From: Anthony Howe
Date: 2007-09-23 08:47:53 -0400
Subject: Re: blacklisting domains for milter-link error
More information..: http://www.milter.info/#Support
Anthony wrote after lunch...
> Christian 'CBE' Benner wrote:
>> your test result will be positive 'cause there's a lot of text before.
>> Try to establish a telnet connection on port 25
>> type such thins like
>> ehlo me.com
>> mail from: <firstname.lastname@example.org>
>> rcpt to: <email@example.com>
> OK. Will look into this, but I suspect that because there is no header
> section in the message and that either
> a) sendmail is treating this as a message with an "http:" header and an
> empty message body, so passes the milter a header split into name/value
> parts, ie. "name=http:" value="//test.com", which doesn't as one
> in filterHeader(). I would also suspect such messages do not display
> in Thunderbird or Outlook Depress, so I don't see the utility by the
> spammer in this sort of message, so it might be a bug in their code.
I just tested this and proved case a) applies:
250 mx.snert.net Hello [220.127.116.11], pleased to meet you
250 2.1.0 <firstname.lastname@example.org>... Sender ok
250 2.1.5 <email@example.com>... Recipient ok
354 Enter mail, end with "." on a line by itself
250 2.0.0 l8NCWnZr010843 Message accepted for delivery
and received this:
Received: from zephyr.snert.com ([18.104.22.168])
by mx.snert.net (8.14.1/8.14.1) with SMTP id l8NCWnZr010843
for <firstname.lastname@example.org>; Sun, 23 Sep 2007 14:33:11 +0200 (CEST)
Date: Sun, 23 Sep 2007 14:32:50 +0200 (CEST)
From: Anthony Howe <email@example.com>
X-Scanned-By: milter-spamc/1.11.382.382 (mx.snert.net [22.214.171.124]);
Sun, 23 Sep 2007 14:33:37 +0200
X-Spam-Status: NO, hits=4.40 required=5.00
The message appears as empty in Thunderbird and only by looking at the
message source do you see the URL. I would be inclined to say that this
is not a bug in milter-link, but an unusual abuse of RFC 2822 and how
sendmail work. The reason is that white space between the header
name-colon and value are optional, so sendmail treats it as a header and
gives it to the milter as two variables, name and value.
I don't think there is anything I can really do in this case. Even
"gluing" the name and value strings back together as one and parsing it
for a URI would not be correct. Who's to say that some RFC message
extension hasn't defined an "http:" header, maybe similar to List-URL:
header or what not.
Anthony C Howe Skype: SirWumpus SnertSoft
+33 6 11 89 73 78 ICQ: 7116561 BarricadeMX & Milters
Copyright 2009, 2012 by SnertSoft. All rights reserved.