teknium1 85e084d60d fix(email): reject spoofed From: header for authorization (GHSA-rxqh-5572-8m77) ... The email adapter authorized senders entirely off the From: header, which is attacker-controlled and unauthenticated by IMAP. An attacker could forge From: an-allowlisted-address and pass both the adapter's EMAIL_ALLOWED_USERS pre-filter and the gateway's allowlist authz (both key on the same spoofable sender_addr), getting unauthorized commands executed by the agent. Verify the From: domain against the trusted Authentication-Results header the receiving mail server stamps (SPF/DKIM/DMARC) before trusting it for authorization. Enforced only when an allowlist is in effect and allow-all is off — fail-closed. Operators whose server does not stamp the header can opt out via platforms.email.require_authenticated_sender: false (or EMAIL_TRUST_FROM_HEADER=true).		2026-06-25 21:11:02 -07:00
..
__init__.py	refactor(gateway): migrate slack/dingtalk/whatsapp/matrix/feishu/telegram/wecom/email/sms adapters to bundled plugins	2026-06-20 10:26:45 -07:00
adapter.py	fix(email): reject spoofed From: header for authorization (GHSA-rxqh-5572-8m77)	2026-06-25 21:11:02 -07:00
plugin.yaml	refactor(gateway): migrate slack/dingtalk/whatsapp/matrix/feishu/telegram/wecom/email/sms adapters to bundled plugins	2026-06-20 10:26:45 -07:00