summaryrefslogtreecommitdiff
path: root/program/steps/mail
diff options
context:
space:
mode:
authoralecpl <alec@alec.pl>2009-05-16 13:01:49 +0000
committeralecpl <alec@alec.pl>2009-05-16 13:01:49 +0000
commit2471d3a979d00e0cecca64e0d5889ca40c02c5fe (patch)
tree80a707b81bfba636d004107f5c04a59a3a0eebf7 /program/steps/mail
parent34ee9e7498f84394bfc7d5a4a845720aed8e0b2f (diff)
- Added possibility to encrypt received header, option 'http_received_header_encrypt',
added some more logic in encrypt/decrypt functions for security
Diffstat (limited to 'program/steps/mail')
-rw-r--r--program/steps/mail/sendmail.inc47
1 files changed, 34 insertions, 13 deletions
diff --git a/program/steps/mail/sendmail.inc b/program/steps/mail/sendmail.inc
index 4ebf4893c..f1745acfe 100644
--- a/program/steps/mail/sendmail.inc
+++ b/program/steps/mail/sendmail.inc
@@ -55,6 +55,17 @@ if (!$savedraft) {
/****** message sending functions ********/
+// encrypt parts of the header
+function rcmail_encrypt_header($what)
+{
+ global $CONFIG, $RCMAIL;
+ if (!$CONFIG['http_received_header_encrypt'])
+ {
+ return $what;
+ }
+ return $RCMAIL->encrypt($what);
+}
+
// get identity record
function rcmail_get_identity($id)
{
@@ -211,9 +222,29 @@ if (empty($identity_arr['string']))
$identity_arr['string'] = $from;
// compose headers array
-$headers = array('Date' => date('r'),
- 'From' => rcube_charset_convert($identity_arr['string'], RCMAIL_CHARSET, $message_charset),
- 'To' => $mailto);
+$headers = array();
+
+// if configured, the Received headers goes to top, for good measure
+if ($CONFIG['http_received_header'])
+{
+ $nldlm = $RCMAIL->config->header_delimiter() . "\t";
+ $http_header = 'from ';
+ if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
+ $http_header .= rcmail_encrypt_header(gethostbyaddr($_SERVER['HTTP_X_FORWARDED_FOR'])) .
+ ' [' . rcmail_encrypt_header($_SERVER['HTTP_X_FORWARDED_FOR']) . ']';
+ $http_header .= $nldlm . ' via ';
+ }
+ $http_header .= rcmail_encrypt_header(gethostbyaddr($_SERVER['REMOTE_ADDR'])) .
+ ' [' . rcmail_encrypt_header($_SERVER['REMOTE_ADDR']) .']';
+ $http_header .= $nldlm . 'with ' . $_SERVER['SERVER_PROTOCOL'] .
+ ' ('.$_SERVER['REQUEST_METHOD'] . '); ' . date('r');
+ $http_header = wordwrap($http_header, 69, $nldlm);
+ $headers['Received'] = $http_header;
+}
+
+$headers['Date'] = date('r');
+$headers['From'] = rcube_charset_convert($identity_arr['string'], RCMAIL_CHARSET, $message_charset);
+$headers['To'] = $mailto;
// additional recipients
if (!empty($mailcc))
@@ -257,16 +288,6 @@ if (!empty($_POST['_receipt']))
}
// additional headers
-if ($CONFIG['http_received_header'])
-{
- $nldlm = $RCMAIL->config->header_delimiter() . "\t";
- $headers['Received'] = wordwrap('from ' . (isset($_SERVER['HTTP_X_FORWARDED_FOR']) ?
- gethostbyaddr($_SERVER['HTTP_X_FORWARDED_FOR']).' ['.$_SERVER['HTTP_X_FORWARDED_FOR'].']'.$nldlm.' via ' : '') .
- gethostbyaddr($_SERVER['REMOTE_ADDR']).' ['.$_SERVER['REMOTE_ADDR'].']'.$nldlm.'with ' .
- $_SERVER['SERVER_PROTOCOL'].' ('.$_SERVER['REQUEST_METHOD'].'); ' . date('r'),
- 69, $nldlm);
-}
-
$headers['Message-ID'] = $message_id;
$headers['X-Sender'] = $from;