1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
# Copyright (C) 1998-2005 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
"""Cleanse certain headers from all messages."""
from email.Utils import formataddr
from Mailman.Logging.Syslog import syslog
from Mailman.Handlers.CookHeaders import uheader
def process(mlist, msg, msgdata):
# Always remove this header from any outgoing messages. Be sure to do
# this after the information on the header is actually used, but before a
# permanent record of the header is saved.
del msg['approved']
# Remove this one too.
del msg['approve']
# Also remove this header since it can contain a password
del msg['urgent']
# We remove other headers from anonymous lists
if mlist.anonymous_list:
syslog('post', 'post to %s from %s anonymized',
mlist.internal_name(), msg.get('from'))
del msg['from']
del msg['reply-to']
del msg['sender']
# Hotmail sets this one
del msg['x-originating-email']
i18ndesc = str(uheader(mlist, mlist.description, 'From'))
msg['From'] = formataddr((i18ndesc, mlist.GetListEmail()))
msg['Reply-To'] = mlist.GetListEmail()
# Some headers can be used to fish for membership
del msg['return-receipt-to']
del msg['disposition-notification-to']
del msg['x-confirm-reading-to']
# Pegasus mail uses this one... sigh
del msg['x-pmrqc']
# Remove any "DomainKeys" (or similar) header lines. The values contained
# in these header lines are intended to be used by the recipient to detect
# forgery or tampering in transit, and the modifications made by Mailman
# to the headers and body of the message will cause these keys to appear
# invalid. Removing them will at least avoid this misleading result, and
# it will also give the MTA the opportunity to regenerate valid keys
# originating at the Mailman server for the outgoing message.
del msg['domainkey-signature']
del msg['dkim-signature']
|