Opened 11 years ago
Last modified 6 years ago
#11644 new enhancement
Add an email domain blacklist/whitelist to prevent proprietary info leaks in notifications
Reported by: | Owned by: | ||
---|---|---|---|
Priority: | normal | Milestone: | unscheduled |
Component: | ticket system | Version: | 0.12.2 |
Severity: | major | Keywords: | email notification |
Cc: | Branch: | ||
Release Notes: | |||
API Changes: | |||
Internal Changes: |
Description (last modified by )
For organizations potentially dealing with proprietary information within their tickets, it is necessary to be able to block notification emails outside designated domains. Otherwise a user could inadvertently (or not) include a Cc to an email address that would leak proprietary information to non-need-to-know persons.
I tried using the admit_domains
attribute in the trac.ini [notifications]
section to no avail. rjollos responded to me in gdiscussion:trac-users:7NJDOpvmTCE that this doesn't appear to be the intent of the admit_domains
attribute and suggested submitting this for possible consideration as a future enhancement.
Attachments (0)
Change History (3)
comment:1 by , 11 years ago
Milestone: | → unscheduled |
---|
comment:2 by , 11 years ago
But I think that simple solution is to filter recipients on SMTP server, e.g. smtpd_sender_restrictions
and smtpd_recipient_restrictions
on Postfix.
comment:3 by , 10 years ago
Description: | modified (diff) |
---|
PatchWelcome. #10846 is the same confusion.