Loading ...
Sorry, an error occurred while loading the content.

Misdeliveries of messages

Expand Messages
  • Marcin Szymonik
    Hello Everyone, I experience a strange problem with our mail system. Sometimes an user gets a message which should be delivered to another user. As most
    Message 1 of 19 , Dec 9, 2013
    • 0 Attachment
      Hello Everyone,

      I experience a strange problem with our mail system.
      Sometimes an user gets a message which should be delivered to another user.
      As most messages are delivered properly I can't reproduce that but I have
      some logs connected with this problem.

      Dec 8 20:36:26 serwery postfix/smtpd[2112]: connect from
      mta147.esp4.eu[178.33.185.147]
      Dec 8 20:36:27 serwery postfix/smtpd[2112]: 0DFFADE3C8B:
      client=mta147.esp4.eu[178.33.185.147]
      Dec 8 20:36:27 serwery postfix/cleanup[27880]: 0DFFADE3C8B:
      message-id=<0.0.A.F4.1CEF44D1247F0B2.0@...>
      Dec 8 20:36:27 serwery postfix/smtpd[6007]: connect from
      ut.pl[178.250.45.37]
      Dec 8 20:36:27 serwery postfix/smtpd[6007]: 1B54EDE3C90:
      client=ut.pl[178.250.45.37]
      Dec 8 20:36:27 serwery postfix/cleanup[28725]: 1B54EDE3C90:
      message-id=<3CCEA7A26F3E4A69BAD8578B55ED7319@m19c68eb1c6704>
      Dec 8 20:36:27 serwery postfix/smtpd[6007]: disconnect from
      ut.pl[178.250.45.37]
      Dec 8 20:36:27 serwery postfix/qmgr[5555]: 1B54EDE3C90: from=<biuro@...>,
      size=975, nrcpt=1 (queue active)
      Dec 8 20:36:27 serwery postfix/qmgr[5555]: 0DFFADE3C8B:
      from=<28565-59746125@...>, size=20398, nrcpt=1 (queue
      active)
      Dec 8 20:36:27 serwery postfix/smtpd[2112]: disconnect from
      mta147.esp4.eu[178.33.185.147]
      Dec 8 20:36:27 serwery postfix/pickup[23435]: 43E18DE3C9A: uid=500
      from=<biuro@...>
      Dec 8 20:36:27 serwery postfix/cleanup[28725]: 43E18DE3C9A:
      message-id=<0.0.A.F4.1CEF44D1247F0B2.0@...>

      As you can see there are two connections, one from biuro@... to user A
      with message-id 3CCEA7A26F3E4A69BAD8578B55ED7319@m19c68eb1c6704 and one from
      28565-59746125@... to user B with message-id
      0.0.A.F4.1CEF44D1247F0B2.0@....
      Now look at the last two lines - postfix processes the message
      0.0.A.F4.1CEF44D1247F0B2.0@... as it is from biuro@... instead
      of 28565-59746125@... and actually delivers the message to
      user A instead of user B.

      > postconf -n -c /etc/postfix2
      alias_database = hash:/etc/aliases
      alias_maps = hash:/etc/aliases
      command_directory = /usr/sbin
      config_directory = /etc/postfix2
      daemon_directory = /usr/libexec/postfix
      data_directory = /var/lib/postfix2
      debug_peer_level = 2
      html_directory = no
      inet_interfaces = (my ip)
      inet_protocols = all
      mail_owner = postfix
      mailq_path = /usr/bin/mailq.postfix
      manpage_directory = /usr/share/man
      message_size_limit = 20480000
      mydestination = $myhostname, localhost.$mydomain, localhost
      myhostname = (my host)
      newaliases_path = /usr/bin/newaliases.postfix
      queue_directory = /var/spool/postfix2
      readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
      sample_directory = /usr/share/doc/postfix-2.6.6/samples
      sendmail_path = /usr/sbin/sendmail.postfix
      setgid_group = postdrop
      smtpd_recipient_restrictions = check_policy_service unix:private/policy,
      reject_unauth_destination, reject_rbl_client zen.spamhaus.org
      smtpd_sasl_auth_enable = yes
      smtpd_sasl_path = /var/spool/postfix2/private/auth
      smtpd_sasl_type = dovecot
      smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem
      smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem
      unknown_local_recipient_reject_code = 550
      virtual_gid_maps = static:500
      virtual_mailbox_base = /var/spool/mail/poczta_vmail
      virtual_mailbox_domains = (my domains)
      virtual_mailbox_maps = mysql:/etc/postfix2/mailboxes.cf
      virtual_transport = dovecot
      virtual_uid_maps = static:500

