Yes this is cross posted, but I really think others need to test this
out.
Here is the problem, on exim 4.43 with exiscan-acl-4.43-28.patch,
a malformed message (in my example below there are bad base64 chars),
passes the demime error checks the second time through on the same
connection.
To test, connect to your exim MTA with telnet, issue a standard SMTP
transaction, feed the example below as the data, exiscan will reject
the message (if you have the errors >=2 I believe), after the
message is rejected, issue another "mail from" command, i used the
exact same information for the mail from: and rcpt to: commands, and
feed the message through a second time, this time it will pass the
demime checks, or at it does on my machines, yes machines, i have tested
this on multiple exim/exiscan installs that I run.
Just for calrity, here is a mock smtp transaction to exibit the problem:
EHLO localhost.localdomain
OK
MAIL FROM:<user-at-my-domain.com>
OK
RCPT TO:<user-at-my-domain.com>
OK
DATA
<--past the fake message below in-->
.
550 Rejected, bad mime parts
MAIL FROM:<user-at-my-domain.com>
OK
RCPT TO:<user-at-my-domain.com>
OK
DATA
<--past the fake message below in a second time-->
<--or any other message that has bad mime parts for that matter-->
.
OK <message_id>
QUIT
<BEGIN_FAKE_MESSAGE>
Message-ID: <20041020024823.82385.qmail@???>
Received: from [69.102.13.153] by web11502.mail.yahoo.com via HTTP;
Thu, 04 Nov 2004 19:48:23 PDT
Date: Thu, 04 Nov 2004 19:48:23 -0700 (PDT)
From: Someone <some-user-at-yahoo@???>
Subject: exiscan testing
To: Someone <some-user-at-your-domain@???>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="0-419322518-1098240503=:82280"
--0-419322518-1098240503=:82280
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: base64
c29tZXRoaW5nIGlzIGhlc%%$$mU=
--0-419322518-1098240503=:82280--
</END_FAKE_MESSAGE>
--
--EAL--
--
