aboutsummaryrefslogtreecommitdiffstats
path: root/Mailman/Utils.py (unfollow)
Commit message (Collapse)AuthorFilesLines
2018-06-11Support for verifying subscriber domains against the Spamhaus DBLJim Popovitch1-0/+22
2018-06-05Extend BLOCK_SPAMHAUS_LISTED_IP_SUBSCRIBE for IPv6.Mark Sapiro1-7/+21
Fix string formatting for Python 2.6.
2018-06-04Restrict Spamhaus ZEN hits to SBL, CSS and XBL.Mark Sapiro1-1/+1
2018-06-04Added BLOCK_SPAMHAUS_LISTED_IP_SUBSCRIBE FeatureMark Sapiro1-0/+21
2018-03-08Added a few more badword checks to Utils.suspiciousHTML().Mark Sapiro1-4/+27
Added validation of GUI updates to host_name.
2017-10-26Updated i18n in preparation for 2.1.25 release.Mark Sapiro1-2/+2
Fixed a minor typo.
2017-10-07Improved DMARC testing for domains with DNSSEC validation problems.Mark Sapiro1-2/+14
2017-05-24Changed member_verbosity_threshold from a >= test to a strictly > test.Mark Sapiro1-2/+2
2017-03-30Fixed unexploitable XSS attach via crafted HTTP Host: header.Mark Sapiro1-1/+1
2016-10-29Fixed a typo and deleted an unreferenced assignment.Mark Sapiro1-5/+2
2016-07-14Match header_filter_rules as normalized unicodes.Mark Sapiro1-0/+31
2016-05-04Allow DMARC_ORGANIZATIONAL_DOMAIN_DATA_URL to be None or the null string.Mark Sapiro1-0/+2
2016-04-09Use rfind rather than find to find '@' for domain splitting.Mark Sapiro1-1/+2
2016-04-09Honor an organizational domain's DMARC sp= policy for sub-domains.Mark Sapiro1-5/+14
2016-03-06Better logging of DMARC lookup DNS exceptions.Mark Sapiro1-1/+1
2016-02-26Minor documentation clean up.Mark Sapiro1-4/+5
2016-02-25Lower case domains for the Organizational Domain fix.Mark Sapiro1-3/+3
2016-02-25Further refactoring of the Organizational Domain fix.Mark Sapiro1-2/+1
2016-02-25Refactored OrganizationalDomain fix.Mark Sapiro1-17/+81
2016-02-24If DMARC lookup fails to find a policy, also try the Organizational Domain.Mark Sapiro1-4/+25
2016-02-02Added dmarc_non_moderation_action to list settings.Mark Sapiro1-0/+9
2015-11-04Improvements based on feedback from Mark Sapirojimpop@template.hostname1-5/+3
https://code.launchpad.net/~jimpop/mailman/mailman-auto-mod-verbose-members/+merge/276706/comments/699744
2015-11-04Removed 2 development debugging linesjimpop@template.hostname1-5/+0
2015-11-04Auto-Moderate Verbose Membersjimpop@template.hostname1-0/+26
2015-09-16Defended against a user submitting URLs with query fragments or POSTMark Sapiro1-0/+16
data containing multiple occurrences of the same variable.
2015-06-23Support for HTTP_X_FORWARDED_FOR and HTTP_FORWARDED_FOR (RFC 7239) Jim Popovitch1-1/+5
2015-05-01The vette log entry for DMARC policy hits now contains the list name.Mark Sapiro1-4/+4
2015-03-27Fix for path traversal vulnerability.Mark Sapiro1-0/+6
2015-01-23Implemented the equivalent domains feature for list posting/moderation.Mark Sapiro1-0/+34
2015-01-22A number of changes from the unofficial 2.2 branch have been backported toMark Sapiro1-1/+57
the 2.1 branch for release with 2.1.19. The 2.2 branch is now no different from the 2.1 branch and will no longer be maintained.
2014-09-21The options CGI now rejects all but HTTP GET and POST requests.Mark Sapiro1-0/+5
2014-05-29If checking DNS for dmarc_moderation_action and DNS lookup is notMark Sapiro1-1/+5
available, log it. (LP: #1324541)
2014-05-02Make dmarc_quarantine_moderaction_action a list setting.Mark Sapiro1-3/+2
2014-05-02More fine tuning of dmarc_moderation_action.Mark Sapiro1-8/+8
2014-04-19The new Utils.IsDMARCProhibited() used collections.defaultdict whichMark Sapiro1-3/+2
requires Python 2.5. Changed to use a dict and setdefault.
2013-12-06Fixed email address validation to do a bit better in obscure cases.Mark Sapiro1-3/+4
2013-11-08Added suuport for p=quarantine based on feedback from Franck Martin.Jim Popovitch1-0/+5
2013-10-20Incorporated some feedback from Mark S.Jim Popovitch1-1/+1
2013-03-18Handle CNAMEs when chasing DMARC TXT records.Phil Pennock1-5/+44
Handle TXT records missing tags, check all such records, etc. Use \b boundary anchors in regexp check. (Should only be one, but if there are multiple, check them all, reject if any of them say p=reject).
2013-03-03Hold/Reject/Discard moderation support for Senders with a DMARC p=reject policyJim Popovitch1-0/+39
2011-11-13Strengthened the validation of email addresses.Mark Sapiro1-8/+3
2011-09-15Strengthened the validation of email address domains.Mark Sapiro1-0/+6
2011-05-01Made the web escaping of additional characters a configuration setting.Mark Sapiro1-12/+6
2011-04-26Yet another change to the broken browser HTML escaping.Mark Sapiro1-1/+2
2011-04-26Don't try converting non-ascii to HTML entities in unicode.Mark Sapiro1-2/+5
2011-04-25Strengthened escaping of user web data by including some characters thatMark Sapiro1-0/+8
some older browsers misinterpret as < or >.
2011-03-21Changed the maximum number of arguments for the who command to beMark Sapiro1-2/+2
considered administrivia from 2 to 1 to help avoid false positives. Bug #739524.
2010-09-09Two potential XSS vulnerabilities have been identified and fixed.Mark Sapiro1-93/+94
2009-08-01XSS protection in the web interface went too far in escaping HTMLMark Sapiro1-1/+3
entities. Fixed.
2009-07-31Backported several bug fixes from the 2.2 branch.Mark Sapiro1-20/+21
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-26 07:54:02 +0000