      We run two postfix instances.
      It's postfix 2.6.6 (postfix-2.6.6-2.2.el6_1.x86_64) running on Centos 6.2

      Any ideas?
      --
      Marcin Szymonik
      szymonik.m@...
    • Wietse Venema
      Marcin Szymonik: [ Charset ISO-8859-2 unsupported, converting... ] ... Some lines are missing here. They would show how the message is delivered to a content
      Message 2 of 19 , Dec 9, 2013
      • 0 Attachment
        Marcin Szymonik:
        [ Charset ISO-8859-2 unsupported, converting... ]
        > Hello Everyone,
        >
        > I experience a strange problem with our mail system.
        > Sometimes an user gets a message which should be delivered to another user.
        > As most messages are delivered properly I can't reproduce that but I have
        > some logs connected with this problem.
        >
        > Dec 8 20:36:26 serwery postfix/smtpd[2112]: connect from
        > mta147.esp4.eu[178.33.185.147]
        >
        > Dec 8 20:36:27 serwery postfix/smtpd[2112]: 0DFFADE3C8B:
        > client=mta147.esp4.eu[178.33.185.147]
        >
        > Dec 8 20:36:27 serwery postfix/cleanup[27880]: 0DFFADE3C8B:
        > message-id=<0.0.A.F4.1CEF44D1247F0B2.0@...>
        >
        > Dec 8 20:36:27 serwery postfix/qmgr[5555]: 0DFFADE3C8B:
        > from=<28565-59746125@...>, size=20398, nrcpt=1
        > (queue active)
        >
        > Dec 8 20:36:27 serwery postfix/smtpd[2112]: disconnect from
        > mta147.esp4.eu[178.33.185.147]

        Some lines are missing here. They would show how the message is
        delivered to a content filter.

        > Dec 8 20:36:27 serwery postfix/pickup[23435]: 43E18DE3C9A: uid=500
        > from=<biuro@...>
        >
        > Dec 8 20:36:27 serwery postfix/cleanup[28725]: 43E18DE3C9A:
        > message-id=<0.0.A.F4.1CEF44D1247F0B2.0@...>

        You appear to have a broken content filter script.

        Wietse
      • Marcin Szymonik
        Thanks for your reply. ... I m sending more logs below. ... Why do you think so? I m sending content filter configuration and script below - please take a
        Message 3 of 19 , Dec 9, 2013
        • 0 Attachment
          Thanks for your reply.

          > Some lines are missing here. They would show how the message is
          > delivered to a content filter.

          I'm sending more logs below.

          > You appear to have a broken content filter script.

          Why do you think so?
          I'm sending content filter configuration and script below - please take a
          look.

