serv/mox
1
0
Fork 0
mirror of https://github.com/mjl-/mox.git synced 2024-12-26 08:23:48 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

smtpserver: also allow space after "MAIL FROM:" and "RCPT TO:" command for SMTP delivery (unless in pedantic mode)

Browse source 
we already allowed it for (authenticated) SMTP submission. it turns out also
legitimate senders can use this invalid syntax to deliver messages.

for issue #101 by Fell, thanks for reporting & explaining!
This commit is contained in:
Mechiel Lukkien 2023-12-11 15:34:11 +01:00
parent 02eb7b5033
commit af5da17623
No known key found for this signature in database
1 changed files with 8 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
smtpserver/server.go
View file

@ -1285,10 +1285,10 @@ func (c *conn) cmdMail(p *parser) {
}
}()
p.xtake(" FROM:")
// note: no space after colon. ../rfc/5321:1093
// Allow illegal space for submission only, not for regular SMTP. Microsoft Outlook
// 365 Apps for Enterprise sends it.
if c.submission && !moxvar.Pedantic {
// note: no space allowed after colon. ../rfc/5321:1093
// Microsoft Outlook 365 Apps for Enterprise sends it with submission. For delivery
// it is mostly used by spammers, but has been seen with legitimate senders too.
if !moxvar.Pedantic {
p.space()
}
rawRevPath := p.xrawReversePath()
@ -1426,10 +1426,10 @@ func (c *conn) cmdRcpt(p *parser) {
// ../rfc/5321:1985
p.xtake(" TO:")
// note: no space after colon. ../rfc/5321:1093
// Allow illegal space for submission only, not for regular SMTP. Microsoft Outlook
// 365 Apps for Enterprise sends it.
if c.submission && !moxvar.Pedantic {
// note: no space allowed after colon. ../rfc/5321:1093
// Microsoft Outlook 365 Apps for Enterprise sends it with submission. For delivery
// it is mostly used by spammers, but has been seen with legitimate senders too.
if !moxvar.Pedantic {
p.space()
}
var fpath smtp.Path