On Wednesday, June 25, 2003, at 06:41 PM, Doug Clements wrote:
We're getting a report of a bogus Delivered-To header from one of our customers. Apparently, Exchange relies on this in some way.

You can see it here.. The real domain is linear-systems.com, but the delivered-to header doesn't complete the domain in the first part of the line and it ends up being systems.com. Has anyone seen this before, and know of a fix?

>Received: from exchange-pop3-connector.com (LSPROXY []) by
>lsproxy.linkline.com with SMTP (Microsoft Exchange Internet Mail Service
>Version 5.5.2653.13)
> id 205XX740; Wed, 18 Jun 2003 15:13:04 -0700
>Received: (qmail 94044 invoked by uid 1009); 18 Jun 2003 22:11:20 -0000
>Delivered-To: [EMAIL PROTECTED]
>Received: (qmail 94025 invoked by uid 0); 18 Jun 2003 22:11:20 -0000

This is a bug in vdelivermail.c, in the section of code after the following comment:

        /* use the DTLINE variable, but skip past the dash in
         * [EMAIL PROTECTED]

Basically, it assumes the first dash separates the domain name from the email address. The solution might be to find the '@' in DTLINE, determine the length of the domain name (@ to trailing NULL) and skip that many bytes from the beginning of the address.

Maybe it's better to use other environment variables (USER, HOST, LOCAL, RECIPIENT?) to build the delivered-to header.

Tom Collins

Reply via email to