https://gitlab.synchro.net/main/sbbs/-/commit/dd121bcf7f0a690659ba5858
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Fix bug introduced in c90ba307 - line endings stripped from rx'd mail

An unrelated optimization (elimination of an unnecessary use of fprintf) resulted in a new bug that combined all lines from SMTP-received mail messages into a single long line, thus breaking all decoding ability of multi-part MIME messages (where blank lines are significant).

Went ahead and replaced some other unnecessary uses of fprintf(), replaces with fputs() while at it.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/acede36f01fcda7c4384c776
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Don't support yields per x lines on SMTP receive

Consume the SMTP lines as fast as possible since the sender may be on the
local network (or even local/loopback interface!) and could get way ahead and timeout otherwise, resulting in the "premature evacuation" error (and dumping of the received message) on the receive side. This resolves an observed issue with sending large attachments to the mail server at very high rates and the sending client timing and disconnecting waiting for a response from the server (which was throttling the receive using YIELD).
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Re: src/sbbs3/mailsrvr.c
By: Rob Swindell to Git commit to main/sbbs/master on Fri Jan 22 2021 06:22 pm

An unrelated optimization (elimination of an unnecessary use of fprintf) resulted in a new bug that combined all lines from SMTP-received mail messages into a single long line, thus breaking all decoding ability of multi-part MIME messages (where blank lines are significant).

Well, that makes perfectly good sense now. I got a couple messages this morning and they were one really long line. Thank you for fixing this. I'll update tonight.

Brian Klauss <-> Dream Master
Caught in a Dream | caughtinadream.com a Synchronet BBS

---
þ Synchronet þ Caught in a Dream - caughtinadream.com

https://gitlab.synchro.net/main/sbbs/-/commit/84009d35bf2f1295a0407699
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Close the mime part even when error opening file

If there was an error opening a file for attachment, the MIME part would be left unterminated.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/93208aa960574b21dd2c5ceb
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Support quoted filenames in message subjects

"Old style" (e.g. FTN netmail) attachments put the filename(s) in the message subject. Supported quoted-filenames in the message subject (i.e. to support filenames with spaces in them) in addition to the traditional space-delimited filenames. Mixing quoted and space-delimited filenames (for multiple attached files) in a single message subject is supported.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/8c28acaba05ac4cb96d245e4
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Fix exception (crash) when sending file attachments

The new subject line parsing (with quoted-filename support) had a NULL-pointer deref built-in.

Also fixed a few Coverity-reported issues.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/27079b332cf5f21ef40fe1da
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Recognize DNB blacklist exempted email addresses in From fields

Previously, any DNS blacklist-exempt email addresses (in ctrl/dnsbl_exempt.cfg) had to be used in the mail-envelope (the "MAIL FROM:" address) - that doesn't work for all senders that use re-mailers or whatever where you end-up with some *bounce* address as the envelope-sender.

So now, clear the DNSBL results when the From header field is parsed and the sender was in fact an exempt sender. Note: the Subject line will still contain the SPAM tag if the subject was parsed first (came earlier in the message header). May need to address this limitation in the future if it turns out to be a problem (!).

Lowercase the [smtp|smtps]spy.txt log file.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/e9329f6cdac406bf079f4347
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Correct the parse_mail_address() argument order

Issue introduced in previous commit to this file. The name arg(s) comes before the address arg(s).
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/427e1cb4f8a502955459b0f9
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Don't send default MIME Content-type for msgs with attachments

The file attachments, when MIME-encoded, already include a MIME Content-type header field, so don't send another. This should fix issue #233.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/c21d535dc7b127e029c0203a
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Fix observed crashes at end of pop3_thread() and smtp_thread()

"startup" was being deref'd after the caller free'd it because these thread functions were calling thread_down() before calling mail_close_socket(), which deref's startup which was subject to a race condition.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/02448be248a5393ec95d4eaa
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
When logging sender address forgeries, log the address being forged

Helpful for debugging issues with this forgery detection logic (if there are any).
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/56bc209648a1a198b6973384
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Don't allow unauthenticated DNS-blacklisted clients to post on subs

Eliminate some of the infrequent SPAM posts to the SYNCPROG conference. Maybe make this behavior configurable?
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/3c55d333a2103630ec874457
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Include twit-listed sender name in quotes in log message

Since mail server log messages have their white-space condensed, it was not obvious why some sender's name would match a twitlist.cfg line that filters names beginning with a space: "\ *" because the initial space of the sender's name was condensed/combined with space before it in the log message.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/82da48b3887373503a3ee17c
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
If SMTP-transmit-relay is enabled by no relay server, disable

log an error message and disable the transmit-relay in this detected-misconfiguration case.

Fixes issue #315 reported by Nelgin.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/427599b46e19dc809a5fb268
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Fix compile issue in previous commit. <blush>
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/bff956a191a7427dc0acafe4
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Fix host name or IP address-based smtpspy.txt logging

Caught by Coverity-scan (use of uninitialized variable, 'str') :-)
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/304f72934c3e401e7cc92ea8
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Fix issue with smtpspy-listed names added in previous commit

p (which is used after this) points into 'str', so we can't use 'str' as a temporary variable here.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/ce90be9ea7fcacddfd60628c
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Fix corrupted RFC822 msg headers when a header field was > 1024 chars

