Improve email validation: do not allow @unknown emails - closes #3101

2024-11-24 03:12:46 +01:00 · 2023-06-13 23:18:26 -07:00 · 2023-06-13 23:18:26 -07:00 · 6cb39bd6ee
commit 6cb39bd6ee
parent 2d4e4e71ab
2 changed files with 9 additions and 2 deletions
--- a/app/Console/Commands/FetchEmails.php
+++ b/app/Console/Commands/FetchEmails.php
@ -267,7 +267,8 @@ class FetchEmails extends Command

            // From - $from is the plain text email.
            $from = $message->getReplyTo();
-            if (!$from) {
+
+            if (!$from || !$this->formatEmailList($from)) {
                $from = $message->getFrom();
            }
            // https://github.com/freescout-helpdesk/freescout/issues/2833
@ -280,12 +281,15 @@ class FetchEmails extends Command
                }
            }*/

+            if ($from) {
+                $from = $this->formatEmailList($from);
+            }
+
            if (!$from) {
                $this->logError('From is empty');
                $this->setSeen($message, $mailbox);
                return;
            } else {
-                $from = $this->formatEmailList($from);
                $from = $from[0];
            }

--- a/app/Email.php
+++ b/app/Email.php
@ -55,6 +55,9 @@ class Email extends Model
        if (!preg_match('/^.+@.+$/', $email ?? '')) {
            return false;
        }
+        if (preg_match('/^.+@unknown$/', $email ?? '')) {
+            return false;
+        }
        $email = filter_var($email, FILTER_SANITIZE_EMAIL);
        $email = mb_strtolower($email, 'UTF-8');
        // Remove trailing dots.