Bug Tracker item #3536088, was opened at 2012-06-18 11:27
Message generated for change (Comment added) made by polaris1
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=1126467&aid=3536088&group_id=250683
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: daemon
Group: None
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: polaris1 (polaris1)
Assigned to: Nobody/Anonymous (nobody)
Summary: dot stuffing bug
Initial Comment:
I tried this in both 3.9.0 and in 3.10.1 with similar results.
I run dspam in client/daemon mode ( daemon is 3.10.1, clients I tried both
3.9.0 and 3.10.1 )
DSPAM is invoked from C with these arguments: dspam --client --user myuser
--deliver=innocent,spam --stdout while the message is being fed in through
stdin.
I have a copy of the message and the relevant part is here:
--_000_9D6F18858B1E854EBC490A2C24C011D629FA52B099SERVER02Royal_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Dear Daniela,
According to Michela, I will send the loading schedule for next week to you=
.
Hello World, how are you
quoted printable only allows 76 characters per line and as it happens, that
line ends with a dot on the 77th character thus putting it on a new line ( what
are the odds, right ? )
situation can be reproduced like this: cat messagefile | dspam --client --user
myuser --deliver=innocent,spam --stdout
For that message, the output will stop at 'next week to you='.
If I modify the message to stuff the dot manually (..) it will output:
--_000_9D6F18858B1E854EBC490A2C24C011D629FA52B099SERVER02Royal_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Dear Daniela,
According to Michela, I will send the loading schedule for next week to you=
..
Hello World, how are you
Obviously something is wrong. I see that dspam has dot stuffing mechanisms in
client.c but it's obviously not working. Is it because of the quoted printable ?
----------------------------------------------------------------------
>Comment By: polaris1 (polaris1)
Date: 2012-06-18 12:49
Message:
There is no MTA involved here. dspam in --client mode, according to my
interpretation of client.c should perform dot stuffing.
If I read that incorrectly, can you tell me what all that code I pasted in
client.c is supposed to do ?
----------------------------------------------------------------------
Comment By: Stevan Bajic (sbajic)
Date: 2012-06-18 12:43
Message:
Yes. DSPAM binary is responsible doing the dot stuffing WHEN sending to a
delivery agent OR sending to the DSPAM daemon.
But in your case you feed the DSPAM binary with wrong data. So DSPAM stops
processing the message after you just send ONE dot.
It is the same as if you would open a connection to port 25 on your system
and post something like this:
< 220 mail.example.com ESMTP Postfix (2.9.3)\r
> EHLO mail.example.com\r
< 250-mail.example.com\r
< 250-PIPELINING\r
< 250-SIZE 52428800\r
< 250-ETRN\r
< 250-STARTTLS\r
< 250-AUTH PLAIN LOGIN DIGEST-MD5 CRAM-MD5\r
< 250-AUTH=PLAIN LOGIN DIGEST-MD5 CRAM-MD5\r
< 250-ENHANCEDSTATUSCODES\r
< 250-8BITMIME\r
< 250 DSN\r
> MAIL FROM:<r...@example.com>\r
< 250 2.1.0 Ok\r
> RCPT TO:<ste...@bajic.ch>\r
< 250 2.1.5 Ok\r
> DATA\r
< 354 End data with <CR><LF>.<CR><LF>\r
> Return-Path: <r...@example.com>\r
> Delivered-To: ste...@bajic.ch\r
> To: <ste...@bajic.ch>\r
> From: <r...@example.com>\r
> MIME-Version: 1.0\r
> Content-Type: multipart/related;\r
>
boundary="_004_9D6F18858B1E854EBC490A2C24C011D629FA52B099SERVER02Royal_";\r
> type="multipart/alternative"\r
> Subject: Testing\r
> \r
> --_004_9D6F18858B1E854EBC490A2C24C011D629FA52B099SERVER02Royal_\r
>
boundary="_000_9D6F18858B1E854EBC490A2C24C011D629FA52B099SERVER02Royal_"\r
> \r
> --_000_9D6F18858B1E854EBC490A2C24C011D629FA52B099SERVER02Royal_\r
> Content-Type: text/plain; charset="us-ascii"\r
> Content-Transfer-Encoding: quoted-printable\r
> \r
> Dear Daniela,\r
> \r
> According to Michela, I will send the loading schedule for next week to
you=\r
> .\r
> \r
< 250 2.0.0 Ok: queued as 7FDC0A3C170\r
> Hello World, how are you\r
< 502 5.5.2 Error: command not recognized\r
> RSET\r
< 250 2.0.0 Ok\r
> QUIT\r
< 221 2.0.0 Bye\r
Assuming you run Postfix, would you say that this is a Postfix bug? I
personally would say that this is NOT a bug.
Now on the other hand if you have a MTA that is getting the above mail and
then sends that message to DSPAM over SMTP then the MTA is responsible to
do the dot stuffing, while DSPAM is responsible for doing the dot
destuffing. When the message is inside DSPAM (the client) and the client is
sending the data to the DSPAM daemon (because of the use of --client) then
the DSPAM client is doing dot stuffing while the DSPAM daemon is doing the
dot destuffing.
----------------------------------------------------------------------
Comment By: polaris1 (polaris1)
Date: 2012-06-18 12:06
Message:
Hmm, I saw this in client.c. I thought DSPAM client would take care of
that:
* DESCRIPTION
* connect to a dspam daemon socket and attempt to process a message
* this function is called by the dspam agent when --client is specified
/*
* fill buf with partial msg, replacing \n with \r\n
* and do dot stuffing, if needed.
*/
/* take care of dot stuffing \n */
if (message->data[i + 1] && message->data[i + 1] == '.') {
buf[buflen] = '\n';
buflen++;
buf[buflen] = '.';
buflen++;
buf[buflen] = '.';
buflen++;
i += 2;
continue;
}
I haven't really debugged the code, but it seems there is code there that
is supposed to do dot stuffing...
----------------------------------------------------------------------
Comment By: Stevan Bajic (sbajic)
Date: 2012-06-18 11:54
Message:
I am not really sure if this is a bug or not. Actually the application
sending data to DSPAM is responsible for doing the dot stuffing. In your
case you use cat to pipe the message to DSPAM. So 'cat' should do the dot
stuffing. Correct me if you see that differently.
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=1126467&aid=3536088&group_id=250683
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Dspam-devel mailing list
Dspam-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspam-devel
