1 # BEGIN BPS TAGGED BLOCK {{{
5 # This software is Copyright (c) 1996-2005 Best Practical Solutions, LLC
6 # <jesse@bestpractical.com>
8 # (Except where explicitly superseded by other copyright notices)
13 # This work is made available to you under the terms of Version 2 of
14 # the GNU General Public License. A copy of that license should have
15 # been provided with this software, but in any event can be snarfed
18 # This work is distributed in the hope that it will be useful, but
19 # WITHOUT ANY WARRANTY; without even the implied warranty of
20 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 # General Public License for more details.
23 # You should have received a copy of the GNU General Public License
24 # along with this program; if not, write to the Free Software
25 # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
28 # CONTRIBUTION SUBMISSION POLICY:
30 # (The following paragraph is not intended to limit the rights granted
31 # to you to modify and distribute this software under the terms of
32 # the GNU General Public License and is only of importance to you if
33 # you choose to contribute your changes and enhancements to the
34 # community by submitting them to Best Practical Solutions, LLC.)
36 # By intentionally submitting any modifications, corrections or
37 # derivatives to this work, or any other work intended for use with
38 # Request Tracker, to Best Practical Solutions, LLC, you confirm that
39 # you are the copyright holder for those contributions and you grant
40 # Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable,
41 # royalty-free, perpetual, license to use, copy, create derivative
42 # works based on those contributions, and sublicense and distribute
43 # those contributions and any derivatives thereof.
45 # END BPS TAGGED BLOCK }}}
46 package RT::Interface::Email;
53 use UNIVERSAL::require;
57 use vars qw ( @ISA @EXPORT_OK);
59 # set the version for version checking
64 # your exported package globals go here,
65 # as well as any optionally exported functions
70 &CheckForSuspiciousSender
71 &CheckForAutoGenerated
74 &ParseCcAddressesFromHead
75 &ParseSenderAddressFromHead
76 &ParseErrorsToAddressFromHead
77 &ParseAddressFromHeader
84 RT::Interface::Email - helper functions for parsing email sent to RT
88 use lib "!!RT_LIB_PATH!!";
89 use lib "!!RT_ETC_PATH!!";
91 use RT::Interface::Email qw(Gateway CreateUser);
98 ok(require RT::Interface::Email);
107 # {{{ sub CheckForLoops
112 #If this instance of RT sent it our, we don't want to take it in
113 my $RTLoop = $head->get("X-RT-Loop-Prevention") || "";
114 chomp($RTLoop); #remove that newline
115 if ( $RTLoop eq "$RT::rtname" ) {
119 # TODO: We might not trap the case where RT instance A sends a mail
120 # to RT instance B which sends a mail to ...
126 # {{{ sub CheckForSuspiciousSender
128 sub CheckForSuspiciousSender {
131 #if it's from a postmaster or mailer daemon, it's likely a bounce.
133 #TODO: better algorithms needed here - there is no standards for
134 #bounces, so it's very difficult to separate them from anything
135 #else. At the other hand, the Return-To address is only ment to be
136 #used as an error channel, we might want to put up a separate
137 #Return-To address which is treated differently.
139 #TODO: search through the whole email and find the right Ticket ID.
141 my ( $From, $junk ) = ParseSenderAddressFromHead($head);
143 if ( ( $From =~ /^mailer-daemon\@/i )
144 or ( $From =~ /^postmaster\@/i ) )
156 # {{{ sub CheckForAutoGenerated
157 sub CheckForAutoGenerated {
160 my $Precedence = $head->get("Precedence") || "";
161 if ( $Precedence =~ /^(bulk|junk)/i ) {
165 # First Class mailer uses this as a clue.
166 my $FCJunk = $head->get("X-FC-Machinegenerated") || "";
167 if ( $FCJunk =~ /^true/i ) {
176 # {{{ sub CheckForBounce
180 my $ReturnPath = $head->get("Return-path") || "";
181 return ( $ReturnPath =~ /<>/ );
188 =head2 IsRTAddress ADDRESS
190 Takes a single parameter, an email address.
191 Returns true if that address matches the $RTAddressRegexp.
192 Returns false, otherwise.
197 my $address = shift || '';
199 # Example: the following rule would tell RT not to Cc
200 # "tickets@noc.example.com"
201 if ( defined($RT::RTAddressRegexp)
202 && $address =~ /$RT::RTAddressRegexp/i )
