From 4e2ab9b389c88f7daa82c93c159af13b8add3b8a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20=C5=A0koda?= <p@v3l.cz>
Date: Tue, 19 May 2020 18:33:32 +0200
Subject: [PATCH] Validate recipient emails in send before asking for their
 public keys

---
 Changelog.md           |  7 +++++++
 internal/smtp/user.go  |  4 ++++
 internal/smtp/utils.go | 12 ++++++++++++
 3 files changed, 23 insertions(+)

diff --git a/Changelog.md b/Changelog.md
index 7e971a04..12fb328e 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -3,6 +3,13 @@
 Changelog [format](http://keepachangelog.com/en/1.0.0/)
 
 ## Unreleased
+## unreleased
+
+### Changed
+* GODT-308 better user error message when request is canceled
+* GODT-312 validate recipient emails in send before asking for their public keys
+
+## [v1.2.7] Donghai-hotfix - beta (2020-05-07)
 
 ### Added
 * IMAP mailbox info update when new mailbox is created
diff --git a/internal/smtp/user.go b/internal/smtp/user.go
index a4541c67..208a7588 100644
--- a/internal/smtp/user.go
+++ b/internal/smtp/user.go
@@ -209,6 +209,10 @@ func (su *smtpUser) Send(from string, to []string, messageReader io.Reader) (err
 	containsUnencryptedRecipients := false
 
 	for _, email := range to {
+		if !looksLikeEmail(email) {
+			return errors.New(`"` + email + `" is not a valid recipient.`)
+		}
+
 		// PMEL 1.
 		contactEmails, err := su.client.GetContactEmailByEmail(email, 0, 1000)
 		if err != nil {
diff --git a/internal/smtp/utils.go b/internal/smtp/utils.go
index 263019e9..0f3d38ba 100644
--- a/internal/smtp/utils.go
+++ b/internal/smtp/utils.go
@@ -19,11 +19,23 @@ package smtp
 
 import (
 	"encoding/base64"
+	"regexp"
 
 	pmcrypto "github.com/ProtonMail/gopenpgp/crypto"
 	"github.com/ProtonMail/proton-bridge/pkg/pmapi"
 )
 
+//nolint:gochecknoglobals // Used like a constant
+var mailFormat = regexp.MustCompile(`.+@.+\..+`)
+
+// looksLikeEmail validates whether the string resembles an email.
+//
+// Notice that it does this naively by simply checking for the existence
+// of a DOT and an AT sign.
+func looksLikeEmail(e string) bool {
+	return mailFormat.MatchString(e)
+}
+
 func createPackets(
 	pubkey *pmcrypto.KeyRing,
 	bodyKey *pmcrypto.SymmetricKey,