On Thu, Sep 03, 2009 at 04:37:26PM +0200, Mark Martinec wrote:
> So far I lived under impression that smtpd service does some
> basic sanitation, de-pipelining etc to a SMTP session,
> before passing data to a smtpd_proxy_filter content filter.
Valid SMTP in, valid SMTP out.
Garbage-in (overly long lines, single leading ".", ...), garbage out.
> Apparently dot-stuffing sanitation is not performed,
> as (invalid) lines with a single leading dot can still reach
> a proxy content filter (which yields a warning in the log
> in case of amavisd).
Yes,
src/smtpd/smtpd.c:data_cmd():
if (prev_rec_type != REC_TYPE_CONT && *start == '.'
&& (state->proxy == 0 ? (++start, --len) == 0 : len == 1))
break;
Skipping the leading "." only happens with no proxy. With a proxy, the
verbatim SMTP stream is copied to the proxy... Only the message size
limit is enforced, the rest is up to the proxy.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majord...@postfix.org?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
