On 07/30/2009 07:11 AM, Peter J. Holzer wrote:
On 2009-07-29 14:07:53 -0500, Jared Johnson wrote:
We recently noticed a message in our postfix queue that thought it was
addressed to " foo.com". After examining it, it turned out that Qpsmtpd
accepted a MAIL FROM command formatted like so:
MAIL FROM:<u...@d.com,foo.com>
Weird.
Ah, I see the problem. In line 187 of Qpsmtpd::Address the regexp for
the domain is initialized like this:
my $domain = "(?:$address_literal|$subdomain(?:\.$subdomain)*)";
(looks like I didn't know about qr// when I wrote that code)
That's a double quoted string, so "\." needs to be written as "\\.".
Ah, that fixes it. Incidentally, I think that might have been
introduced by a patch that I submitted. I think I recall there was a
bit of discussion over using qr// but there was some good reason not to,
but the reason itself completely escapes me :)
-Jared
--
Inbound and outbound email scanned for spam and viruses by the
DoubleCheck Email Manager v5: http://www.doublecheckemail.com
