Page MenuHomePhabricator

Add basic support for a "Must Encrypt" mail flag which prevents unsecured content transmission
ClosedPublic

Authored by epriestley on Feb 1 2018, 4:39 PM.
Tags
None
Referenced Files
F12824494: D18983.id45534.diff
Thu, Mar 28, 8:28 AM
F12824044: D18983.id45527.diff
Thu, Mar 28, 8:14 AM
F12809171: D18983.id45525.diff
Wed, Mar 27, 9:20 PM
Unknown Object (File)
Sun, Mar 10, 3:22 AM
Unknown Object (File)
Jan 31 2024, 5:16 PM
Unknown Object (File)
Jan 27 2024, 9:25 PM
Unknown Object (File)
Jan 19 2024, 5:28 PM
Unknown Object (File)
Jan 19 2024, 7:06 AM
Subscribers
None
Tokens
"Like" token, awarded by avivey.

Details

Summary

Ref T13053. See PHI291. For particularly sensitive objects (like security issues), installs may reasonably wish to prevent details from being sent in plaintext over email.

This adds a "Must Encrypt" mail behavior, which discards mail content and all identifying details, replacing it with a link to the /mail/ application. Users can follow the link to view the message over HTTPS.

The flag discards body content, attachments, and headers which imply things about the content of the object. It retains threading headers and headers which may uniquely identify the object as long as they don't disclose anyting about the content.

The bin/mail list-outbound command now flags these messages with a # mark.

The bin/mail show-outbound command now shows sent/suppressed headers and the body content as delivered (if it differs from the original body content).

The /mail/ web UI now shows a tag for messages marked with this flag.

For now, there is no way to actually set this flag on mail.

Test Plan
  • Forced this flag on, made comments and took actions to send mail.
  • Reviewed mail with bin/mail and /mail/ in the web UI, saw all content information omitted.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

  • Add a missing UI check before showing the tag on the detail view.
  • Spell "secure" in a more conventional way.
This revision is now accepted and ready to land.Feb 2 2018, 1:14 AM
This revision was automatically updated to reflect the committed changes.