Community: Framework mailing list archives

expert-framework@mail.odoo.com

Re: OpenERP sends emails from addresses it does not own.

by
manuel
- 10/24/2014 12:00:31
Simplified step by step description of how OpenERP send the email from addresses it does not own:


When bob@external.com replies: 

1. The mailgate script calls the mail.thread's message_process method.

2. The message is parsed and mail.thread's message_routes is called to find what to do with the message.  Since it's a reply to an active thread from a partner there will be a matching route ('res.partner',  182, {}, 1).

3. This route is processed by finding the model 'res.partner' and assuming thread_id 182...

4. Since res.partner object has a message_update and there's a thread_id, it calls it.

5. The message_update method of res.partner is actually implemented in mail.thread (by inheritance and res.partner does not have any override).

6. But update_vals is None in this case, so nothing happens.

7. Back in message_process, res.partner's message_post is invoked.  This time the res.partner does have this method implemented.  But this specialization simply ensures that the partner's how started the thread is linked to the message that is going to be created and set's the thread_id to False before calling super.

8. message_post then relies in email_from of the original message to create the message's From and builds the partners_id from the parent message (the one sasha sent).  Then mail.message's create method calls its _notify method causing the behaviour explained --, i.e OpenERP will send message to external user's using a From that it's also external...


How to fix this behavior could be very tricky to get right, but I think this is bad enough to fix it in 7.0.  I haven't been able to recreate this in 8.0
 

<blockquote cite="mid:544977E4.9040003@merchise.org" type="cite"> Hi all,

I need some suggestion about an issue that may be either a misconfiguration, or bug.

Summary:  OpenERP sends emails with the SMTP envelop with address it does not own (ie. MAIL_FROM whatever@gmail.com)....


Preamble:

1. Assume you have openerp with local domain for emails @open.example.com.

2. Some of your users use the messages system intensively to communicate with external parties.

3. OpenERP delivers email via SMTP to a local postfix that relays to the enterprise MTA.  In turn, this MTA relays to this local postfix when receives message To addresses @open.example.com.  The MTA owns the domain @mta.example.com...

4. The local postfix delivers email to OpenERP via the mailgate script.


Steps to reproduce the issue:

1. The user sasha sends a message to bob@external.com, alice@external.com and chris@other.com.  OpenERP connects with local postfix to send the email to those external addresses.  Postfix then relays to the enterprise's MTA...  A few minutes later Bob, Alice and Chris receive the email.

2. Bob replies...  His MTA connects with ours, which then relays to the local postfix, the postfix delivers the email to OpenERP via the mailgate script.

3. OpenERP checks the thread-id and then send notifications to both alice@external.com and chris@other.com... But doing so it identifies as bob@external.com, ie. it sends a "MAIL_FROM bob@external.com" in the SMTP envelop.


So both Alice and Chris would receive emails from Bob but which were not sent by the MTA that owns @external.com... If Alice's or Chris' MTAs verify the origin, the email will be rejected.  Furthermore, spam watch lists might blacklist our MTA cause it could be deemed to send spam.

Any ideas?

Best regards,
Manuel.