1 # BEGIN BPS TAGGED BLOCK {{{
5 # This software is Copyright (c) 1996-2007 Best Practical Solutions, LLC
6 # <jesse@bestpractical.com>
8 # (Except where explicitly superseded by other copyright notices)
13 # This work is made available to you under the terms of Version 2 of
14 # the GNU General Public License. A copy of that license should have
15 # been provided with this software, but in any event can be snarfed
18 # This work is distributed in the hope that it will be useful, but
19 # WITHOUT ANY WARRANTY; without even the implied warranty of
20 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 # General Public License for more details.
23 # You should have received a copy of the GNU General Public License
24 # along with this program; if not, write to the Free Software
25 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
26 # 02110-1301 or visit their web page on the internet at
27 # http://www.gnu.org/copyleft/gpl.html.
30 # CONTRIBUTION SUBMISSION POLICY:
32 # (The following paragraph is not intended to limit the rights granted
33 # to you to modify and distribute this software under the terms of
34 # the GNU General Public License and is only of importance to you if
35 # you choose to contribute your changes and enhancements to the
36 # community by submitting them to Best Practical Solutions, LLC.)
38 # By intentionally submitting any modifications, corrections or
39 # derivatives to this work, or any other work intended for use with
40 # Request Tracker, to Best Practical Solutions, LLC, you confirm that
41 # you are the copyright holder for those contributions and you grant
42 # Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable,
43 # royalty-free, perpetual, license to use, copy, create derivative
44 # works based on those contributions, and sublicense and distribute
45 # those contributions and any derivatives thereof.
47 # END BPS TAGGED BLOCK }}}
48 package RT::Interface::Email;
55 use UNIVERSAL::require;
59 use vars qw ( @ISA @EXPORT_OK);
61 # set the version for version checking
66 # your exported package globals go here,
67 # as well as any optionally exported functions
72 &CheckForSuspiciousSender
73 &CheckForAutoGenerated
76 &ParseCcAddressesFromHead
77 &ParseSenderAddressFromHead
78 &ParseErrorsToAddressFromHead
79 &ParseAddressFromHeader
86 RT::Interface::Email - helper functions for parsing email sent to RT
90 use lib "!!RT_LIB_PATH!!";
91 use lib "!!RT_ETC_PATH!!";
93 use RT::Interface::Email qw(Gateway CreateUser);
100 ok(require RT::Interface::Email);
109 # {{{ sub CheckForLoops
114 #If this instance of RT sent it our, we don't want to take it in
115 my $RTLoop = $head->get("X-RT-Loop-Prevention") || "";
116 chomp($RTLoop); #remove that newline
117 if ( $RTLoop eq "$RT::rtname" ) {
121 # TODO: We might not trap the case where RT instance A sends a mail
122 # to RT instance B which sends a mail to ...
128 # {{{ sub CheckForSuspiciousSender
130 sub CheckForSuspiciousSender {
133 #if it's from a postmaster or mailer daemon, it's likely a bounce.
135 #TODO: better algorithms needed here - there is no standards for
136 #bounces, so it's very difficult to separate them from anything
137 #else. At the other hand, the Return-To address is only ment to be
138 #used as an error channel, we might want to put up a separate
139 #Return-To address which is treated differently.
141 #TODO: search through the whole email and find the right Ticket ID.
143 my ( $From, $junk ) = ParseSenderAddressFromHead($head);
145 if ( ( $From =~ /^mailer-daemon\@/i )
146 or ( $From =~ /^postmaster\@/i ) )
158 # {{{ sub CheckForAutoGenerated
159 sub CheckForAutoGenerated {
162 my $Precedence = $head->get("Precedence") || "";
163 if ( $Precedence =~ /^(bulk|junk)/i ) {
167 # First Class mailer uses this as a clue.