          More logs:
          Dec 8 20:36:26 serwery postfix/smtpd[2112]: connect from
          mta147.esp4.eu[178.33.185.147]
          Dec 8 20:36:27 serwery postfix/smtpd[2112]: 0DFFADE3C8B:
          client=mta147.esp4.eu[178.33.185.147]
          Dec 8 20:36:27 serwery postfix/cleanup[27880]: 0DFFADE3C8B:
          message-id=<0.0.A.F4.1CEF44D1247F0B2.0@...>
          Dec 8 20:36:27 serwery postfix/smtpd[6007]: connect from
          ut.pl[178.250.45.37]
          Dec 8 20:36:27 serwery postfix/smtpd[6007]: 1B54EDE3C90:
          client=ut.pl[178.250.45.37]
          Dec 8 20:36:27 serwery postfix/cleanup[28725]: 1B54EDE3C90:
          message-id=<3CCEA7A26F3E4A69BAD8578B55ED7319@m19c68eb1c6704>
          Dec 8 20:36:27 serwery postfix/smtpd[6007]: disconnect from
          ut.pl[178.250.45.37]
          Dec 8 20:36:27 serwery postfix/qmgr[5555]: 1B54EDE3C90: from=<biuro@...>,
          size=975, nrcpt=1 (queue active)
          Dec 8 20:36:27 serwery postfix/qmgr[5555]: 0DFFADE3C8B:
          from=<28565-59746125@...>, size=20398, nrcpt=1 (queue
          active)
          Dec 8 20:36:27 serwery postfix/smtpd[2112]: disconnect from
          mta147.esp4.eu[178.33.185.147]
          Dec 8 20:36:27 serwery postfix/pickup[23435]: 43E18DE3C9A: uid=500
          from=<biuro@...>
          Dec 8 20:36:27 serwery postfix/cleanup[28725]: 43E18DE3C9A:
          message-id=<0.0.A.F4.1CEF44D1247F0B2.0@...>
          Dec 8 20:36:27 serwery postfix/pipe[7758]: 1B54EDE3C90:
          to=<user1@...>, relay=filter, delay=0.18, delays=0.06/0.02/0/0.11,
          dsn=2.0.0, status=sent (delivered via filter service)
          Dec 8 20:36:27 serwery postfix/qmgr[5555]: 1B54EDE3C90: removed
          Dec 8 20:36:27 serwery postfix/pipe[24740]: 0DFFADE3C8B:
          to=<user2@...>, relay=filter, delay=0.3, delays=0.16/0.02/0/0.13,
          dsn=2.0.0, status=sent (delivered via filter service)
          Dec 8 20:36:27 serwery postfix/qmgr[5555]: 0DFFADE3C8B: removed
          Dec 8 20:36:27 serwery postfix/qmgr[5555]: 43E18DE3C9A: from=<biuro@...>,
          size=20507, nrcpt=1 (queue active)
          Dec 8 20:36:27 serwery postfix/pickup[23435]: 4D495DE3C8B: uid=500
          from=<28565-59746125@...>
          Dec 8 20:36:27 serwery postfix/cleanup[27880]: 4D495DE3C8B:
          message-id=<0.0.A.F4.1CEF44D1247F0B2.0@...>
          Dec 8 20:36:27 serwery postfix/qmgr[5555]: 4D495DE3C8B:
          from=<28565-59746125@...>, size=20507, nrcpt=1 (queue
          active)
          Dec 8 20:36:27 serwery dovecot: lda(user1@...): sieve:
          msgid=<0.0.A.F4.1CEF44D1247F0B2.0@...>: stored mail into mailbox
          'INBOX'
          Dec 8 20:36:27 serwery postfix/pipe[18099]: 43E18DE3C9A:
          to=<user1@...>, relay=dovecot, delay=0.28, delays=0.08/0/0/0.2,
          dsn=2.0.0, status=sent (delivered via dovecot service)
          Dec 8 20:36:27 serwery postfix/qmgr[5555]: 43E18DE3C9A: removed
          Dec 8 20:36:27 serwery dovecot: lda(user2@...): sieve:
          msgid=<0.0.A.F4.1CEF44D1247F0B2.0@...>: stored mail into mailbox
          'INBOX'
          Dec 8 20:36:27 serwery postfix/pipe[1473]: 4D495DE3C8B:
          to=<user2@...>, relay=dovecot, delay=0.48, delays=0.2/0/0/0.28,
          dsn=2.0.0, status=sent (delivered via dovecot service)
          Dec 8 20:36:27 serwery postfix/qmgr[5555]: 4D495DE3C8B: removed

          /etc/postfix2/master.cf:
          submission inet n - n - - smtpd
          # -o smtpd_tls_security_level=encrypt
          -o smtpd_sasl_auth_enable=yes
          -o smtpd_client_restrictions=permit_sasl_authenticated,reject
          -o milter_macro_daemon_name=ORIGINATING
          -o content_filter=filter:dummy

          smtps inet n - n - - smtpd
          -o smtpd_tls_wrappermode=yes
          -o smtpd_sasl_auth_enable=yes
          -o smtpd_client_restrictions=permit_sasl_authenticated,reject
          -o milter_macro_daemon_name=ORIGINATING
          -o content_filter=filter:dummy

          policy unix - n n - 0 spawn
          user=nobody argv=/usr/libexec/postfix/poczta_policy.php

          filter unix - n n - 10 pipe
          flags=Rq user=marcin null_sender=
          argv=/usr/bin/filter_poczta.php -s ${sender} -r ${recipient} -u
          ${sasl_username}

          smtp inet n - n - - smtpd
          -o content_filter=filter:dummy

          dovecot unix - n n - - pipe
          flags=DRhu user=marcin argv=/usr/libexec/dovecot/deliver -c
          /etc/dovecot2/dovecot.conf -f ${sender} -d ${recipient}

