Re: [Exim] cyrus NUL failures

Top Page
Delete this message
Reply to this message
Author: Pat Lashley
Date:  
To: Chris Edwards, Exim Users Mailing List
CC: Exim Users Mailing List
Subject: Re: [Exim] cyrus NUL failures
--On Thursday, December 04, 2003 19:54:29 +0000 Chris Edwards <C.Edwards@???> wrote:

>| Hmm.  I've had no problem with this one:
>|
>| deny    log_message     = NUL in body
>|         message         = Unescaped NUL character in message body\n\
>|               (See RFC 2822, section 2.3; and RFC 2045, sections 2.7 & 2.8)
>|         condition       = ${if match {$message_body} {\N\x00\N} {yes} {no}}

>
> That only checks the first $message_body_visible bytes of the message.
> In our environment this is currently set at 50KB. We sometimes get much
> bigger messages coming in with a NULL right at the end.
>
> ( often the very last byte of an appended .sig - broken MUA )


Ah, right, I'd forgotten about that. I've got message_body_visible
set high enough that so far no message has slipped past the ACL with
a later NUL for Cyrus to complain about.

Adding $message_body_end to the test would catch the most common
cases; but still potentially leave an undetected NUL in the middle.



>| And if it isn't spam, the sender needs to know that
>| their MUA is broken.
>
> Arguably yes. However, since almost any sane mail system just handles
> these things without complaining [1],


For now, yes. But mailadmins are starting to tighten up their RFC
compliance requirements as a way of blocking some of the more egregious
spamers.

And NUL characters are potentially a source of problems for content
filtering programs, or even MUAs that use C string functions.


That said, I'll have to admit that my decision to block rather than
translate NULs was arrived at rather reluctantly; and may yet be
reversed. I may look into automatically sending a warning back to
the sender when accepting a non-compliant message. (The major
difficulty being avoiding sending such messages to a mailinglist
submission address.)

> then we thought we may as well emulate this for our Netmail servers.
>
> Exim, sendmail pass NULLs cleanly. Exchange seems to turn them
> into spaces...


Cyrus is indeed the most strongly RFC-compliance demanding mail
related package that I've come across. Their reasons for doing
so make sense; but are a lot stronger in an academic environment
than they are here in the wild...



-Pat