postfix filter and CR LF.CR LF

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

postfix filter and CR LF.CR LF

Jordi Moles
Hello everyone,

I'm writing this message to ask for advice on a filter i'm writing.

The thing is that I've got a server running postfix in which i already
have a postfix filter written in Perl. When i have to reinject the
message into postfix, i do it with the SMTP class from Perl, which
doesn't give me any problem at all.

However, i have to write a new one in C/C++ and I'm getting some trouble
with the "dot" indicating the "end-of-message". The problem is that when
i send the message back from the filter written in C/C++ anyone can
perform a spam injection by sending messages with this content:

.
MAIL FROM: [hidden email]
RCPT TO: [hidden email]
DATA
spam spam spam
.


and [hidden email] will get a message from
[hidden email] containing "spam spam spam"
I've tried with different implementations in C and also C++. Some people
have developed SMTP classes for C++ which I've tried, but none can't
stop this spam injection from happening.

So.. my first question would be... how does postfix itself handle this?
Or... what can i do in my filter to tell postfix that doesn't have to
take CR LF.CR LF as the end of the message?

Has anyone found a solution for this while using postfix filters?


Thanks in advance for your help.


Reply | Threaded
Open this post in threaded view
|

Re: postfix filter and CR LF.CR LF

martijn.list
> However, i have to write a new one in C/C++ and I'm getting some trouble
> with the "dot" indicating the "end-of-message". The problem is that when
> i send the message back from the filter written in C/C++ anyone can
> perform a spam injection by sending messages with this content:
>
> .
> MAIL FROM: [hidden email]
> RCPT TO: [hidden email]
> DATA
> spam spam spam
> .


You are probably forgetting to convert the single dot (.) to dot-dot (..)

See RFC 2821 section 4.5.2 Transparency


Martijn Brinkers

--
Djigzo open source email encryption www.djigzo.com

Reply | Threaded
Open this post in threaded view
|

Re: postfix filter and CR LF.CR LF

Jordi Moles
En/na martijn.list ha escrit:

>> However, i have to write a new one in C/C++ and I'm getting some
>> trouble with the "dot" indicating the "end-of-message". The problem
>> is that when i send the message back from the filter written in C/C++
>> anyone can perform a spam injection by sending messages with this
>> content:
>>
>> .
>> MAIL FROM: [hidden email]
>> RCPT TO: [hidden email]
>> DATA
>> spam spam spam
>> .
>
>
> You are probably forgetting to convert the single dot (.) to dot-dot (..)
>
> See RFC 2821 section 4.5.2 Transparency
>
>
> Martijn Brinkers
>
Hi,

thanks for your suggestion, I'll give it a try. However, I think that
I've already tried this. As far as I can remember, the problem by
modifying the content of the message was that when a user used some kind
of signature, the checksum wouldn't match and users complain about the
body being altered. Does that make sense to you? Or may be it's only
that my implementation was buggy.

Thanks.
Reply | Threaded
Open this post in threaded view
|

Re: postfix filter and CR LF.CR LF

Magnus Bäck
On Thu, March 5, 2009 10:13 am, Jordi Moles Blanco said:

> En/na martijn.list ha escrit:
>
> > You are probably forgetting to convert the single dot (.) to dot-dot
> > (..)
> >
> > See RFC 2821 section 4.5.2 Transparency
>
> thanks for your suggestion, I'll give it a try. However, I think that
> I've already tried this. As far as I can remember, the problem by
> modifying the content of the message was that when a user used some kind
> of signature, the checksum wouldn't match and users complain about the
> body being altered. Does that make sense to you? Or may be it's only
> that my implementation was buggy.

The extra dot is removed by the SMTP server so that the message remains
the same after transmission.

