Re: [geeklog-users] Illegal MIME chars found in header

Mon, 15 Dec 2003 15:28:26 -0600 

Background on the issue:
http://www.vbulletin.com/forum/bugs.php?do=view&bugid=1496
http://www.ez.no/developer/ez_publish_3/forum/developer/ illegal_mime_chars_in_email_header 


Geeklog code that leads to the bug is in users.php, function  
emailpassword:

        mail($A["email"]
            ,"{$_CONF["site_name"]}: {$LANG04[16]}"
            ,$mailtext

            ,"From: {$_CONF["site_name"]}  
<{$_CONF["site_mail"]}>\r\nReturn-Path:  
<{$_CONF["site_mail"]}>\r\nX-Mailer: GeekLog " . VERSION .  
"\r\nContent-Type: text/plain; charset={$charset}"

            );


The fix is to change the \r\n to \n.  This breaks with the RFC but  
appears to be standard practice to get past virus detectors, which  
don't accept RFC-compliant mime headers.  This is the new code in my  
version of users.php:

                
        mail($A["email"]
            ,"{$_CONF["site_name"]}: {$LANG04[16]}"
            ,$mailtext

            ,"From: {$_CONF["site_name"]}  
<{$_CONF["site_mail"]}>\nReturn-Path:  
<{$_CONF["site_mail"]}>\nX-Mailer: GeekLog " . VERSION .  
"\nContent-Type: text/plain; charset={$charset}"

            );

On Monday, Dec 15, 2003, at 16:00 America/New_York, Lucas Gonze wrote:


The emailed password to a new user of my system just caused the  
following bounce message.  I really don't see the problem, so I'm  
hoping that other geeklog sites have encountered it already.  Here's  
the bounce, with domains changed to protect the innocent:


Attention: [EMAIL PROTECTED]


A problem was found in an Email message you sent.
This Email scanner intercepted it and stopped the entire message
reaching its destination.

The problem was reported to be:

Illegal MIME chars found in header



Please contact your I.T support personnel with any queries regarding  
this

policy.


Your message was sent with the following envelope:

MAIL FROM: [EMAIL PROTECTED]
RCPT TO:   [EMAIL PROTECTED]

... and with the following headers:

---
MAILFROM: [EMAIL PROTECTED]
Received: from generalpublic.org (66.132.150.27)
  by 63.208.193.225 with SMTP; 15 Dec 2003 13:01:44 -0500
Received: (qmail 11504 invoked by uid 48); 15 Dec 2003 18:18:41 -0000
Date: 15 Dec 2003 18:18:41 -0000
Message-ID: <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: foosite: Your Account Information
From: fooadmin <[EMAIL PROTECTED]>
X-Mailer: GeekLog 1.3.8-1sr2
Content-Type: text/plain; charset=iso-8859-1


---


_______________________________________________
geeklog-users mailing list
[EMAIL PROTECTED]
http://lists.geeklog.net/listinfo/geeklog-users

























					Reply via email to