E-mail sender information

There is a problem within the handling of e-mail senders from the header.

If I get the fake mail:

From:  knownsender@trusted.de <falsesender@untrusted.net>

It’s shown as

knownsender@trusted.de <knownsender@trusted.de>

the real sender is not extracted by webapp, because it seams to match only the first adress that can be found. Thats a risk in this times.

Please also post the version you are using and if possible an eml file with which the error can be reproduced.

@fbartels
WebApp: 3.4.5.1202+46.1
Kopano Core: 8.4.3.4

The problem are spam mails with sender spoofing like this test, that can’t be identified in webapp because of the wrong handling:

[~] # telnet 10.45.8.1 25
220 server6-kopano ESMTP Postfix (Ubuntu)
ehlo there
mail from: unknownuser@trusted.net
250 2.1.0 Ok
rcpt to: me@example.de
250 2.1.5 Ok
DATA
354 End data with <CR><LF>.<CR><LF>
From: knownsender@trusted.de <unknownsender@untrusted.net>
Subject: testmail

Testing 123
.
250 2.0.0 Ok: queued as 79447160250

In the message options the full internet header is shown

Return-Path: <unknownuser@trusted.net>
Received: from server6-kopano (127.0.0.1:59782)
	by server6-kopano (kopano-dagent) with LMTP;
	Tue, 13 Feb 2018 08:49:13 +0100 (CET)
Received: from there (unknown [10.45.8.2])
	by server6-kopano (Postfix) with ESMTP id 79447160250
	for <me@example.de>; Tue, 13 Feb 2018 08:48:10 +0100 (CET)
From: knownsender@trusted.de <unknownsender@untrusted.net>
Subject: testmail

The webapp frontend only shows:

Testmail
knownsender@trusted.de <knownsender@trusted.de>

the mail object in the frontend is not created with all possible informations.

The eml file is created from the mail object

Return-Path: <unknownuser@trusted.net>
Received: from server6-kopano (127.0.0.1:59782) by server6-kopano
 (kopano-dagent)  with LMTP; Tue, 13 Feb 2018 08:49:13 +0100
Received: from there (unknown [10.45.8.2])  by server6-kopano (Postfix) with
 ESMTP id 79447160250 for <me@example.de>; Tue, 13 Feb 2018 08:48:10 +0100
Subject: testmail
From: knownsender@trusted.de
To: undisclosed-recipients:;
Date: Tue, 13 Feb 2018 08:58:17 +0100
Mime-Version: 1.0
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

Testing 123


The spoofing was sucessfull.

additional header information in the webapp frontend would be awesome

https://forum.kopano.io/topic/852/feature-request-show-more-detailed-sender-information

@Jo-TL
I’ ve created https://jira.kopano.io/browse/KW-2367 to fix the issue

and
https://jira.kopano.io/browse/KW-2368 for the detailed info

Thanks for the feedback.

In addition to the ticket:
it would be better if kopano match the last found email address instead of the first one and take the beginning of the from field as name string.

In that way no information’s will be lost and it’s more save against spoofing attacks.

fyi we have opened a pull request at the upstream library (vmime). the pr can be found at https://github.com/kisli/vmime/pull/192