[Mailman-Developers] [ mailman-Bugs-634737 ] <CRLF>.<CRLF> in message body

noreply@sourceforge.net noreply@sourceforge.net
Thu Nov 7 20:41:55 2002 

Bugs item #634737, was opened at 2002-11-06 19:05
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=100103&aid=634737&group_id=103

Category: mail delivery
Group: 2.0.x
>Status: Closed
>Resolution: Wont Fix
Priority: 5
Submitted By: Luca De Santis (lucadex)
Assigned to: Nobody/Anonymous (nobody)
Summary: <CRLF>.<CRLF> in message body

Initial Comment:
I looked in the bugs archive but couldn't find anything similar 
reported, so I write down something about it, hoping it could be of 
any help.

I experienced a problem with Mailman 2.0.11 when a mail posted 
to the list contained the sequence <CRLF>.<CRLF> (eg. \n.\n) in 
the middle of the message body.

This is the normal char sequence used to indicate the end of the 
body message (cfr RFC821).

In my Mailman installation I use Sendmail for the actual delivery. 
If a similar message was sent to the list, the qrunner script 
crashed and I found the following errors in the log:
Nov 06 02:05:02 2002 (16085) Delivery exception: [Errno 32] 
Broken pipe
Nov 06 02:05:02 2002 (16085) Traceback (innermost last):
  File "/home/mailman/Mailman/Handlers/HandlerAPI.py", line 82, 
in do_pipeline
    func(mlist, msg, msgdata)
  File "/home/mailman/Mailman/Handlers/Sendmail.py", line 86, in 
process
    fp.write(msgtext)
IOError: [Errno 32] Broken pipe

It seems like the <CRLF>.<CRLF> in the body of the message 
was interpreted as the end of the message by Sendmail, so it 
closed the pipe causing the errors above.

All the subscrivers of the list received only the portion of the mail 
just before the  <CRLF>.<CRLF>.

Now, since the message was not removed from the qfiles 
directory, it was resent over and over again to the list.
 
To solve the problem I patched the Handlers/Sendmail.py script 
adding the following function:

def cleanPeriod(str):
    pattern = re.compile(r"^\.$(.+)", re.DOTALL|re.MULTILINE)
    return (pattern.sub(r'. \1', str))

and changing line 80 from:
    msgtext = str(msg)
to
    msgtext = cleanPeriod(str(msg))



----------------------------------------------------------------------

>Comment By: Barry A. Warsaw (bwarsaw)
Date: 2002-11-07 15:41

Message:
Logged In: YES 
user_id=12800

Please note that Sendmail.py is not safe to use.  Is there
some reason why you can't switch to SMTPDeliver.py?  Also,
in MM2.1, Sendmail.py is deliberately sabotaged so you can't
use it unless you hack the source (and acknowledge the
security holes).

----------------------------------------------------------------------

Comment By: Greg Ward (gward)
Date: 2002-11-07 12:27

Message:
Logged In: YES 
user_id=14422

A possibly cleaner fix is to run sendmail with the "-oi"
switch.  I'm not
sure if all MTAs recognize this, but I think at least
Sendmail proper and Exim do.  Here's what Exim's man page
has to say:

       -oi    This option, which has the same effect as -i,
spec­
              ifies  that  a  dot  on a line by itself
should not
              terminate an incoming, non-SMTP message.  
This  is
              the default if Exim is called as rmail.

So maybe "-i" is the portable way to specify this option?

I wonder how Mailman handles such messages when SMTP is used?


----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=100103&aid=634737&group_id=103

More information about the Mailman-Developers mailing list