Opened 10 years ago
Last modified 6 years ago
#11644 new enhancement
Add an email domain blacklist/whitelist to prevent proprietary info leaks in notifications — at Version 3
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | normal | Milestone: | unscheduled |
| Component: | ticket system | Version: | 0.12.2 |
| Severity: | major | Keywords: | email notification |
| Cc: | Branch: | ||
| Release Notes: | |||
| API Changes: | |||
| Internal Changes: | |||
Description (last modified by )
For organizations potentially dealing with proprietary information within their tickets, it is necessary to be able to block notification emails outside designated domains. Otherwise a user could inadvertently (or not) include a Cc to an email address that would leak proprietary information to non-need-to-know persons.
I tried using the admit_domains attribute in the trac.ini [notifications] section to no avail. rjollos responded to me in gdiscussion:trac-users:7NJDOpvmTCE that this doesn't appear to be the intent of the admit_domains attribute and suggested submitting this for possible consideration as a future enhancement.
Change History (3)
comment:1 by , 10 years ago
| Milestone: | → unscheduled |
|---|
comment:2 by , 10 years ago
But I think that simple solution is to filter recipients on SMTP server, e.g. smtpd_sender_restrictions and smtpd_recipient_restrictions on Postfix.
comment:3 by , 10 years ago
| Description: | modified (diff) |
|---|
PatchWelcome. #10846 is the same confusion.