(james-project) 01/02: JAMES-4034 Fix receival of external badly formated From message

[rcordier]

This is an automated email from the ASF dual-hosted git repository.

rcordier pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/james-project.git

commit 871adb8db6bbdbbd348a8fa1a59857d1b7a9f354
Author: Benoit TELLIER <btell...@linagora.com>
AuthorDate: Fri Sep 6 22:21:52 2024 +0200

    JAMES-4034 Fix receival of external badly formated From message
    
    Dropping some production messages because of this.
    
    Be strict about what we send but relaxed about what we receive
---
 .../james/smtp/SmtpIdentityVerificationTest.java     | 20 ++++++++++++++++++++
 .../SenderAuthIdentifyVerificationHook.java          |  8 +++++++-
 2 files changed, 27 insertions(+), 1 deletion(-)

diff --git 
a/server/mailet/integration-testing/src/test/java/org/apache/james/smtp/SmtpIdentityVerificationTest.java
 
b/server/mailet/integration-testing/src/test/java/org/apache/james/smtp/SmtpIdentityVerificationTest.java
index b34c5191a7..4c0bf8d51a 100644
--- 
a/server/mailet/integration-testing/src/test/java/org/apache/james/smtp/SmtpIdentityVerificationTest.java
+++ 
b/server/mailet/integration-testing/src/test/java/org/apache/james/smtp/SmtpIdentityVerificationTest.java
@@ -184,6 +184,26 @@ class SmtpIdentityVerificationTest {
             .hasMessageContaining("503 5.7.1 Incorrect Authentication for 
Specified Email Address");
     }
 
+    @Test
+    void errorsShouldBeIgnoredWhenUnAuthed(@TempDir File temporaryFolder) 
throws Exception {
+        createJamesServer(temporaryFolder, SmtpConfiguration.builder()
+            .requireAuthentication()
+            .verifyIdentity());
+
+        String message = """
+            FROM: \r
+            subject: test\r
+            \r
+            content\r
+            .\r
+            """;
+
+        assertThatCode(() ->
+            messageSender.connect(LOCALHOST_IP, 
jamesServer.getProbe(SmtpGuiceProbe.class).getSmtpPort())
+                .sendMessageWithHeaders(USER, ImmutableList.of(USER), message))
+            .doesNotThrowAnyException();
+    }
+
     @Test
     void spoofingInternalAddressAttemptsShouldBeRejectedInFromField(@TempDir 
File temporaryFolder) throws Exception {
         createJamesServer(temporaryFolder, SmtpConfiguration.builder()
diff --git 
a/server/protocols/protocols-smtp/src/main/java/org/apache/james/smtpserver/SenderAuthIdentifyVerificationHook.java
 
b/server/protocols/protocols-smtp/src/main/java/org/apache/james/smtpserver/SenderAuthIdentifyVerificationHook.java
index 8ae97541ee..095bcd373b 100644
--- 
a/server/protocols/protocols-smtp/src/main/java/org/apache/james/smtpserver/SenderAuthIdentifyVerificationHook.java
+++ 
b/server/protocols/protocols-smtp/src/main/java/org/apache/james/smtpserver/SenderAuthIdentifyVerificationHook.java
@@ -141,7 +141,13 @@ public class SenderAuthIdentifyVerificationHook extends 
AbstractSenderAuthIdenti
                     .findFirst()
                     .orElse(HookResult.DECLINED);
             } catch (MessagingException e) {
-                throw new RuntimeException(e);
+                if (session.getUsername() == null) {
+                    // Ignore invalid from header for relays
+                    return HookResult.DECLINED;
+                } else {
+                    LOGGER.warn("Local user {} attempted to use an invalid 
From header", e);
+                    throw new RuntimeException(e);
+                }
             }
         } else {
             return HookResult.DECLINED;


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org
For additional commands, e-mail: notifications-h...@james.apache.org