FIX: Use addresses to compare email header (#14509)

FIX: Use addresses to compare email header (#14509)

Usually, when an email is received a user lookup is performed using the email address found in the From header. When an email has an X-Original-From header, if it is equal to Reply-To then it uses that one instead. The comparison was sensitive to whitespaces and other insignificant characters such as quotes because it reconstructed the From header.

For the fixture added in this commit, it compared the reconstructed From header John Doe <johndoe@example.com> with the Reply-To header "John Doe" <johndoe@example.com>.

diff --git a/lib/email/receiver.rb b/lib/email/receiver.rb
index 1f9e90b..207e418 100644
--- a/lib/email/receiver.rb
+++ b/lib/email/receiver.rb
@@ -637,7 +637,8 @@ module Email
 
         comparison_failed = false
         comparison_headers.each do |comparison_header|
-          if mail_object[comparison_header].to_s != "#{from_display_name} <#{from_address}>"
+          comparison_header_address = mail_object[comparison_header].to_s[/<([^>]+)>/, 1]
+          if comparison_header_address != from_address
             comparison_failed = true
             break
           end
diff --git a/spec/components/email/receiver_spec.rb b/spec/components/email/receiver_spec.rb
index 7c61a0f..0f73e88 100644
--- a/spec/components/email/receiver_spec.rb
+++ b/spec/components/email/receiver_spec.rb
@@ -870,8 +870,20 @@ describe Email::Receiver do
     end
 
     describe "reply-to header" do
-      it "handles emails where there is a Reply-To address, using that instead of the from address, if X-Original-From is present" do
+      before do
         SiteSetting.block_auto_generated_emails = false
+      end
+
+      it "extracts address and uses it for comparison" do
+        expect { process(:reply_to_whitespaces) }.to change(Topic, :count).by(1)
+        user = User.last
+        incoming = IncomingEmail.find_by(message_id: "TXULO4v6YU0TzeL2buFAJNU2MK21c7t4@example.com")
+        topic = incoming.topic
+        expect(incoming.from_address).to eq("johndoe@example.com")
+        expect(user.email).to eq("johndoe@example.com")
+      end
+
+      it "handles emails where there is a Reply-To address, using that instead of the from address, if X-Original-From is present" do
         expect { process(:reply_to_different_to_from) }.to change(Topic, :count).by(1)
         user = User.last
         incoming = IncomingEmail.find_by(message_id: "3848c3m98r439c348mc349@test.mailinglist.com")
@@ -881,7 +893,6 @@ describe Email::Receiver do
       end
 
       it "allows for quotes around the display name of the Reply-To address" do
-        SiteSetting.block_auto_generated_emails = false
         expect { process(:reply_to_different_to_from_quoted_display_name) }.to change(Topic, :count).by(1)
         user = User.last
         incoming = IncomingEmail.find_by(message_id: "3848c3m98r439c348mc349@test.mailinglist.com")
@@ -891,7 +902,6 @@ describe Email::Receiver do
       end
 
       it "does not use the reply-to address if an X-Original-From header is not present" do
-        SiteSetting.block_auto_generated_emails = false
         expect { process(:reply_to_different_to_from_no_x_original) }.to change(Topic, :count).by(1)
         user = User.last
         incoming = IncomingEmail.find_by(message_id: "3848c3m98r439c348mc349@test.mailinglist.com")
@@ -901,7 +911,6 @@ describe Email::Receiver do
       end
 
       it "does not use the reply-to address if the X-Original-From header is different from the reply-to address" do
-        SiteSetting.block_auto_generated_emails = false
         expect { process(:reply_to_different_to_from_x_original_different) }.to change(Topic, :count).by(1)
         user = User.last
         incoming = IncomingEmail.find_by(message_id: "3848c3m98r439c348mc349@test.mailinglist.com")
diff --git a/spec/fixtures/emails/reply_to_whitespaces.eml b/spec/fixtures/emails/reply_to_whitespaces.eml
new file mode 100644
index 0000000..7d08ef7
--- /dev/null
+++ b/spec/fixtures/emails/reply_to_whitespaces.eml
@@ -0,0 +1,12 @@
+From: "'John Doe' via Forwarder" <team@bar.com>
+To: "team@bar.com" <team@bar.com>
+Subject: Greetings
+Date: Wed, 01 Jan 2021 12:00:00 +0000
+Message-ID: <TXULO4v6YU0TzeL2buFAJNU2MK21c7t4@example.com>
+X-Original-Sender: johndoe@example.com
+X-Original-From: "John Doe"
+    <johndoe@example.com>
+Reply-To: "John Doe"
+    <johndoe@example.com>
+
+Hello world!

GitHub sha: 74a9c0509b444499826fbc39b2e2dd3e37bcbeab

This commit appears in #14509 which was approved by ZogStriP. It was merged by udan11.