Webhook and HTTP message endpoint deliveries both flow through
Postal::HTTP, which parsed the user-supplied URL and connected to its
host with no address validation. An authenticated user could point a
webhook or endpoint at a private, loopback or link-local address (e.g.
127.0.0.1, 169.254.169.254 cloud metadata, RFC1918 hosts) and make the
server issue requests into its own internal network.
Add Postal::HTTP::AddressGuard, which resolves the destination host and
rejects private/loopback/link-local/reserved/multicast IPv4 and IPv6
addresses, then pins the connection to the validated address so it cannot
be redirected via a DNS-rebinding race. Administrators can permit specific
destinations via the new postal.allowed_request_destinations config option
(hostnames or IP/CIDR ranges).
Address selection only uses families this server can actually reach so we
do not pin to an IPv6 address on a host without IPv6 connectivity; IPv4 is
preferred for predictability. HTTPEndpoint now validates that its URL is a
well-formed HTTP(S) URL with a host.
This commit also adds some of tests for the Domain model. It was during the writing of these tests that the DNS resolution refactoring requirement became apparent.
This patch changes the requeue behaviour to requeue messages that are 30 seconds past their retry time.
Batching now includes messages that are any amount past their retry time.
This change avoids batching messages before theur graylisting time, but maintains efficient batching.
* Update mysql2 query call to cast booleans
* Treat messages:held field as boolean
* Treat messages:inspected field as boolean
* Treat messages:spam field as boolean
* Treat messages:threat field as boolean
* Treat messages:bounce field as boolean
* Treat messages:received_with_ssl field as boolean
* Treat deliveries:sent_with_ssl field as boolean
* add semicolon to dkim record data
Addresses https://github.com/atech/postal/issues/812
As the semicolon at the end of a DKIM record is optional, some DNS software removes it.
The above change sanitizes the DKIM record before it gets checked
* fixed method typo
fixed a typo caused by my US spelling checker
* typo fix v2
a proper fix for the typo
