From c14032bc6e398eb98910bdbe13eade7ab8ae8088 Mon Sep 17 00:00:00 2001
From: Mark Sapiro
Date: Fri, 30 Jun 2017 03:42:06 +0000
Subject: Ignore syntactically invalid sender addresses.

---
 src/mailman/docs/NEWS.rst                  |  3 ++-
 src/mailman/email/message.py               |  8 +++++++-
 src/mailman/runners/tests/test_incoming.py | 11 +++++++++++
 3 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/src/mailman/docs/NEWS.rst b/src/mailman/docs/NEWS.rst
index 654cf4edc..50e581239 100644
--- a/src/mailman/docs/NEWS.rst
+++ b/src/mailman/docs/NEWS.rst
@@ -15,7 +15,8 @@ Here is a history of user visible changes to Mailman.
 Bugs
 ----
  * A missing html_to_plain_text_command is now properly detected and logged.
-   (closes #345)
+   (Closes #345)
+ * Syntactically invalid sender addresses are now ignored.  (Closes #229)
 
 Interfaces
 ----------
diff --git a/src/mailman/email/message.py b/src/mailman/email/message.py
index 36a333773..3a5a4d64b 100644
--- a/src/mailman/email/message.py
+++ b/src/mailman/email/message.py
@@ -30,7 +30,9 @@ import email.utils
 from email.header import Header
 from email.mime.multipart import MIMEMultipart
 from mailman.config import config
+from mailman.interfaces.address import IEmailValidator
 from public import public
+from zope.component import getUtility
 
 
 COMMASPACE = ', '
@@ -96,13 +98,17 @@ class Message(email.message.Message):
                     # Convert the header to str in case it's a Header instance.
                     name, address = email.utils.parseaddr(str(field_value))
                     senders.append(address.lower())
-        # Filter out None and the empty string, and convert to unicode.
+        # Filter out invalid addresses, None and the empty string, and convert
+        # to unicode.
         clean_senders = []
+        validator = getUtility(IEmailValidator)
         for sender in senders:
             if not sender:
                 continue
             if isinstance(sender, bytes):
                 sender = sender.decode('ascii')
+            if not validator.is_valid(sender):
+                continue
             clean_senders.append(sender)
         return clean_senders
 
diff --git a/src/mailman/runners/tests/test_incoming.py b/src/mailman/runners/tests/test_incoming.py
index b9668e765..2c7dc0d69 100644
--- a/src/mailman/runners/tests/test_incoming.py
+++ b/src/mailman/runners/tests/test_incoming.py
@@ -69,6 +69,17 @@ To: test@example.com
         items = get_queue_messages('out', expected_count=1)
         self.assertEqual(items[0].msgdata.get('marker'), 'posting')
 
+    def test_posting_from_invalid(self):
+        # A message posted to the list goes through the posting chain even if
+        # From: is invalid.
+        del self._msg['from']
+        self._msg['From'] = 'anne@example.com.'
+        msgdata = dict(listid='test.example.com')
+        config.switchboards['in'].enqueue(self._msg, msgdata)
+        self._in.run()
+        items = get_queue_messages('out', expected_count=1)
+        self.assertEqual(items[0].msgdata.get('marker'), 'posting')
+
     def test_owner(self):
         # A message posted to the list goes through the posting chain.
         msgdata = dict(listid='test.example.com',
-- 
cgit v1.2.3-70-g09d2