Re: [exim] bug in exim 4.44 - Message sender with space in u…

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Nigel Metheringham
Date:  
À: Marc Haber
CC: exim-users
Sujet: Re: [exim] bug in exim 4.44 - Message sender with space in user name leads to "spool format error"
On Sun, 2005-02-06 at 13:26 +0100, Marc Haber wrote:
> This is Debian Bug #293314 (http://bugs.debian.org/293314).
>
> After some investigation it looks like exim chokes on message senders
> with UNIX account names containing a space. These account names are
> not allowed by POSIX, but can be configured on some systems, and might
> come in from database setups as in the case of the original bug
> reporter.
>
> Exim accepts the message, creates spool files, but cannot cope with
> these files because it considers them as being in a bad format.


Not good.

> |[43/56]mh@lefler[chroot sid]:~$ cat /var/spool/exim4/input/1CxlOw-0006EJ-5L-H
> |1CxlOw-0006EJ-5L-H
> |user name 1002 1002


That line is the main problem - we need to quote or otherwise protect
that phrase.

[snip]

> |168P Received: from user name by lefler.int.l21.ma.example.com with local (Exim 4.44)
> |        id 1CxlOw-0006EJ-5L
> |        for mh+exim-users@???; Sun, 06 Feb 2005 12:20:30 +0000


and that received line is hence rfc non-compliant.

This smells very like a smail bug of 1995 or so... there really is
nothing new under the sun :-)
Fortunately this one doesn't have the side effect of blowing the
security of the whole system

Unfortunately I fear that this may be tricky to fix - it feels as though
we are going to have to be careful of strange side effects. Can this be
reproduced with SMTP injection (of a sender address containing a space)?

    Nigel.
-- 
[ Nigel Metheringham           Nigel.Metheringham@??? ]
[ - Comments in this message are my own and not ITO opinion/policy - ]