          /usr/bin/filter_poczta.php:
          #!/usr/bin/php
          <?
          $db_name='poczta';
          $db_user='user';
          $db_pass='pass';
          $inspect_dir='/tmp';
          $sendmail='/usr/sbin/sendmail -G -i';
          $ex_tempfail=75;
          $ex_unavailable=69;

          function error()
          {
          global $f;
          global $file;
          global $ex_tempfail;

          fclose($f);
          unlink($file);
          echo('Cannot save mail to file');
          exit($ex_tempfail);
          }

          $options=getopt('s:r:u:');
          $sender=$options['s'];
          $recipient=$options['r'];
          $user=$options['u'];

          if(!chdir($inspect_dir))
          {
          echo("$inspect_dir does not exist");
          exit($ex_tempfail);
          }

          $file=uniqid();
          $f=fopen($file,'w');
          $content=fread(STDIN,8192);
          if($content===false) error();
          if(fwrite($f,$content)===false) error();
          while(true)
          {
          $data=fread(STDIN,8192);
          if($data===false) error();
          if(!$data) break;
          if(fwrite($f,$data)===false) error();
          }
          fclose($f);

          mysql_connect('127.0.0.1',$db_user,$db_pass);
          mysql_query('SET NAMES latin2');

          if($user)
          {
          exec("$sendmail -f $sender -- $recipient < $file",$out,$status);
          }
          else
          {
          (check if spam)

          if($spam) exec("/usr/bin/formail -I 'X-Spam-Flag: YES' <
          $file|$sendmail -f $sender -- $recipient",$out,$status);
          else exec("$sendmail -f $sender -- $recipient < $file",$out,$status);
          }

          mysql_close();
          unlink($file);
          exit($status);
          ?>

          Thanks
          --
          Marcin Szymonik
          szymonik.m@...
        • Wietse Venema
          I see several problems with the content filter. First the content filter appears to be using the same temporary file when different messages arrive at almost
          Message 4 of 19 , Dec 9, 2013
          • 0 Attachment
            I see several problems with the content filter.

            First the content filter appears to be using the same temporary
            file when different messages arrive at almost the same time.

            Before your content filter, these messages have different message
            IDs:

            message-id=<0.0.A.F4.1CEF44D1247F0B2.0@...>
            message-id=<3CCEA7A26F3E4A69BAD8578B55ED7319@m19c68eb1c6704>

            After your content filter, the messages have the same message ID:

            message-id=<0.0.A.F4.1CEF44D1247F0B2.0@...>
            message-id=<0.0.A.F4.1CEF44D1247F0B2.0@...>

            This means that the messages were using the same file.

            > $file=uniqid();
            > $f=fopen($file,'w');

            Try prepending the process ID to the uniqid() result.

            Second, your content filter will mis-deliver email with more than
            one recipient.

            As documented in the pipe(8) manpage, ${recipient} will expand into
            multiple command-line arguments.

            > filter unix - n n - 10 pipe
            > flags=Rq user=marcin null_sender=
            > argv=/usr/bin/filter_poczta.php -s ${sender} -r ${recipient} -u
            > ${sasl_username}

            To avoid this error specify:

            /etc/postfix/main.cf:
            filter_destination_recipient_limit = 1

            (and execute "postfix reload").

            I suspect that there is a similar issue with your pipe-to-dovecot
            adapter. Again, setting "dovecot_destination_recipient_limit = 1"
            will avoid this error.

            Wietse

            Message 1 before filter:

            > Dec 8 20:36:26 serwery postfix/smtpd[2112]: connect from mta147.esp4.eu[178.33.185.147]
            > Dec 8 20:36:27 serwery postfix/smtpd[2112]: 0DFFADE3C8B: client=mta147.esp4.eu[178.33.185.147]
            > Dec 8 20:36:27 serwery postfix/cleanup[27880]: 0DFFADE3C8B: message-id=<0.0.A.F4.1CEF44D1247F0B2.0@...>
            > Dec 8 20:36:27 serwery postfix/qmgr[5555]: 0DFFADE3C8B: from=<28565-59746125@...>, size=20398, nrcpt=1 (queue active)
            > Dec 8 20:36:27 serwery postfix/smtpd[2112]: disconnect from mta147.esp4.eu[178.33.185.147]
            > Dec 8 20:36:27 serwery postfix/pipe[24740]: 0DFFADE3C8B: to=<user2@...>, relay=filter, delay=0.3, delays=0.16/0.02/0/0.13, dsn=2.0.0, status=sent (d
            elivered via filter service)
            > Dec 8 20:36:27 serwery postfix/qmgr[5555]: 0DFFADE3C8B: removed