When sending an SMB message header via SMTP or POP3, some header fields (lines) could potentially be longer than 1024 and yet sockprintf() was limited to sending 1024 bytes (actually 1022 plus CRLF). This could result in some messages not being sent correctly: header field truncated, not CRLR-terminated, and notably resulting in MIME message contents not being decoded properly in a message viewer/reader. Example (Content-Type is part of the previous header field/line):
x-ms-exchange-antispam-messagedata-0:
=?us-ascii?Q?cm9T1Q9G65VC/lKTTqhODKhy5lHT2y6WWMb/WyvJ+EeGEwYmY7ILhzE3yfNM?=
=?us-ascii?Q?KeFWN9T/PqHBya1plKf/sHgaw0iRmI7Hq+u9Dp4bG8OqdniKQlK+Aa27oXMd?=
=?us-ascii?Q?Hly6OEYaSu7jbhGGY89LF0gyRVqquqxkaMfpKvG+h4cQnnu4Tl8YAKeE39a2?=
=?us-ascii?Q?lHW3372ulmb9jvvZU72J2RtZYkuoIr+Wsqhfyuj39wTZ/+C4qKCsYrmTxrki?=
=?us-ascii?Q?fBZ4gMPzWkrcWAr7zPcXBg8bphJJB8VJFUjQyksA3EG4dtH8+TZeEcNNBmHf?=
=?us-ascii?Q?oCGnV9wHr9HszzrSkkZ2GGyh3QZLHAVDNe7wDXSy7HJttZugf9kNqKGeaYQL?=
=?us-ascii?Q?TpljH1aHPe7MiSP9Dmp/xHQ/DWQOZDx5guNS+iMciMt5p5ad+SkQye0hWRhd?=
=?us-ascii?Q?usHvpllclzIee6lxJ0VSPAzHGlAOhtOolrHdDB2ODjvkEzU7L2Fj2f5x7p9q?=
=?us-ascii?Q?9d6sUgSz7vZVx8yyR3KPq3jIX0QUnl0xr2Mix9xcmMNcg0yFLPcznqBdLVa8?=
=?us-ascii?Q?IC7j0+8oy4BjYxr8Z3elxMC2JKq13gPYgR95cwm6hMDiZbMB4EW/J1uJhD/I?=
=?us-ascii?Q?RIIqTZ+Ywt8nKOfXj6/a9Aauf0wN71QKKA+in7KY9oksIhkUGvWOrtJwkVDL?=
=?us-ascii?Q?Q2UFrBBJyQHJgumj5Y+bG8FDk/55IfyV9XYEcsdLL4bCF+HX4QPHZCw4P+li?=
=?us-ascii?Q?bRvN+UxOO8hgXVkgB1q8mNJ62yQuaj0AContent-Type: multipart/alternative;
boundary="_000_SN6PR07MB454477F4C32C66D48BA0B02187A09SN6PR07MB4544namp_"

Solved by using asprintf() instead of snprintf() for dynamic string formatting and allocation in one go. Using realloc() to expand the buffer for the appended/required CRLF.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/b19288125fb9470836cf50af
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Reject SMTP session from any client that sends illegally-long lines

Log a warning message and send a "500 Line too long" before disconnecting any SMTP client that sends lines > 998 characters in length. Technically, we can handle lines up to 1023 characters, but then we could get out of sync with the client if it sends exactly 1023 chars and then a new-line char (which we would interpret as a blank line, separating the message header and body) - so just punt the client who doesn't obey the rules of the protocol.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/7611f92f4057dae1dd11878a
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Resolve new GCC printf-format warning in new log message text
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/4c6cc08369da690cae967264
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Handle illegally-long received SMTP lines better

SMTP commands have a shorter limit (510 versus 998) and the body text line limit needed to account for dot-stuffing.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/2852540e7b592e32195f03b8
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Fix false FORGED mail header 'FROM' field detection/rejection

Pretty much any From field that contains an '@' in the username portion
was subject to comparison to the full email address, but clearly some of
these rejected emails were not forge attempts:

'Chris @ StubHub' vs 'events@mail.stubhub.com'
'Eric S. Raymond (@esr)' vs 'gitlab@mg.gitlab.com'

Fixed by requiring that the sender name is actually a well-formed Internet email address using smb_netaddr_type(), which was also recently improved to
be more accurate.

Unrelated change: include reverse-path (email address for bounces) in ILLEGALLY-LONG body and header line log messages (usually SPAM from what
I can tell).
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/0f4325eece0e65872ce008c9
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Publish SMTP[S] user authentications to the action/login/PROTOCOL topic
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/fb11866c6dadbd6a8d861b77
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Fix potential NULL pointer deref in rblchk(), observed via segfault lately

I'm not sure why this one only started popping up now, but h_addr_list is a NULL-terminated list and it makes perfect sense that the first entry could
be the NULL-terminator.

gethostbyname is obsolete/deprecated and we should address that in a separate commit.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/1f7cd77aef826d3256ae4e2e
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Check return value of fread()
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/5564eb67e84e55e8a6dcbb0e
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
MIME-encode words that contain non-ASCII values in text header fields

(e.g. to, from, subject) ... when transmitting to other hosts (e.g. POP3 clients or other SMTP hosts).

For messages that contain CP437 or UTF-8 chars in these fields and were *not* imported into the BBS via SMTP or POP3, these header fields would be transmitted to other hosts with the raw CP437 or UTF-8 chars, thus violating POP3 and SMTP protocols and likely resulting in garbage displayed in message readers.

The fix is to encode (using MIME "encoded words", per RFC 2407) where necessary.

Since moderm mail clients (e.g. Thunderbird) don't see to support CP437
charset in MIME encoded header fields, always translate to UTF-8 first.

We probably should be translating message body text to UTF-8 as well, for maximum compatibilty with modern mail readers, but this commit doesn't address body text issues with CP437-encoded content. That'll come later.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net