On 28/08/18 19:05, Dominic Raferd wrote:
> Are you sure that the file you are trying to release is a valid email
> which specifies a recipient?
Well.. Amavisd put it there, so I sure hope so.
That said, I checked the email headers in the file and to me it looks
like a valid email. I see the following fields that I guess are important:
Return-Path: <>
X-Envelope-From: <[email protected]>
X-Envelope-To: <[email protected]>
X-Envelope-To-Blocked: <[email protected]>
X-Quarantine-ID: <ziXFTUeDuvT7>
Received: (a numebr of them)
Message-ID: <some_gmail_id>
From: <[email protected]>
To: <[email protected]>
Date: Mon, 27 Aug 2018 11:06:14 +0200
There are others but I don't think they matter much for
releasing/sending the email. This all is followed by the actual mail
content, mime, etc.
> Did you try:
> # amavisd-release virus/virus-20180827T110127-45477-09 ziXFTUeDuvT7
> [email protected]
I did. But I tried again, just to be sure:
# amavisd-release virus/virus-20180827T110127-45477-09 ziXFTUeDuvT7
[email protected]
450 4.5.0 Failure: Secret_id ziXFTUeDuvT7 does not match mail_id
virus-20180827T110127-45477-09 at (eval 128) line 308, <GEN55> line 7.
> If this works it reveals a vulnerability in the 'secret-id' system
> used by amavisd-release, but it would enable you to move forward.
Yeah, it would. But (un)fortunately it doesn't work.
--
Thanks,
Rob