212 # {{{ CullRTAddresses
214 =head2 CullRTAddresses ARRAY
216 Takes a single argument, an array of email addresses.
217 Returns the same array with any IsRTAddress()es weeded out.
221 sub CullRTAddresses {
222 return ( grep { IsRTAddress($_) } @_ );
230 To => $RT::OwnerEmail,
232 From => $RT::CorrespondAddress,
233 Subject => 'There has been an error',
234 Explanation => 'Unexplained error',
242 level => $args{'LogLevel'},
243 message => $args{'Explanation'}
245 my $entity = MIME::Entity->build(
246 Type => "multipart/mixed",
247 From => $args{'From'},
250 Subject => $args{'Subject'},
251 Precedence => 'bulk',
252 'X-RT-Loop-Prevention' => $RT::rtname,
255 $entity->attach( Data => $args{'Explanation'} . "\n" );
257 my $mimeobj = $args{'MIMEObj'};
259 $mimeobj->sync_headers();
260 $entity->add_part($mimeobj);
263 if ( $args{'Attach'} ) {
264 $entity->attach( Data => $args{'Attach'}, Type => 'message/rfc822' );
268 if ( $RT::MailCommand eq 'sendmailpipe' ) {
270 "|$RT::SendmailPath $RT::SendmailBounceArguments $RT::SendmailArguments"
273 print MAIL $entity->as_string;
276 $entity->send( $RT::MailCommand, $RT::MailParams );
285 my ( $Username, $Address, $Name, $ErrorsTo, $entity ) = @_;
286 my $NewUser = RT::User->new($RT::SystemUser);
288 my ( $Val, $Message ) = $NewUser->Create(
289 Name => ( $Username || $Address ),
290 EmailAddress => $Address,
294 Comments => 'Autocreated on ticket submission'
299 # Deal with the race condition of two account creations at once
302 $NewUser->LoadByName($Username);
305 unless ( $NewUser->Id ) {
306 $NewUser->LoadByEmail($Address);
309 unless ( $NewUser->Id ) {
312 Subject => "User could not be created",
314 "User creation failed in mailgateway: $Message",
321 #Load the new user object
322 my $CurrentUser = RT::CurrentUser->new();
323 $CurrentUser->LoadByEmail($Address);
325 unless ( $CurrentUser->id ) {
326 $RT::Logger->warning(
327 "Couldn't load user '$Address'." . "giving up" );
330 Subject => "User could not be loaded",
332 "User '$Address' could not be loaded in the mail gateway",
343 # {{{ ParseCcAddressesFromHead
345 =head2 ParseCcAddressesFromHead HASHREF
347 Takes a hashref object containing QueueObj, Head and CurrentUser objects.
348 Returns a list of all email addresses in the To and Cc
349 headers b<except> the current Queue\'s email addresses, the CurrentUser\'s
350 email address and anything that the configuration sub RT::IsRTAddress matches.
354 sub ParseCcAddressesFromHead {
358 CurrentUser => undef,
364 my @ToObjs = Mail::Address->parse( $args{'Head'}->get('To') );
365 my @CcObjs = Mail::Address->parse( $args{'Head'}->get('Cc') );
367 foreach my $AddrObj ( @ToObjs, @CcObjs ) {
368 my $Address = $AddrObj->address;
369 $Address = $args{'CurrentUser'}
370 ->UserObj->CanonicalizeEmailAddress($Address);
371 next if ( $args{'CurrentUser'}->EmailAddress =~ /^\Q$Address\E$/i );
372 next if ( $args{'QueueObj'}->CorrespondAddress =~ /^\Q$Address\E$/i );
373 next if ( $args{'QueueObj'}->CommentAddress =~ /^\Q$Address\E$/i );
374 next if ( RT::EmailParser->IsRTAddress($Address) );
376 push( @Addresses, $Address );
383 # {{{ ParseSenderAdddressFromHead
385 =head2 ParseSenderAddressFromHead
387 Takes a MIME::Header object. Returns a tuple: (user@host, friendly name)
388 of the From (evaluated in order of Reply-To:, From:, Sender)
392 sub ParseSenderAddressFromHead {
395 #Figure out who's sending this message.
396 my $From = $head->get('Reply-To')
397 || $head->get('From')
398 || $head->get('Sender');
399 return ( ParseAddressFromHeader($From) );
404 # {{{ ParseErrorsToAdddressFromHead
406 =head2 ParseErrorsToAddressFromHead
408 Takes a MIME::Header object. Return a single value : user@host
409 of the From (evaluated in order of Return-path:,Errors-To:,Reply-To:,
414 sub ParseErrorsToAddressFromHead {
417 #Figure out who's sending this message.
419 foreach my $header ( 'Errors-To', 'Reply-To', 'From', 'Sender' ) {
421 # If there's a header of that name
422 my $headerobj = $head->get($header);
424 my ( $addr, $name ) = ParseAddressFromHeader($headerobj);
426 # If it's got actual useful content...
