[courier-users] Re: Emails with '&' in sender address... again

[Sam Varshavchik]

[EMAIL PROTECTED] writes:

Hello,

Is there is solution for incoming emails with char '&' in sender email address:

In order for a solution to exist, one requirement must be met: a problem must exist before hand.

You need to explain, beforehand, what the actual problem is.

# mailq
Size Queue ID Date
User From
Status Recipient
---------------- ---------------------------------------------------------
976.8K 00062ED6.3FC75ACE.00002AC6 Nov 28 16:25
courier Service&[EMAIL PROTECTED]
[EMAIL PROTECTED]

1 messages.

# cancelmsg 00062ED6.3FC75ACE.00002AC6
Message scheduled for cancellation.

# mailq
Size Queue ID Date
User From
Status Recipient
---------------- ---------------------------------------------------------
3.6K 000106D6.3FCCE661.00003A3E Dec 02 21:22
courier
Service&[EMAIL PROTECTED]

1 messages.

Yes? Your point is?

The only solution for now is stop courier, delete everything in in /var/spool/courier/msgq and /var/spool/courier/msgs and start courier again.

Comments?

If you are implying that neither the message, nor the bounce, is getting delivered, then your first step should be to look in your mail logs, and see why.

There's nothing inherently unusual about messages with & in the sender's address:

MAIL FROM:<service&[EMAIL PROTECTED]>
250 Ok.
RCPT TO:<[EMAIL PROTECTED]>
250 Ok.
DATA
354 Ok.
From: service&[EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: test

Ampersand test
.
250 Ok. 3FCD2557.000076A9
QUIT
221 Bye.

Delivered-To: [EMAIL PROTECTED]
Return-Path: <service&[EMAIL PROTECTED]>
Received: from ny.email-scan.com (softdnserr [::ffff:127.0.0.1])
 (IDENT: [gIHo74ksgZk9dQIY16UPCy5dpeAKd/S8])
 by ny.email-scan.com with esmtp; Tue, 02 Dec 2003 18:50:28 -0500
From: service&[EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: test

Ampersand test



My guess would be that you've installed some convoluted command line in the .courier file that uses the $SENDER environment variable in an unsafe way, so the ampersand in the E-mail address gets interpreted by the shell.

Congratulations! With a carefully-crafted message, an attacker can execute any shell command on your box.

But again, that's just a guess, because you haven't explained what your problem is.

pgp00000.pgp

Description: PGP signature