168 my $FCJunk = $head->get("X-FC-Machinegenerated") || "";
169 if ( $FCJunk =~ /^true/i ) {
178 # {{{ sub CheckForBounce
182 my $ReturnPath = $head->get("Return-path") || "";
183 return ( $ReturnPath =~ /<>/ );
190 =head2 IsRTAddress ADDRESS
192 Takes a single parameter, an email address.
193 Returns true if that address matches the $RTAddressRegexp.
194 Returns false, otherwise.
199 my $address = shift || '';
201 # Example: the following rule would tell RT not to Cc
202 # "tickets@noc.example.com"
203 if ( defined($RT::RTAddressRegexp)
204 && $address =~ /$RT::RTAddressRegexp/i )
214 # {{{ CullRTAddresses
216 =head2 CullRTAddresses ARRAY
218 Takes a single argument, an array of email addresses.
219 Returns the same array with any IsRTAddress()es weeded out.
223 sub CullRTAddresses {
224 return grep !IsRTAddress($_), @_;
232 To => $RT::OwnerEmail,
234 From => $RT::CorrespondAddress,
235 Subject => 'There has been an error',
236 Explanation => 'Unexplained error',
244 level => $args{'LogLevel'},
245 message => $args{'Explanation'}
247 # the colons are necessary to make ->build include non-standard headers
248 my $entity = MIME::Entity->build(
249 Type => "multipart/mixed",
250 From => $args{'From'},
253 Subject => $args{'Subject'},
254 'Precedence:' => 'bulk',
255 'X-RT-Loop-Prevention:' => $RT::rtname,
256 'In-Reply-To:' => $args{'MIMEObj'} ? $args{'MIMEObj'}->head->get('Message-Id') : undef
259 $entity->attach( Data => $args{'Explanation'} . "\n" );
261 my $mimeobj = $args{'MIMEObj'};
263 $mimeobj->sync_headers();
264 $entity->add_part($mimeobj);
267 if ( $args{'Attach'} ) {
268 $entity->attach( Data => $args{'Attach'}, Type => 'message/rfc822' );
272 if ( $RT::MailCommand eq 'sendmailpipe' ) {
274 "|$RT::SendmailPath $RT::SendmailBounceArguments $RT::SendmailArguments"
277 print MAIL $entity->as_string;
280 $entity->send( $RT::MailCommand, $RT::MailParams );
289 my ( $Username, $Address, $Name, $ErrorsTo, $entity ) = @_;
290 my $NewUser = RT::User->new($RT::SystemUser);
292 my ( $Val, $Message ) = $NewUser->Create(
293 Name => ( $Username || $Address ),
294 EmailAddress => $Address,
298 Comments => 'Autocreated on ticket submission'
303 # Deal with the race condition of two account creations at once
305 $NewUser->LoadByName($Username);
308 unless ( $NewUser->Id ) {
309 $NewUser->LoadByEmail($Address);
312 unless ( $NewUser->Id ) {
315 Subject => "User could not be created",
317 "User creation failed in mailgateway: $Message",
324 #Load the new user object
325 my $CurrentUser = RT::CurrentUser->new();
326 $CurrentUser->LoadByEmail($Address);
328 unless ( $CurrentUser->id ) {
329 $RT::Logger->warning(
330 "Couldn't load user '$Address'." . "giving up" );
333 Subject => "User could not be loaded",
335 "User '$Address' could not be loaded in the mail gateway",
346 # {{{ ParseCcAddressesFromHead
348 =head2 ParseCcAddressesFromHead HASHREF
350 Takes a hashref object containing QueueObj, Head and CurrentUser objects.
351 Returns a list of all email addresses in the To and Cc
352 headers b<except> the current Queue\'s email addresses, the CurrentUser\'s
353 email address and anything that the configuration sub RT::IsRTAddress matches.
