the "always require verification" rule is in place
Closed, ResolvedPublic
Actions

Description

After setting up mailgun to handle inbound mail to Phabricator, I found my mailgun logs were unexpectedly showing a lot of outbound mail to unknown addresses.

This seems to be because Phabricator accepts all inbound mail (at least the mailgun endpoint does), then sends a standard "Error Processing Mail (No Receivers)" mail to the alleged sender (who in the case of spam is likely an innocent victim). While it does avoid sending the body of the original mail, so isn't perpetuating the spam problem through backscatter, it is still an annoyance, and may lead to complaints against the mailgun account.

Potential solutions:

  1. Reject unrecognized destination addresses before the incoming mail is accepted. This should result in the originating server handling the failure as a bounce without implicating the Phabricator installation.
  2. Document the addresses that inbound mail actually uses, so more specific pattern matching rules can be set up in mailgun instead of a catch_all.
  3. An option to not send out such Error messages.

Revisions and Commits

rP Phabricator
D19018rPdbe479f0d9de Don't send error/exception mail to unverified addresses

Related Objects

Event Timeline

jasonrumney created this task.Apr 2 2017, 1:53 PM
epriestley added a subscriber: epriestley.Apr 2 2017, 1:57 PM

Version?

jasonrumney added a comment.Apr 2 2017, 2:01 PM

Version is stable, updated about 2 hours ago.

phabricator 8f7983a5be3a56db5b79dc7c3a0eb470f1d7ca02 (Sat, Mar 25) (branched from b4effdf26c3e7d5de0d010cf14626c5d8d404e04 on origin)
arcanist 60aaee0ed3f5a1e4384ac7d7f2efd2c64cecbe44 (Sat, Mar 25) (branched from d1db9a72b552151613a918e3d49fa72433387a68 on origin)
phutil b133c277014868d476f08b4ebecde2ea795509e4 (Sat, Mar 25) (branched from c0bc116bedc895fd617799a13549f8707edfd3fb on origin)

Also, my test email body was too short, and I missed that it is in fact included in the reply message, so this is sending backscatter spam, and could result in Phabricator installs being deliberately used for that purpose.

jasonrumney updated the task description. (Show Details)Apr 2 2017, 2:06 PM
jasonrumney added a comment.Apr 2 2017, 3:52 PM

I should also mention that phabricator.allow-email-users is false on this install. Another option to avoid backscatter spam could be to limit the error messages to registered users (maybe even regardless of that setting).

epriestley mentioned this in T12525: amckinley's Onboarding.Apr 9 2017, 1:46 PM
epriestley renamed this task from Avoid replying to spam to Error reply emails which are generated before identifying the sender should no longer be sent, now that the "always require verification" rule is in place.Apr 26 2017, 12:31 PM
joshuaspence added a subscriber: joshuaspence.May 3 2017, 12:54 PM
epriestley mentioned this in T12677: Support multiple mail delivery services for automatic failover.May 5 2017, 3:45 PM
epriestley mentioned this in T13053: Plans: Mail Tags and Failover.Jan 27 2018, 9:52 PM
epriestley moved this task from Backlog to Stamps/Failover on the Mail board.
epriestley added a revision: D19018: Don't send error/exception mail to unverified addresses.Feb 7 2018, 1:18 PM
epriestley mentioned this in T13066: Refine inbound mail error behaviors, distinguishing between actual mail sender and acting-as sender.Feb 7 2018, 1:35 PM
epriestley closed this task as Resolved by committing rPdbe479f0d9de: Don't send error/exception mail to unverified addresses.Feb 8 2018, 2:26 PM
epriestley added a commit: rPdbe479f0d9de: Don't send error/exception mail to unverified addresses.
Phabricator · Built by Phacility