            Message 1 after filter:

            > Dec 8 20:36:27 serwery postfix/pickup[23435]: 4D495DE3C8B: uid=500 from=<28565-59746125@...>
            > Dec 8 20:36:27 serwery postfix/cleanup[27880]: 4D495DE3C8B: message-id=<0.0.A.F4.1CEF44D1247F0B2.0@...>
            > Dec 8 20:36:27 serwery postfix/qmgr[5555]: 4D495DE3C8B: from=<28565-59746125@...>, size=20507, nrcpt=1 (queue active)
            > Dec 8 20:36:27 serwery dovecot: lda(user2@...): sieve: msgid=<0.0.A.F4.1CEF44D1247F0B2.0@...>: stored mail into mailbox 'INBOX'
            > Dec 8 20:36:27 serwery postfix/pipe[1473]: 4D495DE3C8B: to=<user2@...>, relay=dovecot, delay=0.48, delays=0.2/0/0/0.28, dsn=2.0.0, status=sent (deli
            vered via dovecot service)
            > Dec 8 20:36:27 serwery postfix/qmgr[5555]: 4D495DE3C8B: removed

            Message 2 before filter:

            > Dec 8 20:36:27 serwery postfix/smtpd[6007]: connect from ut.pl[178.250.45.37]
            > Dec 8 20:36:27 serwery postfix/smtpd[6007]: 1B54EDE3C90: client=ut.pl[178.250.45.37]
            > Dec 8 20:36:27 serwery postfix/cleanup[28725]: 1B54EDE3C90: message-id=<3CCEA7A26F3E4A69BAD8578B55ED7319@m19c68eb1c6704>
            > Dec 8 20:36:27 serwery postfix/smtpd[6007]: disconnect from ut.pl[178.250.45.37]
            > Dec 8 20:36:27 serwery postfix/qmgr[5555]: 1B54EDE3C90: from=<biuro@...>, size=975, nrcpt=1 (queue active)
            > Dec 8 20:36:27 serwery postfix/pipe[7758]: 1B54EDE3C90: to=<user1@...>, relay=filter, delay=0.18, delays=0.06/0.02/0/0.11, dsn=2.0.0, status=sent (d
            elivered via filter service)
            > Dec 8 20:36:27 serwery postfix/qmgr[5555]: 1B54EDE3C90: removed

            Message 2 after filter (note that the content has been replaced
            with message 1, but the sender and recipient have not been replaced):

            > Dec 8 20:36:27 serwery postfix/pickup[23435]: 43E18DE3C9A: uid=500 from=<biuro@...>
            > Dec 8 20:36:27 serwery postfix/cleanup[28725]: 43E18DE3C9A: message-id=<0.0.A.F4.1CEF44D1247F0B2.0@...>
            > Dec 8 20:36:27 serwery postfix/qmgr[5555]: 43E18DE3C9A: from=<biuro@...>, size=20507, nrcpt=1 (queue active)
            > Dec 8 20:36:27 serwery dovecot: lda(user1@...): sieve: msgid=<0.0.A.F4.1CEF44D1247F0B2.0@...>: stored mail into mailbox 'INBOX'
            > Dec 8 20:36:27 serwery postfix/pipe[18099]: 43E18DE3C9A: to=<user1@...>, relay=dovecot, delay=0.28, delays=0.08/0/0/0.2, dsn=2.0.0, status=sent (del
            ivered via dovecot service)
            > Dec 8 20:36:27 serwery postfix/qmgr[5555]: 43E18DE3C9A: removed
          • Wietse Venema
            ... Oh, and the above is extremely vulnerable to shell command injection. Using quotes like $sender won t make your code safe to use. Instead, you need to
            Message 5 of 19 , Dec 9, 2013
            • 0 Attachment
              Marcin Szymonik:
              > if($user)
              > {
              > exec("$sendmail -f $sender -- $recipient < $file",$out,$status);
              > }
              > else
              > {
              > (check if spam)
              >
              > if($spam) exec("/usr/bin/formail -I 'X-Spam-Flag: YES' <
              > $file|$sendmail -f $sender -- $recipient",$out,$status);
              > else exec("$sendmail -f $sender -- $recipient < $file",$out,$status);
              > }

              Oh, and the above is extremely vulnerable to shell command injection.
              Using quotes like '$sender' won't make your code safe to use.