--
Magnus Bäck
[hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: postfix filter and CR LF.CR LF [solved]

Jordi Moles
En/na Magnus Bäck ha escrit:

> On Thu, March 5, 2009 10:13 am, Jordi Moles Blanco said:
>
>  
>> En/na martijn.list ha escrit:
>>
>>    
>>> You are probably forgetting to convert the single dot (.) to dot-dot
>>> (..)
>>>
>>> See RFC 2821 section 4.5.2 Transparency
>>>      
>> thanks for your suggestion, I'll give it a try. However, I think that
>> I've already tried this. As far as I can remember, the problem by
>> modifying the content of the message was that when a user used some kind
>> of signature, the checksum wouldn't match and users complain about the
>> body being altered. Does that make sense to you? Or may be it's only
>> that my implementation was buggy.
>>    
>
> The extra dot is removed by the SMTP server so that the message remains
> the same after transmission.
>
>  
Hi,

thanks for the info. Now the filter seems to work properly.

I guess it was my fault the first time I tried this. I didn't keep that
piece of code cause it wasn't working anyway... but it was defenetly buggy.

Thanks for your help.

Reply | Threaded
Open this post in threaded view
|

Re: postfix filter and CR LF.CR LF - New Issue

Jordi Moles
En/na Jordi Moles Blanco ha escrit:

> En/na Magnus Bäck ha escrit:
>> On Thu, March 5, 2009 10:13 am, Jordi Moles Blanco said:
>>
>>  
>>> En/na martijn.list ha escrit:
>>>
>>>    
>>>> You are probably forgetting to convert the single dot (.) to dot-dot
>>>> (..)
>>>>
>>>> See RFC 2821 section 4.5.2 Transparency
>>>>      
>>> thanks for your suggestion, I'll give it a try. However, I think that
>>> I've already tried this. As far as I can remember, the problem by
>>> modifying the content of the message was that when a user used some
>>> kind
>>> of signature, the checksum wouldn't match and users complain about the
>>> body being altered. Does that make sense to you? Or may be it's only
>>> that my implementation was buggy.
>>>    
>>
>> The extra dot is removed by the SMTP server so that the message remains
>> the same after transmission.
>>
>>  
> Hi,
>
> thanks for the info. Now the filter seems to work properly.
>
> I guess it was my fault the first time I tried this. I didn't keep
> that piece of code cause it wasn't working anyway... but it was
> defenetly buggy.
>
> Thanks for your help.
>
Hi,

after your comments I thought I had "fixed" my filter and everything
seemed to work fine. I only replaced \n.\n with \n..\n in the body of
the message.

But now I've found out that when the message contains html code, it
doesn't work properly.

If you look at the content of the message, by doing "cat" for example,
you can see a line like this <br>.<br>, which is obvious for being HTML
. However, i can't add the second dot properly. After trying several
approaches I can only replace some of the dots there are in the message.
For example, if the body of the message is something like this:

**************

asdf*adsfa*sd
.
MAIL FROM: [hidden email]
RCPT TO: [hidden email]
DATA

prova, pro*va, prov*a sense quota
.

***************

it will only replace the first dot, but not the second one.

How can I replace the dot properly when the text has HTML code?

Thanks.
Reply | Threaded
Open this post in threaded view
|

Re: postfix filter and CR LF.CR LF - New Issue

Victor Duchovni
On Mon, Mar 09, 2009 at 04:50:29PM +0100, Jordi Moles Blanco wrote:

> after your comments I thought I had "fixed" my filter and everything seemed
> to work fine. I only replaced \n.\n with \n..\n in the body of the message.

You don't change message bodies before transmission, you follow RFCs
821, 2821, 5321 and remove leading "." from the SMTP payload on input
(in the SMTP server) and add leading "." to the SMTP payload on output
(in the SMTP client). SMTP uses "\r\n" at the ends of lines.

> But now I've found out that when the message contains html code, it doesn't
> work properly.

This is nonsense, SMTP+MIME deliver conforming message bodies unmodified
from the sender to the recipient. It does via suitable encodings during
message preparation and transport.

Use MIME to encode content that is not printable ASCII text (with
sufficiently short lines). Use SMTP transparency to deal with lines
starting with ".".

> If you look at the content of the message, by doing "cat" for example, you
> can see a line like this <br>.<br>, which is obvious for being HTML .

You are still mightily confused. Don't modify the message or its HTML
encoding. Implement correct SMTP server and client code.

--
        Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:[hidden email]?body=unsubscribe%20postfix-users>

If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.