Oliver Block:
> Wietse Venema schrieb:
> > Oliver Block:
> >
> >> Hello everyone,
> >>
> >> these days you can read dozens of articles that implitely claim that
> >> the following code will produce more than one mail message at a time
> >> if used by a malicous user.
> >>
> >> I doubt that it is true, but I'd like to ask here, because you know
> >> your mta better than I. The c code to access postdrop/sendmail is the
> >> following:
> >>
> >> ...
> >>
> >> errno = 0;
> >> sendmail = popen(sendmail_cmd, "w");
> >>
> >> if (sendmail) {
> >>
> >> ...
> >>
> >> fprintf(sendmail, "To: %s\n", to);
> >> fprintf(sendmail, "Subject: %s\n", subject);
> >>
> >
> > If the to or subject are taken from an untrusted user, they may
> > contain contain newlines, MIME headers, a new body, and other MIME
> > headers that prevent your real message from being displayed.
> >
> >
> I understand that. And this should be considered. In the example above
> the authors decided to leave the responsibility to the programmer that
> relies on the code above.
>
> But what about the "." and that an mta will create two messages in a row
> when send over a pipe? Does this work with postdrop?
That depends on how the Postfix sendmail command is invoked,
and you failed to supply that information.
If invoked as "sendmail -bs", then the "." SEPARATES messages as
defined in the SMTP protocol.
If invoked as "sendmail -i", then the "." becomes part of the message.
Otherwise, the "." TERMINATES the message and the remainder is ignored.
Wietse