427 return ($addr) if ($addr);
434 # {{{ ParseAddressFromHeader
436 =head2 ParseAddressFromHeader ADDRESS
438 Takes an address from $head->get('Line') and returns a tuple: user@host, friendly name
442 sub ParseAddressFromHeader {
445 my @Addresses = Mail::Address->parse($Addr);
447 my $AddrObj = $Addresses[0];
449 unless ( ref($AddrObj) ) {
450 return ( undef, undef );
453 my $Name = ( $AddrObj->phrase || $AddrObj->comment || $AddrObj->address );
455 #Lets take the from and load a user object.
456 my $Address = $AddrObj->address;
458 return ( $Address, $Name );
463 # {{{ sub ParseTicketId
469 my $test_name = $RT::EmailSubjectTagRegex || qr/\Q$RT::rtname\E/i;
471 if ( $Subject =~ s/\[$test_name\s+\#(\d+)\s*\]//i ) {
473 $RT::Logger->debug("Found a ticket ID. It's $id");
482 =head2 Gateway ARGSREF
492 This performs all the "guts" of the mail rt-mailgate program, and is
493 designed to be called from the web interface with a message, user
496 Can also take an optional 'ticket' parameter; this ticket id overrides
497 any ticket id found in the subject.
503 (status code, message, optional ticket object)
505 status code is a numeric value.
507 for temporary failures, the status code should be -75
509 for permanent failures which are handled by RT, the status code
512 for succces, the status code should be 1
521 action => 'correspond',
531 # Validate the action
532 my ( $status, @actions ) = IsCorrectAction( $args{'action'} );
536 "Invalid 'action' parameter "
544 my $parser = RT::EmailParser->new();
545 $parser->SmartParseMIMEEntityFromScalar( Message => $args{'message'} );
546 my $Message = $parser->Entity();
550 To => $RT::OwnerEmail,
551 Subject => "RT Bounce: Unparseable message",
552 Explanation => "RT couldn't process the message below",
553 Attach => $args{'message'}
557 "Failed to parse this message. Something is likely badly wrong with the message"
561 my $head = $Message->head;
563 my $ErrorsTo = ParseErrorsToAddressFromHead($head);
565 my $MessageId = $head->get('Message-ID')
566 || "<no-message-id-" . time . rand(2000) . "\@.$RT::Organization>";
568 #Pull apart the subject line
569 my $Subject = $head->get('Subject') || '';
572 $args{'ticket'} ||= ParseTicketId($Subject);
574 $SystemTicket = RT::Ticket->new($RT::SystemUser);
575 $SystemTicket->Load( $args{'ticket'} ) if ( $args{'ticket'} ) ;
576 if ( $SystemTicket->id ) {
577 $Right = 'ReplyToTicket';
579 $Right = 'CreateTicket';
582 #Set up a queue object
583 my $SystemQueueObj = RT::Queue->new($RT::SystemUser);
584 $SystemQueueObj->Load( $args{'queue'} );
586 # We can safely have no queue of we have a known-good ticket
587 unless ( $SystemTicket->id || $SystemQueueObj->id ) {
588 return ( -75, "RT couldn't find the queue: " . $args{'queue'}, undef );
591 # Authentication Level ($AuthStat)
592 # -1 - Get out. this user has been explicitly declined
593 # 0 - User may not do anything (Not used at the moment)
595 # 2 - User is allowed to specify status updates etc. a la enhanced-mailgate
596 my ( $CurrentUser, $AuthStat, $error );
598 # Initalize AuthStat so comparisons work correctly
599 $AuthStat = -9999999;
601 push @RT::MailPlugins, "Auth::MailFrom" unless @RT::MailPlugins;
603 # if plugin returns AuthStat -2 we skip action
604 # NOTE: this is experimental API and it would be changed
605 my %skip_action = ();
607 # Since this needs loading, no matter what
608 foreach (@RT::MailPlugins) {
609 my ($Code, $NewAuthStat);
610 if ( ref($_) eq "CODE" ) {
614 $Class = "RT::Interface::Email::" . $Class
615 unless $Class =~ /^RT::Interface::Email::/;
617 do { $RT::Logger->error("Couldn't load $Class: $@"); next };
620 unless ( defined( $Code = *{ $Class . "::GetCurrentUser" }{CODE} ) ) {
621 $RT::Logger->crit( "No 'GetCurrentUser' function found in '$Class' module");
626 foreach my $action (@actions) {
627 ( $CurrentUser, $NewAuthStat ) = $Code->(
629 RawMessageRef => \$args{'message'},
630 CurrentUser => $CurrentUser,
631 AuthLevel => $AuthStat,
633 Ticket => $SystemTicket,
634 Queue => $SystemQueueObj
637 # You get the highest level of authentication you were assigned, unless you get the magic -1
638 # If a module returns a "-1" then we discard the ticket, so.
