Task #104329
open
Do not use no-reply@example.com email addres as a fallback for the defaultMailFromAddress
0%
Description
The typo3/cms-core/Classes/Utility/MailUtility.php class offers helper methods to fetch several configuration values related to making, providing also some fallbacks.
One of them is this method:
public static function getSystemFromAddress(): string { $address = $GLOBALS['TYPO3_CONF_VARS']['MAIL']['defaultMailFromAddress'] ?? null; if (!is_string($address) || !GeneralUtility::validEmail($address)) { // still nothing, get host name from server $address = 'no-reply@' . php_uname('n'); if (!GeneralUtility::validEmail($address)) { // if everything fails use a dummy address $address = 'no-reply@example.com'; } } return $address; }
So, here as a very last fallback we have the no-reply@example.com used which might not be a good idea as it can expose some sensitive data.
It should be considered if this fallback should be used and even if the
php_uname usage is intended. $GLOBALS['TYPO3_CONF_VARS']['MAIL']['defaultMailFromAddress'], just throw some exception.
Updated by Friedemann Altrock 9 days ago
Hi,
can you specify what sensitive data would be exposed and how?
FTR:
example.com is reserved as per RFC2606: https://www.rfc-editor.org/rfc/rfc2606.html
As long as IANA (Internet Assigned Numbers Authority) does not start an SMTP server on that domain, we'll be good.
Updated by Garvin Hicking 9 days ago
$0.02: While IMO technically valid, mails with that sender shouldn't be sent from production sites, also because nowadays with "wrong" senders like that mails won't be delivered (spam; unless a mail relay rewrites the senders). How about gating this so both fallbacks only work for non-production environments?
Those installs which use mail relays on production that rewrite senders, they should manually set "no-reply@example.com". I think throwing an exception then is good.
Updated by Georg Ringer 8 days ago
i would favor an exception instead of dummy code which won’t work anyways