Bogus sender breaks archiving
Hello,
A bogus from like this:
From: =?utf-8?q?=22Suporte_HelpDesk_=C2=A9_2022=22_=3Ccstr=40cstr=2Eufcg=2Eedu?=@mail.sms.maceio.al.gov.br,
=?utf-8?q?=2Ebr=3E?=@mail.sms.maceio.al.gov.br
when it should be using:
From: =?utf-8?q?=22Suporte_HelpDesk_=C2=A9_2022=22_=3Ccstr=40cstr=2Eufcg=2Eedu?=
=?utf-8?q?=2Ebr=3E?=
The bogus From translates to:
From: "Suporte HelpDesk © 2022" <cstr@cstr.ufcg.edu@mail.sms.maceio.al.gov.br,
.br>@mail.sms.maceio.al.gov.br
Instead of
From: "Suporte HelpDesk © 2022" <cstr@cstr.ufcg.edu.br>
The issue is that hyperkitty fails with:
Could not archive the email with message-id '<20220805135210.A47F4CB952334@mail.sms.maceio.al.gov.br>': ('Non-ascii sender address', <email.message.EmailMessage object at 0x7fc4bacaa438>)
And mailman tries on and on to archive this. With a sufficient large amount of those, the archiver server and maybe even the mailman one will go down due to DoS (mailman-hyperkitty#30).
I don't know if mailman can or should handle that before submitting to hyperkitty. I worry that editing "From" in mailman might introduce a way to an attacker to abuse that logic and spoof an authorized address.