357 sub ParseCcAddressesFromHead {
361 CurrentUser => undef,
367 my @ToObjs = Mail::Address->parse( $args{'Head'}->get('To') );
368 my @CcObjs = Mail::Address->parse( $args{'Head'}->get('Cc') );
370 foreach my $AddrObj ( @ToObjs, @CcObjs ) {
371 my $Address = $AddrObj->address;
372 $Address = $args{'CurrentUser'}
373 ->UserObj->CanonicalizeEmailAddress($Address);
374 next if ( $args{'CurrentUser'}->EmailAddress =~ /^\Q$Address\E$/i );
375 next if ( $args{'QueueObj'}->CorrespondAddress =~ /^\Q$Address\E$/i );
376 next if ( $args{'QueueObj'}->CommentAddress =~ /^\Q$Address\E$/i );
377 next if ( RT::EmailParser->IsRTAddress($Address) );
379 push( @Addresses, $Address );
386 # {{{ ParseSenderAdddressFromHead
388 =head2 ParseSenderAddressFromHead
390 Takes a MIME::Header object. Returns a tuple: (user@host, friendly name)
391 of the From (evaluated in order of Reply-To:, From:, Sender)
395 sub ParseSenderAddressFromHead {
398 #Figure out who's sending this message.
399 foreach my $header ('Reply-To', 'From', 'Sender') {
400 my $From = $head->get($header);
401 my ($addr, $name) = ParseAddressFromHeader($From);
402 # only return if the address is not empty
403 return ($addr, $name) if $addr;
406 return (undef, undef);
410 # {{{ ParseErrorsToAdddressFromHead
412 =head2 ParseErrorsToAddressFromHead
414 Takes a MIME::Header object. Return a single value : user@host
415 of the From (evaluated in order of Return-path:,Errors-To:,Reply-To:,
420 sub ParseErrorsToAddressFromHead {
423 #Figure out who's sending this message.
425 foreach my $header ( 'Errors-To', 'Reply-To', 'From', 'Sender' ) {
427 # If there's a header of that name
428 my $headerobj = $head->get($header);
430 my ( $addr, $name ) = ParseAddressFromHeader($headerobj);
432 # If it's got actual useful content...
433 return ($addr) if ($addr);
440 # {{{ ParseAddressFromHeader
442 =head2 ParseAddressFromHeader ADDRESS
444 Takes an address from $head->get('Line') and returns a tuple: user@host, friendly name
448 sub ParseAddressFromHeader {
451 # Some broken mailers send: ""Vincent, Jesse"" <jesse@fsck.com>. Hate
452 $Addr =~ s/\"\"(.*?)\"\"/\"$1\"/g;
453 my @Addresses = Mail::Address->parse($Addr);
455 my ($AddrObj) = grep ref $_, @Addresses;
456 unless ( $AddrObj ) {
457 return ( undef, undef );
460 my $Name = ( $AddrObj->phrase || $AddrObj->comment || $AddrObj->address );
462 #Lets take the from and load a user object.
463 my $Address = $AddrObj->address;
465 return ( $Address, $Name );
470 # {{{ sub ParseTicketId
476 my $test_name = $RT::EmailSubjectTagRegex || qr/\Q$RT::rtname\E/i;
478 if ( $Subject =~ s/\[$test_name\s+\#(\d+)\s*\]//i ) {
480 $RT::Logger->debug("Found a ticket ID. It's $id");
489 =head2 Gateway ARGSREF
499 This performs all the "guts" of the mail rt-mailgate program, and is
500 designed to be called from the web interface with a message, user
503 Can also take an optional 'ticket' parameter; this ticket id overrides
504 any ticket id found in the subject.
510 (status code, message, optional ticket object)
512 status code is a numeric value.
514 for temporary failures, the status code should be -75
516 for permanent failures which are handled by RT, the status code
519 for succces, the status code should be 1
528 action => 'correspond',
538 # Validate the action
539 my ( $status, @actions ) = IsCorrectAction( $args{'action'} );
543 "Invalid 'action' parameter "
551 my $parser = RT::EmailParser->new();
552 $parser->SmartParseMIMEEntityFromScalar( Message => $args{'message'} );
553 my $Message = $parser->Entity();
557 To => $RT::OwnerEmail,
558 Subject => "RT Bounce: Unparseable message",
559 Explanation => "RT couldn't process the message below",
560 Attach => $args{'message'}
564 "Failed to parse this message. Something is likely badly wrong with the message"
568 my $head = $Message->head;
570 my $ErrorsTo = ParseErrorsToAddressFromHead($head);
572 my $MessageId = $head->get('Message-ID')
573 || "<no-message-id-" . time . rand(2000) . "\@.$RT::Organization>";
575 #Pull apart the subject line
576 my $Subject = $head->get('Subject') || '';
579 # {{{ Lets check for mail loops of various sorts.
