A NOTE has been added to this issue. ====================================================================== http://dbmail.org/mantis/view.php?id=936 ====================================================================== Reported By: pada Assigned To: ====================================================================== Project: DBMail Issue ID: 936 Category: Sieve (delivery, dbmail-sievecmd, dbmail-timsieved) Reproducibility: always Severity: minor Priority: normal Status: new target: ====================================================================== Date Submitted: 29-Oct-11 19:47 CEST Last Modified: 30-Oct-11 01:19 CEST ====================================================================== Summary: dbmail vacation does not check recipient headers Description: http://tools.ietf.org/id/draft-ietf-sieve-vacation-07.txt states:
--------------------------------------------------------------------------- 4.5. Address Parameter and Limiting Replies to Personal Messages "Vacation" MUST NOT respond to a message unless the recipient user's email address is in a "To", "Cc", "Bcc", "Resent-To", "Resent-Cc", or "Resent-Bcc" line of the original message. --------------------------------------------------------------------------- Currently, the modules/sortsieve.c:sort_vacation() does not care about recipient headers (To, Cc, Bcc, Resent-To, Resent-Cc, Resent-Bcc, Envelope Recipient Address, etc.). It just sends out a vacation using function send_vacation(). If the message is received via a mailing list, a vacation message is sent, which should not happen. According to the draft, the headers of the incoming message need to be checked against valid :from and :addresses and any addresses that dbmail thinks belong to the usermailbox. ====================================================================== ---------------------------------------------------------------------- (0003313) jasb (reporter) - 29-Oct-11 20:03 http://dbmail.org/mantis/view.php?id=936#c3313 ---------------------------------------------------------------------- This is already fixed in the last version, either dbmail or libsieve. I had the same problem and Paul made a patch for it (no idea where it is). ---------------------------------------------------------------------- (0003314) paul (administrator) - 29-Oct-11 20:09 http://dbmail.org/mantis/view.php?id=936#c3314 ---------------------------------------------------------------------- Indeed. This is a libsieve bug fixed by https://github.com/sodabrew/libsieve/commit/590333dcc798e4d0eddb955fa239de3e9681fbb7 The libsieve 2.2.8rc1 packages on debian.nfgd.net also contain this patch. ---------------------------------------------------------------------- (0003315) jasb (reporter) - 29-Oct-11 20:25 http://dbmail.org/mantis/view.php?id=936#c3315 ---------------------------------------------------------------------- Paul, I have that on my sources.list, but the only libsieve I have available is 2.2.6. deb http://debian.nfgd.net/debian stable main What am I missing? ---------------------------------------------------------------------- (0003316) pada (reporter) - 29-Oct-11 20:25 http://dbmail.org/mantis/view.php?id=936#c3316 ---------------------------------------------------------------------- The Ubuntu Long Term Support (LTS) Release "Lucid 10.04.3" contains libsieve version 2.2.6-1: http://packages.ubuntu.com/lucid/libsieve2-1 ---------------------------------------------------------------------- (0003317) pada (reporter) - 29-Oct-11 21:18 http://dbmail.org/mantis/view.php?id=936#c3317 ---------------------------------------------------------------------- Just filed a bug report for libsieve at launchpad: https://bugs.launchpad.net/ubuntu/+source/libsieve/+bug/883627 ---------------------------------------------------------------------- (0003318) paul (administrator) - 29-Oct-11 22:11 http://dbmail.org/mantis/view.php?id=936#c3318 ---------------------------------------------------------------------- Please note. There is *no* official 2.2.8-rc1 release. The 2.2.8-rc1 version available at http://debian.nfgd.net/debian/dists/sid/main/source/libs/ was provided by me as a service to the dbmail community. ---------------------------------------------------------------------- (0003319) pada (reporter) - 30-Oct-11 01:19 http://dbmail.org/mantis/view.php?id=936#c3319 ---------------------------------------------------------------------- I patched my libsieve and now it works correctly only if set both :addresses ["mailboxu...@example.org","user.n...@example.org"] and do NOT define any :from address. In the following snippet from libsieve, the variable "found" is set from c->u.v.from, therefore if :from was configured in the sieve script, the recipient headers will NOT be checked, since found was already set by :from. Isn't there a logical error and the recipient headers should be respected always, even if :from is set? if (l == SIEVE2_OK) { /* OK, we're willing to respond to the sender. But is this * message to me? That is, is my address in the TO, Cc, Bcc, * Resent-To, Resent-Cc, or Resent-Bcc fields? But if the * vacation action contains :from directive, then set the * sender address accordingly */ if (c->u.v.from != NULL) found = c->u.v.from; if (!found && (libsieve_do_getheader(context, "to", &body) == SIEVE2_OK)) found = look_for_me(myaddr, c->u.v.addresses, body); if (!found && (libsieve_do_getheader(context, "cc", &body) == SIEVE2_OK)) found = look_for_me(myaddr, c->u.v.addresses, body); if (!found && (libsieve_do_getheader(context, "bcc", &body) == SIEVE2_OK)) found = look_for_me(myaddr, c->u.v.addresses, body); if (!found && (libsieve_do_getheader(context, "Resent-To", &body) == SIEVE2_OK)) found = look_for_me(myaddr, c->u.v.addresses, body); if (!found && (libsieve_do_getheader(context, "Resent-Cc", &body) == SIEVE2_OK)) found = look_for_me(myaddr, c->u.v.addresses, body); if (!found && (libsieve_do_getheader(context, "Resent-Bcc", &body) == SIEVE2_OK)) found = look_for_me(myaddr, c->u.v.addresses, body); if (!found) { TRACE_DEBUG("Vacation didn't find my address in To, Cc, Bcc, Resent-To, Resent-Cc or Resent-Bcc."); l = SIEVE2_DONE; } } I would like to be able to set a :from address, but the check for valid recipient addresses must not be disabled by this. Issue History Date Modified Username Field Change ====================================================================== 29-Oct-11 19:47 pada New Issue 29-Oct-11 20:03 jasb Note Added: 0003313 29-Oct-11 20:09 paul Note Added: 0003314 29-Oct-11 20:25 jasb Note Added: 0003315 29-Oct-11 20:25 pada Note Added: 0003316 29-Oct-11 21:18 pada Note Added: 0003317 29-Oct-11 21:22 pada Issue Monitored: pada 29-Oct-11 22:11 paul Note Added: 0003318 30-Oct-11 01:19 pada Note Added: 0003319 ====================================================================== _______________________________________________ Dbmail-dev mailing list Dbmail-dev@dbmail.org http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail-dev