Date | Commit message (Collapse) |
|
I'm not sure why this wasn't done in Jun/July 2016 when I was
working on PublicInbox::Address to replace the DoS-vulnerable
Email::Address.
Nowadays, PublicInbox::Address allows using Email::Address::XS
which should be fast and robust.
|
|
PublicInbox::Eml has enough functionality to replace the
Email::MIME-based PublicInbox::MIME.
|
|
I didn't wait until September to do it, this year!
|
|
-mda should not be dealing with broken Date: headers
nowadays, and deprioritize it in our documentation and
internal checks.
|
|
While it's not RFC2919-conformant, mail software can
theoretically set multiple List-ID headers. Deliver to all
inboxes which match a given List-ID since that's likely the
intended.
Cc: Eric W. Biederman <ebiederm@xmission.com>
Link: https://public-inbox.org/meta/87pniltscf.fsf@x220.int.ebiederm.org/
|
|
It's now possible to inject false-positive ham into an inbox
the same way -mda does via List-ID.
|
|
|
|
Reduce the places where we have duplicate logic for discarding
unwanted headers.
|
|
Using update-copyrights from gnulib
While we're at it, use the SPDX identifier for AGPL-3.0+ to
ease mechanical processing.
|
|
Oops, due to an old mistake , List-ID was set incorrectly
in the MDA. This could cause some breakage w.r.t. mail filters.
|
|
This is common when multiple participants are in a thread.
|
|
Email::Filter doesn't offer any functionality we need, here;
and our dependency on Email::Filter will gradually be removed
since it (and Email::LocalDelivery) seem abandoned and we
can have more-fine-grained control by rolling our own Maildir
delivery which can work transactionally.
|
|
git has stricter requirements for ident names (no '<>')
which Email::Address allows.
Even in 1.908, Email::Address also has an incomplete fix for
CVE-2015-7686 with a DoS-able regexp for comments. Since we
don't care for or need all the RFC compliance of Email::Address,
avoiding it entirely may be preferable.
Email::Address will still be installed as a requirement for
Email::MIME, but it is only used by the
Email::MIME::header_str_set which we do not use
|
|
This should allow users to change and add headers as needed.
While we're at it, add the X-Original-To header Postfix likes
to add; it seems like pointless bloat with the existence of
(important) Received: headers.
|
|
By converting to using ourt git-fast-import-based Import
module. This should allow us to be more easily installed.
|
|
We may be importing mail from other lists, so do not
clobber the existing List-Id header.
|
|
While ssoma now documents it uses the first Message-ID, they
are confusing and could be a sign of a broken mail software,
and broken mail software is often a sign of spam...
ref: http://public-inbox.org/meta/20160421221128.4910-1-e@80x24.org/
|
|
Message-IDs should not be MIME encoded, but in case they are,
use the raw form for compatibility with ssoma and possibly
other tools. This prevents a potential problem where a
malicious client could confuse our storage layer into indexing
incorrect contents.
|
|
Hopefully this gives new hackers a better overview of
how the components relate to each other.
|
|
Xapian has this limit for terms, and there are likely no
legitimate Message-IDs (or single header lines) this long; so
there's no need to workaround this limit.
|
|
This is probably unsafe
|
|
In the future, it should be possible to use this:
git ls-files | UPDATE_COPYRIGHT_HOLDER='all contributors' \
UPDATE_COPYRIGHT_USE_INTERVALS=2 \
xargs /path/to/gnulib/build-aux/update-copyright
|
|
Relying on Email::MIME means encoding is handled transparently
for us.
|
|
Email::Address::name never fails assuming it was able to parse
anything.
|
|
We nuke DKIM headers because we modify headers and sometimes the
body, which may invalidate the message. We'll also nuke whatever
Mailman nukes from messages to avoid phishing and leaking
information.
|
|
That should be use down stream by delivery agents.
|
|
|
|
Screen space is precious, and we do not need it in the abbreviated
view.
|
|
This mimics functionality found in -learn. Originally the design
allowed for only one address per-list, but when migrating/hijacking
existing mailing lists, having multiple addresses map to the same
inbox is useful.
|
|
Hopefully this simplifies and corrects our usage of Perl encoding
APIs.
|
|
We need -learn to do many of the same things as -mda
when we have a false-positive. We also need -learn to
do HTML filtering in case the training user screws up.
|
|
We will be combining common code between -learn and -mda
|