aboutsummaryrefslogtreecommitdiffstats
path: root/Mailman/Handlers/Cleanse.py
blob: b6e839bd50fa61f87e704aa3e1a008b01b90794e (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
# Copyright (C) 1998-2005 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

"""Cleanse certain headers from all messages."""

from email.Utils import formataddr

from Mailman.Logging.Syslog import syslog
from Mailman.Handlers.CookHeaders import uheader


def process(mlist, msg, msgdata):
    # Always remove this header from any outgoing messages.  Be sure to do
    # this after the information on the header is actually used, but before a
    # permanent record of the header is saved.
    del msg['approved']
    # Remove this one too.
    del msg['approve']
    # Also remove this header since it can contain a password
    del msg['urgent']
    # We remove other headers from anonymous lists
    if mlist.anonymous_list:
        syslog('post', 'post to %s from %s anonymized',
               mlist.internal_name(), msg.get('from'))
        del msg['from']
        del msg['reply-to']
        del msg['sender']
        # Hotmail sets this one
        del msg['x-originating-email']
        i18ndesc = str(uheader(mlist, mlist.description, 'From'))
        msg['From'] = formataddr((i18ndesc, mlist.GetListEmail()))
        msg['Reply-To'] = mlist.GetListEmail()
    # Some headers can be used to fish for membership
    del msg['return-receipt-to']
    del msg['disposition-notification-to']
    del msg['x-confirm-reading-to']
    # Pegasus mail uses this one... sigh
    del msg['x-pmrqc']
    # Remove any "DomainKeys" (or similar) header lines.  The values contained
    # in these header lines are intended to be used by the recipient to detect
    # forgery or tampering in transit, and the modifications made by Mailman
    # to the headers and body of the message will cause these keys to appear
    # invalid.  Removing them will at least avoid this misleading result, and
    # it will also give the MTA the opportunity to regenerate valid keys
    # originating at the Mailman server for the outgoing message.
    del msg['domainkey-signature']
    del msg['dkim-signature']