https://rt-wiki.bestpractical.com/index.php?title=ValidateEmail&feed=atom&action=historyValidateEmail - Revision history2024-03-29T11:56:50ZRevision history for this page on the wikiMediaWiki 1.37.2https://rt-wiki.bestpractical.com/index.php?title=ValidateEmail&diff=4147&oldid=prevAdmin: 2 revisions imported2016-04-06T20:39:40Z<p>2 revisions imported</p>
<p><b>New page</b></p><div>This patch applies to 3.6.3, but should work on other versions without much (if any) modification.<br />
<br />
== Problem ==<br />
<br />
Users mistype addresses in the [[Requestor]], [[CC]], and [[AdminCC]] address fields, causing the notifications to fail and preventing that person from seeing the ticket.<br />
<br />
As far as I could tell, RT does not validate addresses typed into those fields, and offers no hooks for administrators to create their own validation.<br />
<br />
== Solution ==<br />
<br />
I created a Mason component to perform the email validation, the same way custom fields are validated. First, emails without '@' signs are invalid in my environment, so I reject them. Second, I connect to the local SMTP server and submit the email address as a recipient. If the recipient is accepted, then I consider it a valid address. (No actual message is sent during the validation.)<br />
<br />
== Details ==<br />
<br />
First, create /opt/rt3/local/html/Elements/[[ValidateEmails]]. You should customize the first part of this file, where the SMTP server is specified.<br />
<br />
&lt;%INIT&gt;<br />
sub check_address<br />
{<br />
my $address = shift;<br />
<br />
my $REQUIRE_AT_SIGN = 1;<br />
my $SMTP_HOST = 'smtp.messiah.edu';<br />
my $SMTP_FROM = 'nobody@messiah.edu';<br />
<br />
return 0 if ($REQUIRE_AT_SIGN &amp;&amp; $address !~ /\@/);<br />
<br />
# check address against specified SMTP server<br />
use Net::SMTP;<br />
my $smtp = Net::SMTP-&gt;new($SMTP_HOST);<br />
<br />
$smtp-&gt;mail($SMTP_FROM);<br />
my $valid = $smtp-&gt;to($address);<br />
$smtp-&gt;quit;<br />
return $valid;<br />
}<br />
<br />
my $valid = 1;<br />
foreach my $field (@{$EmailFields})<br />
{<br />
my $value = $ARGSRef-&gt;{$field};<br />
foreach my $address (split /,/, $value)<br />
{<br />
# trim whitespace<br />
$address =~ s/^\s+//;<br />
$address =~ s/\s+$//;<br />
<br />
next if $address eq "";<br />
unless (check_address($address))<br />
{<br />
$valid = 0;<br />
$m-&gt;notes("InvalidField-$field"<br />
=&gt; "Bad address ($address)");<br />
}<br />
}<br />
}<br />
$m-&gt;notes('ValidEmails', $valid);<br />
return $valid;<br />
&lt;/%INIT&gt;<br />
&lt;%ARGS&gt;<br />
$EmailFields =&gt; [ "Requestors", "Cc", "AdminCc" ]<br />
$ARGSRef<br />
&lt;/%ARGS&gt;<br />
<br />
<br />
Next, to configure the Create Ticket page to require validation, copy /opt/rt3/share/html/Ticket/Create.html to /opt/rt3/local/html/Ticket/Create.html and make the following modifications:<br />
<br />
--- Create.html.orig 2007-02-20 10:19:32.000000000 -0500<br />
+++ Create.html 2007-02-20 10:32:04.000000000 -0500<br />
@@ -250,6 +250,10 @@<br />
CustomFields =&gt; $CFs,<br />
ARGSRef =&gt; \%ARGS<br />
);<br />
+my $ValidEmails = $m-&gt;comp(<br />
+ '/Elements/ValidateEmails',<br />
+ ARGSRef =&gt; \%ARGS<br />
+);<br />
<br />
# if no due date has been set explicitly, then use the<br />
# queue's default if it exists<br />
@@ -297,7 +301,7 @@<br />
# }}}<br />
<br />
if ((!exists $ARGS{'AddMoreAttach'}) and ($ARGS{'id'} eq 'new')) { # new ticket?<br />
- if ($ValidCFs) {<br />
+ if ($ValidCFs and $ValidEmails) {<br />
$m-&gt;comp('Display.html', %ARGS);<br />
$RT::Logger-&gt;crit("After display call; error is $@");<br />
$m-&gt;abort();<br />
@@ -308,6 +312,11 @@<br />
my $msg = $m-&gt;notes('InvalidField-' . $CF-&gt;Id) or next;<br />
push @results, $CF-&gt;Name . ': ' . $msg;<br />
}<br />
+ foreach my $field ("Requestors", "Cc", "AdminCc")<br />
+ {<br />
+ my $msg = $m-&gt;notes("InvalidField-$field") or next;<br />
+ push @results, $field . ": " . $msg;<br />
+ }<br />
}<br />
}<br />
<br />
<br />
Finally, restart Apache and try it out. The Create Ticket page should now reject any email addresses that your SMTP server would reject.<br />
<br />
TODO - there are other places where email addresses can be entered. They should be validated too.<br />
<br />
Email me at [mailto:jlong@messiah.edu jlong@messiah.edu] if you have questions or comments on this page.</div>Admin