580 my ($should_store_machine_generated_message, $IsALoop, $result);
581 ( $should_store_machine_generated_message, $ErrorsTo, $result, $IsALoop ) =
582 _HandleMachineGeneratedMail(
584 ErrorsTo => $ErrorsTo,
586 MessageId => $MessageId
589 # Do not pass loop messages to MailPlugins, to make sure the loop
590 # is broken, unless $RT::StoreLoops is set.
591 if ($IsALoop && !$should_store_machine_generated_message) {
592 return ( 0, $result, undef );
595 $args{'ticket'} ||= ParseTicketId($Subject);
597 $SystemTicket = RT::Ticket->new($RT::SystemUser);
598 $SystemTicket->Load( $args{'ticket'} ) if ( $args{'ticket'} ) ;
599 if ( $SystemTicket->id ) {
600 $Right = 'ReplyToTicket';
602 $Right = 'CreateTicket';
605 #Set up a queue object
606 my $SystemQueueObj = RT::Queue->new($RT::SystemUser);
607 $SystemQueueObj->Load( $args{'queue'} );
609 # We can safely have no queue of we have a known-good ticket
610 unless ( $SystemTicket->id || $SystemQueueObj->id ) {
611 return ( -75, "RT couldn't find the queue: " . $args{'queue'}, undef );
614 # Authentication Level ($AuthStat)
615 # -1 - Get out. this user has been explicitly declined
616 # 0 - User may not do anything (Not used at the moment)
618 # 2 - User is allowed to specify status updates etc. a la enhanced-mailgate
619 my ( $CurrentUser, $AuthStat, $error );
621 # Initalize AuthStat so comparisons work correctly
622 $AuthStat = -9999999;
624 push @RT::MailPlugins, "Auth::MailFrom" unless @RT::MailPlugins;
626 # if plugin returns AuthStat -2 we skip action
627 # NOTE: this is experimental API and it would be changed
628 my %skip_action = ();
630 # Since this needs loading, no matter what
631 foreach (@RT::MailPlugins) {
632 my ($Code, $NewAuthStat);
633 if ( ref($_) eq "CODE" ) {
637 $Class = "RT::Interface::Email::" . $Class
638 unless $Class =~ /^RT::Interface::Email::/;
640 do { $RT::Logger->error("Couldn't load $Class: $@"); next };
643 unless ( defined( $Code = *{ $Class . "::GetCurrentUser" }{CODE} ) ) {
644 $RT::Logger->crit( "No 'GetCurrentUser' function found in '$Class' module");
649 foreach my $action (@actions) {
650 ( $CurrentUser, $NewAuthStat ) = $Code->(
652 RawMessageRef => \$args{'message'},
653 CurrentUser => $CurrentUser,
654 AuthLevel => $AuthStat,
656 Ticket => $SystemTicket,
657 Queue => $SystemQueueObj
660 # You get the highest level of authentication you were assigned, unless you get the magic -1
661 # If a module returns a "-1" then we discard the ticket, so.
662 $AuthStat = $NewAuthStat
663 if ( $NewAuthStat > $AuthStat or $NewAuthStat == -1 or $NewAuthStat == -2 );
665 last if $AuthStat == -1;
666 $skip_action{$action}++ if $AuthStat == -2;
669 # strip actions we should skip
670 @actions = grep !$skip_action{$_}, @actions if $AuthStat == -2;
671 last unless @actions;
673 last if $AuthStat == -1;
675 # {{{ If authentication fails and no new user was created, get out.
676 if ( !$CurrentUser || !$CurrentUser->id || $AuthStat == -1 ) {
678 # If the plugins refused to create one, they lose.