              Instead, you need to eliminate all characters except those that are
              known to be safe: a-zA-Z0-9_@:=+, the '-', and maybe a few more.

              Otherwise, see http://www.php.net/manual/en/function.exec.php for
              suggestions (I do not know whether these suggestions actually solve
              the problem).

              The real fix is not to process the above commands with the shell.

              Wietse
            • Viktor Dukhovni
              ... I would say the one and only fix which is not optional. You can build argument arrays for execve(2) with externally supplied data elements, but you must
              Message 6 of 19 , Dec 9, 2013
              • 0 Attachment
                On Mon, Dec 09, 2013 at 12:56:04PM -0500, Wietse Venema wrote:

                > The real fix is not to process the above commands with the shell.

                I would say "the one and only fix" which is not optional. You can
                build argument arrays for execve(2) with externally supplied data
                elements, but you must never build shell command lines with untrusted
                content.

                Shell-quoting the input reliably is simply too hard, avoid the shell
                for command execution with any remotely supplied arguments (such
                as in this case email addresses).

                --
                Viktor.
              • LuKreme
                ... what about é and ø? Or aren t we utf-8 clean on email addresses yet? -- What if your DOPE was on fire? Impossible, sir, it s in Johnson s underwear.
                Message 7 of 19 , Dec 9, 2013
                • 0 Attachment
                  In our previous episode (Monday, 09-Dec-2013), Wietse Venema said:
                  > Instead, you need to eliminate all characters except those that are
                  > known to be safe: a-zA-Z0-9_@:=+, the '-', and maybe a few more.

                  what about é and ø? Or aren't we utf-8 clean on email addresses yet?

                  --
                  "What if your DOPE was on fire?"
                  "Impossible, sir, it's in Johnson's underwear."
                • lists@rhsoft.net
                  ... * the local part must not contain special chars * the domain itself does not exist with UTF8 if you look at a nameserver configured vor a IDN domain you
                  Message 8 of 19 , Dec 9, 2013
                  • 0 Attachment
                    Am 09.12.2013 20:03, schrieb LuKreme:
                    > In our previous episode (Monday, 09-Dec-2013), Wietse Venema said:
                    >> Instead, you need to eliminate all characters except those that are
                    >> known to be safe: a-zA-Z0-9_@:=+, the '-', and maybe a few more.
                    >
                    > what about é and ø? Or aren't we utf-8 clean on email addresses yet?

                    * the local part must not contain special chars
                    * the domain itself does not exist with UTF8

                    if you look at a nameserver configured vor a IDN domain
                    you will see nothing else than Punnycode, in fact any client
                    translates the userinput to punnycode

                    honestly you have everywhere Punnycode (DNS, webserverconfig as
                    well as mailserverconfig) and nothing else on the low-level side
                    and so postfix will hardly see unicode in the envelope

                    http://en.wikipedia.org/wiki/Punycode
                  • Marcin Szymonik
                    Thank you so much! You really helped me a lot. All the best :-) -- Marcin Szymonik szymonik.m@gmail.com
                    Message 9 of 19 , Dec 9, 2013
                    • 0 Attachment
                      Thank you so much!
                      You really helped me a lot.
                      All the best :-)
                      --
                      Marcin Szymonik
                      szymonik.m@...
                    • LuKreme
                      ... Is that your policy or are you claiming that is a standard? RFC 6530 covers UTF-8 email addresses and how they should be handled my MTAs. -- People who
                      Message 10 of 19 , Dec 10, 2013
                      • 0 Attachment
                        In our previous episode (Monday, 09-Dec-2013), "lists@..." said:
                        > * the local part must not contain special chars

                        Is that your policy or are you claiming that is a standard? RFC 6530 covers UTF-8 email addresses and how they should be handled my MTAs.

                        --
                        People who would not believe a High Priest if he said the sky was blue,
                        and was able to produce signed affidavits to this effect from his
                        white-haired old mother and three Vestal virgins, would trust just about
                        anything whispered darkly behind their hand by a complete stranger.
                      • lists@rhsoft.net
                        ... it is fact ... fine, read it, how does this affect the current world? http://www.rfc-editor.org/info/rfc6530 Status: PROPOSED STANDARD IETF State: WG
                        Message 11 of 19 , Dec 10, 2013
                        • 0 Attachment
                          Am 10.12.2013 15:18, schrieb LuKreme:
                          > In our previous episode (Monday, 09-Dec-2013), "lists@..." said:
                          >> * the local part must not contain special chars
                          >
                          > Is that your policy or are you claiming that is a standard?

