void ProcessMessage(IncomingMessage message)
{
if (message.Sender == null)
{
throw new AgentException(AgentError.NoSender);
}
if (!message.HasRecipients)
{
throw new AgentException(AgentError.NoRecipients);
}
message.EnsureRecipientsCategorizedByDomain(m_managedDomains);
if (!message.HasDomainRecipients)
{
throw new AgentException(AgentError.NoDomainRecipients);
}
//
// Map each address to its certificates/trust settings
//
this.BindAddresses(message);
//
// Decrypt the message, extract the signature and original content
//
this.DecryptSignedContent(message);
//
// The standard requires that the original message be wrapped to protect headers
//
message.Message = this.UnwrapMessage(message.Message);
this.ValidateRoutingHeaders(message);
//
// Enforce trust requirements, including checking signatures
//
m_trustModel.Enforce(message);
//
// Remove any untrusted recipients...
//
if (message.HasDomainRecipients)
{
message.CategorizeRecipientsByTrust(m_minTrustRequirement);
}
if (!message.HasDomainRecipients)
{
throw new AgentException(AgentError.NoTrustedRecipients);
}
//
// Some recipients may not trust this message. Remove them from the To list to prevent accidental message delivery
//
message.UpdateRoutingHeaders();
}
void ProcessMessage(IncomingMessage message)
{
if (message.Sender == null)
{
throw new AgentException(AgentError.NoSender);
}
if (!message.HasRecipients)
{
throw new AgentException(AgentError.NoRecipients);
}
message.EnsureRecipientsCategorizedByDomain(m_managedDomains);
if (!message.HasDomainRecipients)
{
throw new AgentException(AgentError.NoDomainRecipients);
}
//
// Map each address to its certificates/trust settings
//
this.BindAddresses(message);
//
// Decrypt the message, extract the signature and original content
//
this.DecryptSignedContent(message);
//
// The standard requires that the original message be wrapped to protect headers
//
message.Message = this.UnwrapMessage(message.Message);
this.ValidateRoutingHeaders(message);
//
// Enforce trust requirements, including checking signatures
//
m_trustModel.Enforce(message);
//
// Remove any untrusted recipients...
//
if (message.HasDomainRecipients)
{
message.CategorizeRecipientsByTrust(m_minTrustRequirement);
}
if (!message.HasDomainRecipients)
{
throw new AgentException(AgentError.NoTrustedRecipients);
}
//
// Some recipients may not trust this message. Remove them from the To list to prevent accidental message delivery
//
message.UpdateRoutingHeaders();
}
/// <summary>
/// Ensure that domain recipients are KNOWN - i.e. registered with the Config System
/// If not, remove them.
/// </summary>
/// <param name="message"></param>
void VerifyDomainRecipientsRegistered(IncomingMessage message)
{
message.EnsureRecipientsCategorizedByDomain(this.SecurityAgent.Domains);
if (!message.HasDomainRecipients)
{
throw new AgentException(AgentError.NoRecipients);
}
DirectAddressCollection recipients = message.DomainRecipients;
if (this.Settings.MaxIncomingDomainRecipients > 0 && recipients.Count > this.Settings.MaxIncomingDomainRecipients)
{
throw new AgentException(AgentError.MaxDomainRecipients);
}
if (!m_settings.HasAddressManager)
{
// Address validation is turned off
return;
}
Address[] resolved = m_configService.GetAddresses(recipients);
if (resolved.IsNullOrEmpty())
{
throw new AgentException(AgentError.NoDomainRecipients);
}
// Remove any addresses that could not be resolved
// Yes, this is currently n^2, but given the typical # of addresses, cost should be insignificant
int i = 0;
while (i < recipients.Count)
{
DirectAddress recipient = recipients[i];
int iAddress = Array.FindIndex<Address>(resolved, x => x.Match(recipient));
if (iAddress >= 0)
{
++i; // Found
recipient.Tag = resolved[iAddress];
}
else
{
recipients.RemoveAt(i);
}
}
}
