Security issue with email sending - Email receivers
As a core concept we enable users to send emails from a given email, that we do not check, to chosen officials
Currently no checks are done on the emails, whether sender or receiver, opening the possibility to use our forms maliciously
Most evident mis use :
- Impersonating someone by sending from their email to people they know
Issue contains 2 sides :
- People receiving emails: Making sure that we are only sending emails to people targeted by campaigns
- People sending emails: Making sure that the "from" field is actually from the person that is using the platform.
Dedicated ticket here: #52
Solution :
-
Block the ability to edit the field within the form. The only way to fill this field out is by selecting officials in the previous step -
Create a list of "approved email -
When user sends email, we crosscheck if each email is within the list
Side effet 1: Testing process is much heavier. Step by step will be added to the admin documentation