                          it is fact

                          > RFC 6530 covers UTF-8 email addresses and how they should be handled my MTAs.

                          fine, read it, how does this affect the current world?
                          http://www.rfc-editor.org/info/rfc6530

                          Status: PROPOSED STANDARD
                          IETF State: WG Document
                          Consensus: Unknown

                          http://datatracker.ietf.org/doc/rfc6530/?include_text=1
                          _________________________________

                          in order to use internationalized email addresses, it is necessary to
                          internationalize both the domain part and the local part of email
                          addresses. The domain part of email addresses is already
                          internationalized [RFC5890], while the local part is not. Without
                          the extensions specified in this document, the mailbox name is
                          restricted to a subset of 7-bit ASCII [RFC5321]

                          Though MIME [RFC2045] enables the transport of non-ASCII data, it does not
                          provide a mechanism for internationalized email addresses. In RFC
                          2047 [RFC2047], MIME defines an encoding mechanism for some specific
                          message header fields to accommodate non-ASCII data. However, it
                          does not permit the use of email addresses that include non-ASCII
                          characters. Without the extensions defined here, or some equivalent
                          set, the only way to incorporate non-ASCII characters in any part of
                          email addresses is to use RFC 2047 coding to embed them in what RFC
                          5322 [RFC5322] calls the "display name" (known as a "name phrase" or
                          by other terms elsewhere) of the relevant header fields. Information
                          coded into the display name is invisible in the message envelope and,
                          for many purposes, is not part of the address at all.
                        • Wietse Venema
                          ... Postfix does not currently implement RFC 6530. Postfix currently implements Internet mail up to and including RFC 5321/5322, and protocols that depend on
                          Message 12 of 19 , Dec 10, 2013
                          • 0 Attachment
                            In our previous episode (Monday, 09-Dec-2013), "lists@..." said:
                            > * the local part must not contain special chars

                            LuKreme:
                            > Is that your policy or are you claiming that is a standard? RFC
                            > 6530 covers UTF-8 email addresses and how they should be handled
                            > my MTAs.

                            Postfix does not currently implement RFC 6530.

                            Postfix currently implements Internet mail up to and including RFC
                            5321/5322, and protocols that depend on it such as MIME and DKIM.
                            This means that Postfix correctly handles 7-bit SMTP envelopes,
                            7-bit message headers, 8-bit message content, and 8-to-7bit MIME
                            coversion. Postfix actually supports more, but those extras are
                            not defined by RFCs.

                            Wietse
                          • Marcin Szymonik
                            ... Thanks for these tips too. I decided to popen() directly to sendmail without saving a message to tmp file. Unfortunately I don t see any php function
                            Message 13 of 19 , Dec 11, 2013
                            • 0 Attachment
                              > The real fix is not to process the above commands with the shell.

                              Thanks for these tips too.

                              I decided to popen() directly to sendmail without saving a message to tmp
                              file.
                              Unfortunately I don't see any php function allowing to popen without
                              executing a command with the shell.
                              What do you think would be the best solution?
                              Switch to another scripting language?
                              Switch to "advanced content filter" like described at
                              http://www.postfix.org/FILTER_README.html ?
                              --
                              Marcin Szymonik
                              szymonik.m@...
                            • Brian Evans
                              ... Why keep reinventing the wheel? I use the PEAR Mail class which includes SMTP and Sendmail delivery methods. This already implements popen to sendmail or
                              Message 14 of 19 , Dec 11, 2013
                              • 0 Attachment
                                On 12/11/2013 8:37 AM, Marcin Szymonik wrote:
                                >> The real fix is not to process the above commands with the shell.
                                >
                                > Thanks for these tips too.
                                >
                                > I decided to popen() directly to sendmail without saving a message to
                                > tmp file.
                                > Unfortunately I don't see any php function allowing to popen without
                                > executing a command with the shell.
                                > What do you think would be the best solution?
                                > Switch to another scripting language?
                                > Switch to "advanced content filter" like described at
                                > http://www.postfix.org/FILTER_README.html ?
                                > --
                                > Marcin Szymonik
                                > szymonik.m@...
                                >
                                Why keep reinventing the wheel?