679 unless ( $AuthStat == -1 ) {
680 _NoAuthorizedUserFound(
683 Requestor => $ErrorsTo,
684 Queue => $args{'queue'}
688 return ( 0, "Could not load a valid user", undef );
691 # If we got a user, but they don't have the right to say things
692 if ( $AuthStat == 0 ) {
695 Subject => "Permission Denied",
697 "You do not have permission to communicate with RT",
702 "$ErrorsTo tried to submit a message to "
704 . " without permission.",
710 unless ($should_store_machine_generated_message) {
711 return ( 0, $result, undef );
714 # if plugin's updated SystemTicket then update arguments
715 $args{'ticket'} = $SystemTicket->Id if $SystemTicket && $SystemTicket->Id;
717 my $Ticket = RT::Ticket->new($CurrentUser);
719 if ( !$args{'ticket'} && grep /^(comment|correspond)$/, @actions )
723 my @Requestors = ( $CurrentUser->id );
725 if ($RT::ParseNewMessageForTicketCcs) {
726 @Cc = ParseCcAddressesFromHead(
728 CurrentUser => $CurrentUser,
729 QueueObj => $SystemQueueObj
733 my ( $id, $Transaction, $ErrStr ) = $Ticket->Create(
734 Queue => $SystemQueueObj->Id,
736 Requestor => \@Requestors,
743 Subject => "Ticket creation failed: $Subject",
744 Explanation => $ErrStr,
747 return ( 0, "Ticket creation failed: $ErrStr", $Ticket );
750 # strip comments&corresponds from the actions we don't need
751 # to record them if we've created the ticket just now
752 @actions = grep !/^(comment|correspond)$/, @actions;
753 $args{'ticket'} = $id;
755 } elsif ( $args{'ticket'} ) {
757 $Ticket->Load( $args{'ticket'} );
758 unless ( $Ticket->Id ) {
759 my $error = "Could not find a ticket with id " . $args{'ticket'};
762 Subject => "Message not recorded: $Subject",
763 Explanation => $error,
767 return ( 0, $error );
769 $args{'ticket'} = $Ticket->id;
771 return ( 1, "Success", $Ticket );
775 foreach my $action (@actions) {
777 # If the action is comment, add a comment.
778 if ( $action =~ /^(?:comment|correspond)$/i ) {
779 my $method = ucfirst lc $action;
780 my ( $status, $msg ) = $Ticket->$method( MIMEObj => $Message );
783 #Warn the sender that we couldn't actually submit the comment.
786 Subject => "Message not recorded: $Subject",
790 return ( 0, "Message not recorded: $msg", $Ticket );
792 } elsif ($RT::UnsafeEmailCommands) {
793 my ( $status, $msg ) = _RunUnsafeAction(
795 ErrorsTo => $ErrorsTo,
798 CurrentUser => $CurrentUser,
800 return ($status, $msg, $Ticket) unless $status == 1;
803 return ( 1, "Success", $Ticket );
806 sub _RunUnsafeAction {
812 CurrentUser => undef,
816 if ( $args{'Action'} =~ /^take$/i ) {
817 my ( $status, $msg ) = $args{'Ticket'}->SetOwner( $args{'CurrentUser'}->id );
820 To => $args{'ErrorsTo'},
821 Subject => "Ticket not taken",
823 MIMEObj => $args{'Message'}
825 return ( 0, "Ticket not taken" );
827 } elsif ( $args{'Action'} =~ /^resolve$/i ) {
828 my ( $status, $msg ) = $args{'Ticket'}->SetStatus('resolved');
831 #Warn the sender that we couldn't actually submit the comment.
833 To => $args{'ErrorsTo'},
834 Subject => "Ticket not resolved",
836 MIMEObj => $args{'Message'}
838 return ( 0, "Ticket not resolved" );
841 return ( 0, "Not supported unsafe action $args{'Action'}", $args{'Ticket'} );
843 return ( 1, "Success" );
846 =head2 _NoAuthorizedUserFound
848 Emails the RT Owner and the requestor when the auth plugins return "No auth user found"
852 sub _NoAuthorizedUserFound {
861 # Notify the RT Admin of the failure.
863 To => $RT::OwnerEmail,
864 Subject => "Could not load a valid user",
865 Explanation => <<EOT,
866 RT could not load a valid user, and RT's configuration does not allow
867 for the creation of a new user for this email (@{[$args{Requestor}]}).
