--On Thursday, December 04, 2003 19:54:29 +0000 Chris Edwards <C.Edwards@???> wrote:
>| Hmm. I've had no problem with this one:
>|
>| deny log_message = NUL in body
>| message = Unescaped NUL character in message body\n\
>| (See RFC 2822, section 2.3; and RFC 2045, sections 2.7 & 2.8)
>| condition = ${if match {$message_body} {\N\x00\N} {yes} {no}}
>
> That only checks the first $message_body_visible bytes of the message.
> In our environment this is currently set at 50KB. We sometimes get much
> bigger messages coming in with a NULL right at the end.
>
> ( often the very last byte of an appended .sig - broken MUA )
Ah, right, I'd forgotten about that. I've got message_body_visible
set high enough that so far no message has slipped past the ACL with
a later NUL for Cyrus to complain about.
Adding $message_body_end to the test would catch the most common
cases; but still potentially leave an undetected NUL in the middle.
>| And if it isn't spam, the sender needs to know that
>| their MUA is broken.
>
> Arguably yes. However, since almost any sane mail system just handles
> these things without complaining [1],
For now, yes. But mailadmins are starting to tighten up their RFC
compliance requirements as a way of blocking some of the more egregious
spamers.
And NUL characters are potentially a source of problems for content
filtering programs, or even MUAs that use C string functions.
That said, I'll have to admit that my decision to block rather than
translate NULs was arrived at rather reluctantly; and may yet be
reversed. I may look into automatically sending a warning back to
the sender when accepting a non-compliant message. (The major
difficulty being avoiding sending such messages to a mailinglist
submission address.)
> then we thought we may as well emulate this for our Netmail servers.
>
> Exim, sendmail pass NULLs cleanly. Exchange seems to turn them
> into spaces...
Cyrus is indeed the most strongly RFC-compliance demanding mail
related package that I've come across. Their reasons for doing
so make sense; but are a lot stronger in an academic environment
than they are here in the wild...
-Pat
