void ProcessMessage(IncomingMessage message) { if (message.Sender == null) { throw new AgentException(AgentError.NoSender); } if (!message.HasRecipients) { throw new AgentException(AgentError.NoRecipients); } message.EnsureRecipientsCategorizedByDomain(m_managedDomains); if (!message.HasDomainRecipients) { throw new AgentException(AgentError.NoDomainRecipients); } // // Map each address to its certificates/trust settings // this.BindAddresses(message); // // Decrypt the message, extract the signature and original content // this.DecryptSignedContent(message); // // The standard requires that the original message be wrapped to protect headers // message.Message = this.UnwrapMessage(message.Message); this.ValidateRoutingHeaders(message); // // Enforce trust requirements, including checking signatures // m_trustModel.Enforce(message); // // Remove any untrusted recipients... // if (message.HasDomainRecipients) { message.CategorizeRecipientsByTrust(m_minTrustRequirement); } if (!message.HasDomainRecipients) { throw new AgentException(AgentError.NoTrustedRecipients); } // // Some recipients may not trust this message. Remove them from the To list to prevent accidental message delivery // message.UpdateRoutingHeaders(); }
void ProcessMessage(IncomingMessage message) { if (message.Sender == null) { throw new AgentException(AgentError.NoSender); } if (!message.HasRecipients) { throw new AgentException(AgentError.NoRecipients); } message.EnsureRecipientsCategorizedByDomain(m_managedDomains); if (!message.HasDomainRecipients) { throw new AgentException(AgentError.NoDomainRecipients); } // // Map each address to its certificates/trust settings // this.BindAddresses(message); // // Decrypt the message, extract the signature and original content // this.DecryptSignedContent(message); // // The standard requires that the original message be wrapped to protect headers // message.Message = this.UnwrapMessage(message.Message); this.ValidateRoutingHeaders(message); // // Enforce trust requirements, including checking signatures // m_trustModel.Enforce(message); // // Remove any untrusted recipients... // if (message.HasDomainRecipients) { message.CategorizeRecipientsByTrust(m_minTrustRequirement); } if (!message.HasDomainRecipients) { throw new AgentException(AgentError.NoTrustedRecipients); } // // Some recipients may not trust this message. Remove them from the To list to prevent accidental message delivery // message.UpdateRoutingHeaders(); }
/// <summary> /// Ensure that domain recipients are KNOWN - i.e. registered with the Config System /// If not, remove them. /// </summary> /// <param name="message"></param> void VerifyDomainRecipientsRegistered(IncomingMessage message) { message.EnsureRecipientsCategorizedByDomain(this.SecurityAgent.Domains); if (!message.HasDomainRecipients) { throw new AgentException(AgentError.NoRecipients); } DirectAddressCollection recipients = message.DomainRecipients; if (this.Settings.MaxIncomingDomainRecipients > 0 && recipients.Count > this.Settings.MaxIncomingDomainRecipients) { throw new AgentException(AgentError.MaxDomainRecipients); } if (!m_settings.HasAddressManager) { // Address validation is turned off return; } Address[] resolved = m_configService.GetAddresses(recipients); if (resolved.IsNullOrEmpty()) { throw new AgentException(AgentError.NoDomainRecipients); } // Remove any addresses that could not be resolved // Yes, this is currently n^2, but given the typical # of addresses, cost should be insignificant int i = 0; while (i < recipients.Count) { DirectAddress recipient = recipients[i]; int iAddress = Array.FindIndex<Address>(resolved, x => x.Match(recipient)); if (iAddress >= 0) { ++i; // Found recipient.Tag = resolved[iAddress]; } else { recipients.RemoveAt(i); } } }