869 You might need to grant 'Everyone' the right '@{[$args{Right}]}' for the
870 queue @{[$args{'Queue'}]}.
873 MIMEObj => $args{'Message'},
877 # Also notify the requestor that his request has been dropped.
878 if ($args{'Requestor'} ne $RT::OwnerEmail) {
880 To => $args{'Requestor'},
881 Subject => "Could not load a valid user",
882 Explanation => <<EOT,
883 RT could not load a valid user, and RT's configuration does not allow
884 for the creation of a new user for your email.
887 MIMEObj => $args{'Message'},
893 =head2 _HandleMachineGeneratedMail
900 Checks the message to see if it's a bounce, if it looks like a loop, if it's autogenerated, etc.
901 Returns a triple of ("Should we continue (boolean)", "New value for $ErrorsTo", "Status message",
902 "This message appears to be a loop (boolean)" );
906 sub _HandleMachineGeneratedMail {
907 my %args = ( Message => undef, ErrorsTo => undef, Subject => undef, MessageId => undef, @_ );
908 my $head = $args{'Message'}->head;
909 my $ErrorsTo = $args{'ErrorsTo'};
911 my $IsBounce = CheckForBounce($head);
913 my $IsAutoGenerated = CheckForAutoGenerated($head);
915 my $IsSuspiciousSender = CheckForSuspiciousSender($head);
917 my $IsALoop = CheckForLoops($head);
919 my $SquelchReplies = 0;
921 #If the message is autogenerated, we need to know, so we can not
922 # send mail to the sender
923 if ( $IsBounce || $IsSuspiciousSender || $IsAutoGenerated || $IsALoop ) {
925 $ErrorsTo = $RT::OwnerEmail;
928 # Warn someone if it's a loop, before we drop it on the ground
930 $RT::Logger->crit("RT Received mail (".$args{MessageId}.") from itself.");
932 #Should we mail it to RTOwner?
933 if ($RT::LoopsToRTOwner) {
935 To => $RT::OwnerEmail,
936 Subject => "RT Bounce: ".$args{'Subject'},
937 Explanation => "RT thinks this message may be a bounce",
938 MIMEObj => $args{Message}
942 #Do we actually want to store it?
943 return ( 0, $ErrorsTo, "Message Bounced", $IsALoop ) unless ($RT::StoreLoops);
946 # Squelch replies if necessary
947 # Don't let the user stuff the RT-Squelch-Replies-To header.
948 if ( $head->get('RT-Squelch-Replies-To') ) {
950 'RT-Relocated-Squelch-Replies-To',
951 $head->get('RT-Squelch-Replies-To')
953 $head->delete('RT-Squelch-Replies-To');
956 if ($SquelchReplies) {
958 # Squelch replies to the sender, and also leave a clue to
959 # allow us to squelch ALL outbound messages. This way we
960 # can punt the logic of "what to do when we get a bounce"
961 # to the scrip. We might want to notify nobody. Or just
962 # the RT Owner. Or maybe all Privileged watchers.
963 my ( $Sender, $junk ) = ParseSenderAddressFromHead($head);
964 $head->add( 'RT-Squelch-Replies-To', $Sender );
965 $head->add( 'RT-DetectedAutoGenerated', 'true' );
967 return ( 1, $ErrorsTo, "Handled machine detection", $IsALoop );
970 =head2 IsCorrectAction
972 Returns a list of valid actions we've found for this message
976 sub IsCorrectAction {
978 my @actions = grep $_, split /-/, $action;
979 return ( 0, '(no value)' ) unless @actions;
981 return ( 0, $_ ) unless /^(?:comment|correspond|take|resolve)$/;
983 return ( 1, @actions );
986 eval "require RT::Interface::Email_Vendor";
987 die $@ if ( $@ && $@ !~ qr{^Can't locate RT/Interface/Email_Vendor.pm} );
988 eval "require RT::Interface::Email_Local";
989 die $@ if ( $@ && $@ !~ qr{^Can't locate RT/Interface/Email_Local.pm} );