Bug 1471304 - Block sending mail to hosts that end with .tld or .bugs

2 files changed, 8 insertions, 3 deletions

diff --git a/Bugzilla/BugMail.pm b/Bugzilla/BugMail.pm
index 915405a0e..ebfc95d51 100644
--- a/Bugzilla/BugMail.pm
+++ b/Bugzilla/BugMail.pm
@@ -277,7 +277,7 @@ sub Send {
             # BMO: never send emails to bugs or .tld addresses.  this check needs to
             # happen after the bugmail_recipients hook.
             if ($user->email_enabled && $dep_ok &&
-                ($user->login !~ /bugs$/) && ($user->login !~ /\.tld$/))
+                ($user->login !~ /\.(?:bugs|tld)$/))
             {
                 # Don't show summaries for bugs the user can't access, and
                 # provide a hook for extensions such as SecureMail to filter
diff --git a/Bugzilla/Mailer.pm b/Bugzilla/Mailer.pm
index 1b77e5063..c9a458b47 100644
--- a/Bugzilla/Mailer.pm
+++ b/Bugzilla/Mailer.pm
@@ -190,11 +190,16 @@ sub MessageToMTA {
         my @recipients = Email::Address->parse($to);
         die qq{Unable to parse "To:" address - $to\n} unless @recipients;
         die qq{Did not expect more than one "To:" address in $to\n} if @recipients > 1;
-        my $badhosts = Bugzilla::Bloomfilter->lookup("badhosts") or die "No badhosts bloomfilter\n";
-        if ($badhosts->test($recipients[0]->host)) {
+        my $recipient = $recipients[0];
+        my $badhosts  = Bugzilla::Bloomfilter->lookup("badhosts");
+        if ($badhosts && $badhosts->test($recipient->host)) {
             WARN("Attempted to send email to address in badhosts: $to");
             $email->header_set(to => '');
         }
+        elsif ($recipient->host =~ /\.(?:bugs|tld)$/) {
+            WARN("Attempted to send email to fake address: $to");
+            $email->header_set(to => '');
+        }
     } catch {
         ERROR($_);
     };