Package: ssmtp Version: 2.64-4 Severity: important
Summary:
The simple satellite MTA ssmtp cannot properly handle e-mail messages
already formatted with network ("DOS") line endings. Such messages
may lose parts of the body, sent to the wrong recipicients, or have
their last lines stripped for a related error.
Versions affected:
2.62 (Debian lenny 2.62-3)
2.64 (Debian testing 2.64-4)
Other versions not tested.
Background:
In the *ix world, line endings are marked by the line feed ("\n")
character only. In line-based network communication like SMTP
however, the sequence required for that is carriage return - line feed
("\r\n"). Therefore an injecting MTA must take care this requirement
is met. There is no rule - or none I am aware or could think of -
that forbids the application from already doing that conversion.
Therefore the MTA /must/ do the conversion only if required. The
latter is at least a consequence of the robustness principle.
Details:
The ssmtp MTA is completely unaware of \r\n line endings, they are
treated as if \r was a character without any special meanings at all.
For all messages that are piped to ssmtp with network line endings,
this has a lot of consequences:
1. The empty line separating header and body, technically the first
\r\n\r\n sequence is not detected as such. Instead, this and all
lines of the body are treated as header lines, and just due to
ssmtp's liberal understanding of an e-mail header, no harm is done
in general.
2. With the "From:" header line as exception, all lines read from
stdin are still converted into "network", creating line endings
with a duplicated CR character, i.e. \r\r\n. The receiving MTA
will hopefully deal with that (Postfix does, other not tested).
3. If ssmtp was called with the "-t" paramater (quite common), a line
in the body that begins with the characters "To:", "Bcc:" or "CC:"
(in arbitrary capitalisation) is treated as a recipicient's
specification and ssmtp will send a copy of the message to that
address. This could happen in an e-mail reply where the MUA puts
the original addressing information into the body (i.e. that
"-----Original Message-----" stuff). More things happen if the
line after such a line begins with a space.
Lines beginning with "From:" are appearently stripped, I didn't
investigate why precisely.
4. If a longer paragraph, roughly 2000 characters, is indented by one
or more space characters, this text will be treated as a single,
"folded" header line. However, when sending out header lines, only
the first 2048 characters are actually printed, the rest silently
dropped. This will cut out text out the body right in the middle
of the message.
5. On a related note, if the last line of the message is piped without
a line ending, this line will be discarded. If that line begins
with a space character, also all previous lines are lost up to and
including the first line that is empty or begins with a non-space
character.
How to repeat:
See the attached tar ball. It contains three messages that are not
handled properly if piped to "/usr/sbin/ssmtp -oi -t". I suggest
to use a packet sniffer to verify as the receiving MTA may alter
line endings.
How to fix:
* The header_parse function needs a major re-write.
* The standardise function needs to be \r-aware, this is rather easy.
* Document the limit of logical header lines in the manpage.
Usually I provide patches to ease fixing but the amount of changes
that are required for header_parse leave me in the feeling this should
be done upstream.
Cheers,
Christoph
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.32.13 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages ssmtp depends on:
ii debconf [debconf-2.0] 1.5.32 Debian configuration management sy
ii libc6 2.10.2-9 Embedded GNU C Library: Shared lib
ii libgnutls26 2.8.6-1 the GNU TLS library - runtime libr
ssmtp recommends no packages.
ssmtp suggests no packages.
-- Configuration Files:
/etc/logcheck/ignore.d.server/ssmtp [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/ssmtp'
-- debconf information:
* ssmtp/hostname: localhost
* ssmtp/root: postmaster
* ssmtp/rewritedomain:
ssmtp/overwriteconfig: true
ssmtp/mailname:
* ssmtp/port: 25
* ssmtp/mailhub: localhost
* ssmtp/fromoverride: false
ssmtp-test.tar.gz
Description: Binary data
signature.asc
Description: Digital signature