639 $AuthStat = $NewAuthStat
640 if ( $NewAuthStat > $AuthStat or $NewAuthStat == -1 or $NewAuthStat == -2 );
642 last if $AuthStat == -1;
643 $skip_action{$action}++ if $AuthStat == -2;
646 last if $AuthStat == -1;
648 # {{{ If authentication fails and no new user was created, get out.
649 if ( !$CurrentUser || !$CurrentUser->id || $AuthStat == -1 ) {
651 # If the plugins refused to create one, they lose.
652 unless ( $AuthStat == -1 ) {
653 _NoAuthorizedUserFound(
656 Requestor => $ErrorsTo,
657 Queue => $args{'queue'}
661 return ( 0, "Could not load a valid user", undef );
664 # If we got a user, but they don't have the right to say things
665 if ( $AuthStat == 0 ) {
668 Subject => "Permission Denied",
670 "You do not have permission to communicate with RT",
675 "$ErrorsTo tried to submit a message to "
677 . " without permission.",
682 # {{{ Lets check for mail loops of various sorts.
683 my ($continue, $result);
684 ( $continue, $ErrorsTo, $result ) = _HandleMachineGeneratedMail(
686 ErrorsTo => $ErrorsTo,
688 MessageId => $MessageId
692 return ( 0, $result, undef );
695 # strip actions we should skip
696 @actions = grep !$skip_action{$_}, @actions;
698 # if plugin's updated SystemTicket then update arguments
699 $args{'ticket'} = $SystemTicket->Id if $SystemTicket && $SystemTicket->Id;
701 my $Ticket = RT::Ticket->new($CurrentUser);
703 if ( !$args{'ticket'} && grep /^(comment|correspond)$/, @actions )
707 my @Requestors = ( $CurrentUser->id );
709 if ($RT::ParseNewMessageForTicketCcs) {
710 @Cc = ParseCcAddressesFromHead(
712 CurrentUser => $CurrentUser,
713 QueueObj => $SystemQueueObj
717 my ( $id, $Transaction, $ErrStr ) = $Ticket->Create(
718 Queue => $SystemQueueObj->Id,
720 Requestor => \@Requestors,
727 Subject => "Ticket creation failed",
728 Explanation => $ErrStr,
731 return ( 0, "Ticket creation failed: $ErrStr", $Ticket );
734 # strip comments&corresponds from the actions we don't need
735 # to record them if we've created the ticket just now
736 @actions = grep !/^(comment|correspond)$/, @actions;
737 $args{'ticket'} = $id;
741 $Ticket->Load( $args{'ticket'} );
742 unless ( $Ticket->Id ) {
743 my $error = "Could not find a ticket with id " . $args{'ticket'};
746 Subject => "Message not recorded",
747 Explanation => $error,
751 return ( 0, $error );
756 foreach my $action (@actions) {
758 # If the action is comment, add a comment.
759 if ( $action =~ /^(?:comment|correspond)$/i ) {
760 my $method = ucfirst lc $action;
761 my ( $status, $msg ) = $Ticket->$method( MIMEObj => $Message );
764 #Warn the sender that we couldn't actually submit the comment.
767 Subject => "Message not recorded",
771 return ( 0, "Message not recorded: $msg", $Ticket );
773 } elsif ($RT::UnsafeEmailCommands) {
774 my ( $status, $msg ) = _RunUnsafeAction(
776 ErrorsTo => $ErrorsTo,
779 CurrentUser => $CurrentUser,
781 return ($status, $msg, $Ticket) unless $status == 1;
784 return ( 1, "Success", $Ticket );
787 sub _RunUnsafeAction {
793 CurrentUser => undef,
797 if ( $args{'Action'} =~ /^take$/i ) {
798 my ( $status, $msg ) = $args{'Ticket'}->SetOwner( $args{'CurrentUser'}->id );
801 To => $args{'ErrorsTo'},
802 Subject => "Ticket not taken",
804 MIMEObj => $args{'Message'}
806 return ( 0, "Ticket not taken" );
808 } elsif ( $args{'Action'} =~ /^resolve$/i ) {
809 my ( $status, $msg ) = $args{'Ticket'}->SetStatus('resolved');
812 #Warn the sender that we couldn't actually submit the comment.
