[milters] Archive

Lists Index Date Thread Search

Article: 1724
From: Anthony Howe
Date: 2007-09-23 08:11:45 -0400
Subject: Re: blacklisting domains for milter-link error

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

Christian 'CBE' Benner wrote:
> your test result will be positive 'cause there's a lot of text before.
> Try to establish a telnet connection on port 25
> type  such thins like
> 
> 
> 
> ehlo me.com
> mail from: <test@test.com>
> rcpt to: <your_address@here.com>
> data
> http://test.com
> .

OK. Will look into this, but I suspect that because there is no header 
section in the message and that either

a) sendmail is treating this as a message with an "http:" header and an 
empty message body, so passes the milter a header split into name/value 
parts, ie. "name=http:" value="//test.com", which doesn't as one
expects 
in filterHeader(). I would also suspect such messages do not display
in Thunderbird or Outlook Depress, so I don't see the utility by the 
spammer in this sort of message, so it might be a bug in their code.

b) or sendmail passes the single line as a message body without headers 
and that there is a state transition problem in the milter.

I suspect it is more likely a) rather than b). I will look at it this week.

-- 
Anthony C Howe          Skype: SirWumpus                    SnertSoft
+33 6 11 89 73 78         ICQ: 7116561          BarricadeMX & Milters
http://www.snert.com/                 
     http://www.snertsoft.com/

Lists Index Date Thread Search