                                I use the PEAR Mail class which includes SMTP and Sendmail delivery methods.
                                This already implements popen to sendmail or it can send via a full SMTP
                                transaction.

                                Brian
                              • lists@rhsoft.net
                                ... the scripting language does not matter, the dangerous call of shell commands with unknown remote input is the problem see here why
                                Message 15 of 19 , Dec 11, 2013
                                • 0 Attachment
                                  Am 11.12.2013 14:37, schrieb Marcin Szymonik:
                                  >> The real fix is not to process the above commands with the shell.
                                  >
                                  > Thanks for these tips too.
                                  >
                                  > I decided to popen() directly to sendmail without saving a message to tmp file.
                                  > Unfortunately I don't see any php function allowing to popen without executing a command with the shell.
                                  > What do you think would be the best solution?
                                  > Switch to another scripting language?

                                  the scripting language does not matter, the dangerous call of
                                  shell commands with unknown remote input is the problem

                                  see here why
                                  http://www.securityfocus.com/archive/1/526591

                                  don't do such things on a server
                                  talk with network services and not with shells and pipes

                                  > Switch to "advanced content filter" like described at http://www.postfix.org/FILTER_README.html?

                                  switch to a "advanced content filter"
                                • "M.Atıf CEYLAN"
                                  ... There are some functions in php to executing shell or another program. exec, system or piping like popen (popen, fopen). But I think you want to do
                                  Message 16 of 19 , Dec 11, 2013
                                  • 0 Attachment
                                    On 11-12-2013 15:37, Marcin Szymonik wrote:
                                    > Unfortunately I don't see any php function allowing to popen without
                                    > executing a command with the shell.
                                    There are some functions in php to executing shell or another program.
                                    exec, system or piping like popen (popen, fopen). But I think you want
                                    to do "without executing". This is possible only with system chmod
                                    setting it's not related any language.

                                    --
                                    M.Atıf CEYLAN
                                    Yurdum Yazılım
                                  • lists@rhsoft.net
                                    ... please read the thread, nobody is talking about system chmod the question is how to avoid *the need* of execute a script/application with params the answer
                                    Message 17 of 19 , Dec 11, 2013
                                    • 0 Attachment
                                      Am 11.12.2013 14:49, schrieb M.Atıf CEYLAN:
                                      > On 11-12-2013 15:37, Marcin Szymonik wrote:
                                      >> Unfortunately I don't see any php function allowing to popen without executing a command with the shell.
                                      > There are some functions in php to executing shell or another program. exec, system or piping like popen (popen,
                                      > fopen). But I think you want to do "without executing". This is possible only with system chmod setting it's not
                                      > related any language

                                      please read the thread, nobody is talking about system chmod
                                      the question is how to avoid *the need* of execute a script/application with params
                                      the answer is use network-aware daemons instead
                                    • Marcin Szymonik
                                      OK, I think I will pass messages to localhost 25 or use advanced content filter . Many thanks -- Marcin Szymonik szymonik.m@gmail.com
                                      Message 18 of 19 , Dec 11, 2013
                                      • 0 Attachment
                                        OK, I think I will pass messages to localhost 25 or use "advanced content
                                        filter".
                                        Many thanks
                                        --
                                        Marcin Szymonik
                                        szymonik.m@...
                                      • Wietse Venema
                                        ... Perl or Python come to mind... ... That would probably be better. Postfix is often used with amavisd-new http://www.amavis.org/
                                        Message 19 of 19 , Dec 11, 2013
                                        • 0 Attachment
                                          Marcin Szymonik:
                                          > > The real fix is not to process the above commands with the shell.
                                          >
                                          > Thanks for these tips too.
                                          >
                                          > I decided to popen() directly to sendmail without saving a message to tmp
                                          > file.
                                          > Unfortunately I don't see any php function allowing to popen without
                                          > executing a command with the shell.
                                          > What do you think would be the best solution?
                                          > Switch to another scripting language?

                                          Perl or Python come to mind...

                                          > Switch to "advanced content filter" like described at
                                          > http://www.postfix.org/FILTER_README.html ?

                                          That would probably be better. Postfix is often used with amavisd-new
                                          http://www.amavis.org/
                                          http://en.wikipedia.org/wiki/Amavisd-new

                                          Wietse
                                        Your message has been successfully submitted and would be delivered to recipients shortly.