Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[PAPP-33723] SMTP: Bugfix - Additional validation on sender email #26

Merged
merged 24 commits into from
Jun 4, 2024
Merged

[PAPP-33723] SMTP: Bugfix - Additional validation on sender email #26

merged 24 commits into from
Jun 4, 2024

Conversation

leobao-splunk
Copy link
Contributor

@leobao-splunk leobao-splunk commented Apr 26, 2024
edited by hardik-crest
Loading

Note

  • Integration and sanity pipeline are failing as the updated playbooks are yet not merged in Gitlab repo. It will pass once the playbooks are merged.

Please ensure your pull request (PR) adheres to the following guidelines:

  • Please refer to our contributing documentation for any questions on submitting a pull request, link: Contribution Guide

Pull Request Checklist

Please check if your PR fulfills the following requirements:

  • Testing of all the changes has been performed (for bug fixes / features)
  • The manual_readme_content.md has been reviewed and added / updated if needed (for bug fixes / features)
  • Use the following format for the PR description: <App Name>: <PR Type> - <PR Description>
  • Provide release notes as part of the PR submission which describe high level points about the changes for the upcoming GA release.
  • Verify all checks are passing.
  • Do NOT use the next branch of the forked repo. Create separate feature branch for raising the PR.
  • Do NOT submit updates to dependencies unless it fixes an issue.

Pull Request Type

Please check the type of change your PR introduces:

  • New App
  • Bugfix
  • Feature
  • Code style update (formatting, renaming)
  • Refactoring (no functional changes, no api changes)
  • Documentation
  • Other (please describe):

Security Considerations (REQUIRED)

  • If you are exposing any endpoints using a REST handler,
    please document them in the manual_readme_content.md.
  • If this is a new connector or you are adding new actions
    • Please document in the manual_readme_content.md all methods (eg, OAuth) used to authenticate
      with the service that the connector is integrating with.
    • If any actions are unable to run on SOAR Cloud, please document this in the manual_readme_content.md.
  • Are you introducing any new cryptography modules? If yes, please elaborate their purpose:
  • Are you are accessing the file system? If yes, please verify that you are only accessing paths returned through
    the Vault API.
  • Are you are marking code to be ignored by Semgrep with nosemgrep?
    If yes, please provide justification in an additional comment next to the ignored code.

Release Notes (REQUIRED)

  • No longer allows sender email to have "splunk", "cisco", or "phantom" in the address domain
  • Driveby fix to allow email validation to work on single emails

What is the current behavior? (OPTIONAL)

  • Currently we only do basic validate on the email to make sure it looks like an email

What is the new behavior? (OPTIONAL)

  • Now, for sender emails only, we check to make sure we're not trying to send from an email address that looks like it coming from splunk

Other information (OPTIONAL)

Pay close attention to (OPTIONAL)

Screenshots (if relevant)

Thanks for contributing!

leobao-splunk and others added 5 commits April 30, 2024 09:20
@leobao-splunk
PAPP-33723
31a4a12 
 - add additional validation on sender email to not include restricted terms in domain
@leobao-splunk
Update README.md
4932bf1
@leobao-splunk
PAPP-33723
d68d8aa 
 - apply linter
@leobao-splunk
PAPP-33723
1d2ddce 
 - update 'contains' for output
@leobao-splunk
Update README.md
315b560
@leobao-splunk leobao-splunk changed the title PAPP-33723: Additional validation on sender email [PAPP-33723] SMTP: Additional validation on sender email Apr 30, 2024
@leobao-splunk leobao-splunk changed the title [PAPP-33723] SMTP: Additional validation on sender email [PAPP-33723] SMTP: Bugfix - Additional validation on sender email Apr 30, 2024
hardik-crest and others added 3 commits May 6, 2024 20:33
@hardik-crest
updated validation logic
03e01e6
Update README.md
33de826
@leobao-splunk
PAPP-33723
3be2a83 
 - update check to only run when from email inputted in action
@leobao-splunk leobao-splunk requested a review from hardik-crest May 9, 2024 00:27
@hardik-crest hardik-crest requested a review from bb-splunk May 20, 2024 05:54
bb-splunk
bb-splunk approved these changes May 20, 2024
View reviewed changes
smtp_connector.py Outdated Show resolved Hide resolved
@ishans-crest ishans-crest merged commit ef2f804 into next Jun 4, 2024
8 checks passed
@ishans-crest ishans-crest deleted the PAPP-33723 branch June 4, 2024 07:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bb-splunk bb-splunk bb-splunk approved these changes

@ishans-crest ishans-crest ishans-crest approved these changes

@hardik-crest hardik-crest Awaiting requested review from hardik-crest

@alexa-phantom alexa-phantom Awaiting requested review from alexa-phantom

Assignees
No one assigned
Labels
splunk-supported
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@leobao-splunk @ishans-crest @hardik-crest @bb-splunk @splunk-soar-connectors-bot