serv/mox
1
0
Fork 0
mirror of https://github.com/mjl-/mox.git synced 2024-12-27 08:53:48 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

add comment about not verifying Sender for submissions

Browse source
This commit is contained in:
Mechiel Lukkien 2023-08-10 12:18:05 +02:00
parent 6b68920a3a
commit 7cceb3d834
No known key found for this signature in database
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
smtpserver/server.go
View file

@ -1659,6 +1659,8 @@ func (c *conn) submit(ctx context.Context, recvHdrFor func(string) string, msgWr
// Check that user is only sending email as one of its configured identities. Not // Check that user is only sending email as one of its configured identities. Not
// for other users. // for other users.
// We don't check the Sender field, there is no expectation of verification, ../rfc/7489:2948
// and with Resent headers it seems valid to have someone else as Sender. ../rfc/5322:1578
msgFrom, header, err := message.From(dataFile) msgFrom, header, err := message.From(dataFile)
if err != nil { if err != nil {
metricSubmission.WithLabelValues("badmessage").Inc() metricSubmission.WithLabelValues("badmessage").Inc()