814 To => $args{'ErrorsTo'},
815 Subject => "Ticket not resolved",
817 MIMEObj => $args{'Message'}
819 return ( 0, "Ticket not resolved" );
822 return ( 0, "Not supported unsafe action $args{'Action'}", $args{'Ticket'} );
824 return ( 1, "Success" );
827 =head2 _NoAuthorizedUserFound
829 Emails the RT Owner and the requestor when the auth plugins return "No auth user found"
833 sub _NoAuthorizedUserFound {
842 # Notify the RT Admin of the failure.
844 To => $RT::OwnerEmail,
845 Subject => "Could not load a valid user",
846 Explanation => <<EOT,
847 RT could not load a valid user, and RT's configuration does not allow
848 for the creation of a new user for this email (@{[$args{Requestor}]}).
850 You might need to grant 'Everyone' the right '@{[$args{Right}]}' for the
851 queue @{[$args{'Queue'}]}.
854 MIMEObj => $args{'Message'},
858 # Also notify the requestor that his request has been dropped.
860 To => $args{'Requestor'},
861 Subject => "Could not load a valid user",
862 Explanation => <<EOT,
863 RT could not load a valid user, and RT's configuration does not allow
864 for the creation of a new user for your email.
867 MIMEObj => $args{'Message'},
872 =head2 _HandleMachineGeneratedMail
879 Checks the message to see if it's a bounce, if it looks like a loop, if it's autogenerated, etc.
880 Returns a triple of ("Should we continue (boolean)", "New value for $ErrorsTo", "Status message");
884 sub _HandleMachineGeneratedMail {
885 my %args = ( Message => undef, ErrorsTo => undef, Subject => undef, MessageId => undef, @_ );
886 my $head = $args{'Message'}->head;
887 my $ErrorsTo = $args{'ErrorsTo'};
889 my $IsBounce = CheckForBounce($head);
891 my $IsAutoGenerated = CheckForAutoGenerated($head);
893 my $IsSuspiciousSender = CheckForSuspiciousSender($head);
895 my $IsALoop = CheckForLoops($head);
897 my $SquelchReplies = 0;
899 #If the message is autogenerated, we need to know, so we can not
900 # send mail to the sender
901 if ( $IsBounce || $IsSuspiciousSender || $IsAutoGenerated || $IsALoop ) {
903 $ErrorsTo = $RT::OwnerEmail;
906 # Warn someone if it's a loop, before we drop it on the ground
908 $RT::Logger->crit("RT Recieved mail (".$args{MessageId}.") from itself.");
910 #Should we mail it to RTOwner?
911 if ($RT::LoopsToRTOwner) {
913 To => $RT::OwnerEmail,
914 Subject => "RT Bounce: ".$args{'Subject'},
915 Explanation => "RT thinks this message may be a bounce",
916 MIMEObj => $args{Message}
920 #Do we actually want to store it?
921 return ( 0, $ErrorsTo, "Message Bounced" ) unless ($RT::StoreLoops);
924 # Squelch replies if necessary
925 # Don't let the user stuff the RT-Squelch-Replies-To header.
926 if ( $head->get('RT-Squelch-Replies-To') ) {
928 'RT-Relocated-Squelch-Replies-To',
929 $head->get('RT-Squelch-Replies-To')
931 $head->delete('RT-Squelch-Replies-To');
934 if ($SquelchReplies) {
936 # Squelch replies to the sender, and also leave a clue to
937 # allow us to squelch ALL outbound messages. This way we
938 # can punt the logic of "what to do when we get a bounce"
939 # to the scrip. We might want to notify nobody. Or just
940 # the RT Owner. Or maybe all Privileged watchers.
941 my ( $Sender, $junk ) = ParseSenderAddressFromHead($head);
942 $head->add( 'RT-Squelch-Replies-To', $Sender );
943 $head->add( 'RT-DetectedAutoGenerated', 'true' );
945 return ( 1, $ErrorsTo, "Handled machine detection" );
948 =head2 IsCorrectAction
950 Returns a list of valid actions we've found for this message
954 sub IsCorrectAction {
956 my @actions = split /-/, $action;
958 return ( 0, $_ ) unless /^(?:comment|correspond|take|resolve)$/;
960 return ( 1, @actions );
963 eval "require RT::Interface::Email_Vendor";
964 die $@ if ( $@ && $@ !~ qr{^Can't locate RT/Interface/Email_Vendor.pm} );
965 eval "require RT::Interface::Email_Local";
966 die $@ if ( $@ && $@ !~ qr{^Can't locate RT/Interface/Email_Local.pm} );