Package: ssmtp Version: 2.64-4 Severity: important
Summary: The simple satellite MTA ssmtp cannot properly handle e-mail messages already formatted with network ("DOS") line endings. Such messages may lose parts of the body, sent to the wrong recipicients, or have their last lines stripped for a related error. Versions affected: 2.62 (Debian lenny 2.62-3) 2.64 (Debian testing 2.64-4) Other versions not tested. Background: In the *ix world, line endings are marked by the line feed ("\n") character only. In line-based network communication like SMTP however, the sequence required for that is carriage return - line feed ("\r\n"). Therefore an injecting MTA must take care this requirement is met. There is no rule - or none I am aware or could think of - that forbids the application from already doing that conversion. Therefore the MTA /must/ do the conversion only if required. The latter is at least a consequence of the robustness principle. Details: The ssmtp MTA is completely unaware of \r\n line endings, they are treated as if \r was a character without any special meanings at all. For all messages that are piped to ssmtp with network line endings, this has a lot of consequences: 1. The empty line separating header and body, technically the first \r\n\r\n sequence is not detected as such. Instead, this and all lines of the body are treated as header lines, and just due to ssmtp's liberal understanding of an e-mail header, no harm is done in general. 2. With the "From:" header line as exception, all lines read from stdin are still converted into "network", creating line endings with a duplicated CR character, i.e. \r\r\n. The receiving MTA will hopefully deal with that (Postfix does, other not tested). 3. If ssmtp was called with the "-t" paramater (quite common), a line in the body that begins with the characters "To:", "Bcc:" or "CC:" (in arbitrary capitalisation) is treated as a recipicient's specification and ssmtp will send a copy of the message to that address. This could happen in an e-mail reply where the MUA puts the original addressing information into the body (i.e. that "-----Original Message-----" stuff). More things happen if the line after such a line begins with a space. Lines beginning with "From:" are appearently stripped, I didn't investigate why precisely. 4. If a longer paragraph, roughly 2000 characters, is indented by one or more space characters, this text will be treated as a single, "folded" header line. However, when sending out header lines, only the first 2048 characters are actually printed, the rest silently dropped. This will cut out text out the body right in the middle of the message. 5. On a related note, if the last line of the message is piped without a line ending, this line will be discarded. If that line begins with a space character, also all previous lines are lost up to and including the first line that is empty or begins with a non-space character. How to repeat: See the attached tar ball. It contains three messages that are not handled properly if piped to "/usr/sbin/ssmtp -oi -t". I suggest to use a packet sniffer to verify as the receiving MTA may alter line endings. How to fix: * The header_parse function needs a major re-write. * The standardise function needs to be \r-aware, this is rather easy. * Document the limit of logical header lines in the manpage. Usually I provide patches to ease fixing but the amount of changes that are required for header_parse leave me in the feeling this should be done upstream. Cheers, Christoph -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.32.13 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages ssmtp depends on: ii debconf [debconf-2.0] 1.5.32 Debian configuration management sy ii libc6 2.10.2-9 Embedded GNU C Library: Shared lib ii libgnutls26 2.8.6-1 the GNU TLS library - runtime libr ssmtp recommends no packages. ssmtp suggests no packages. -- Configuration Files: /etc/logcheck/ignore.d.server/ssmtp [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/ssmtp' -- debconf information: * ssmtp/hostname: localhost * ssmtp/root: postmaster * ssmtp/rewritedomain: ssmtp/overwriteconfig: true ssmtp/mailname: * ssmtp/port: 25 * ssmtp/mailhub: localhost * ssmtp/fromoverride: false
ssmtp-test.tar.gz
Description: Binary data
signature.asc
Description: Digital signature