Package: dma Severity: grave Justification: violates section-3.4.1 of rfc2822, therefore could make unrelated software on the system to break or cause data loss (missing/bounced e-mails)
DMA should append the system mailname (/etc/mailname), or the system hostname when the mailname is not available automatically to the generated e-mails when the user don't specify a domain name. Take, for example the following headers of a generated mail from cron on a system running dma: """ Received: from root (uid 0) (envelope-from root@localhost) id 18000e2 by localhost (DragonFly Mail Agent); Thu, 10 Jan 2013 17:33:25 +0100 From: root (Cron Daemon) To: root Subject: Cron <root@localhost> test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.hourly ) (failed) Content-Type: text/plain; charset=UTF-8 X-Cron-Env: <SHELL=/bin/sh> X-Cron-Env: <PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin> X-Cron-Env: <HOME=/root> X-Cron-Env: <LOGNAME=root> Date: Thu, 10 Jan 2013 07:33:25 +0100 Message-Id: <50ee60b5.18000e2.7a0902f8@localhost> """ The same message when generated by a sane MTA (Exim for example) will have: """ From: root@localhost (Cron Daemon) To: root@localhost """ To reproduce, Execute the following command on a system running DMA. echo "This is the main body of the mail" | mail -s "Testing dma sanity" mym...@address.com -- -f root If DMA is configured to deliver to an smarthost (exim), you will get your mail bounced back. """ This is the DragonFly Mail Agent at satellite.address.com. There was an error delivering your mail to <mym...@address.com>. mail.adress.com [192.168.122.1] did not like our MAIL FROM: 501 <root>: sender address must contain a domain Message headers follow. Received: from root (uid 0) (envelope-from root) id 1806b45 by satellite.address.com (DragonFly Mail Agent); Thu, 10 Jan 2013 19:12:42 +0100 To: mym...@address.com Subject: Testing dma sanity Date: Thu, 10 Jan 2013 19:12:42 +0100 Message-Id: <50ef049a.1806b45.2d33b...@satellite.address.com> From: <root> """ Now do the same test on another system running Exim and you will see how Exim automatically adds an @mailname.tld The MTA should append _always_ an @ with the mailname/hostname part when the user don't specify it. Since this bug potentially breaks unrelated software I am marking it as a RC bug. I noticed this because my procmail rules stopped working as expected and because of bounced mails after installing DMA. Regards!
signature.asc
Description: OpenPGP digital signature