Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ESMTP args truncated in RCPT TO stage #15

Closed
hxdmp opened this issue Oct 5, 2023 · 3 comments · Fixed by #16
Closed

ESMTP args truncated in RCPT TO stage #15

hxdmp opened this issue Oct 5, 2023 · 3 comments · Fixed by #16

Comments

@hxdmp
Copy link

hxdmp commented Oct 5, 2023

I'm using this library to build a Milter server connected to a Postfix instance. Doing that, I noticed that the esmtpArgs parameter at the RCPT TO stage is truncated. Precisely, only one substring after the first \0 byte is respected, althought there might be multiple ones. One example where this can happen is when the client requests a DSN (https://www.rfc-editor.org/rfc/rfc3461.html#section-4.1). But other cases are possible, see: https://www.rfc-editor.org/rfc/rfc3461.html#section-10.1

Let me explain this whole thing with an example to make it clearer.

  1. Spin up a basic Milter server with the following RCPT TO hook:
func (m *myMilter) RcptTo(rcptTo, esmtpArgs string, _ *milter.Modifier) (*milter.Response, error) {
    fmt.Printf("RCPT TO: %q; esmtpArgs: %q\n", rcptTo, esmtpArgs)
    return milter.RespContinue, nil
}
  1. Submit the following (valid) RCPT TO command to your mail server:
RCPT TO: <test@example.com> NOTIFY=SUCCESS ORCPT=rfc822;test@anotherexample.com
  1. The following is received by the Milter and printed to the console:
RCPT TO: "test@example.com"; esmtpArgs: "NOTIFY=SUCCESS"
  1. Inspecting the raw bytes, one can see that there was actually more data:
"test@example.com\x00NOTIFY=SUCCESS\x00ORCPT=rfc822;test@anotherexample.com\x00"

Conclusion

This behavior is probably caused by the following code:
https://github.com/d--j/go-milter/blob/30d4d62396d57db43116e28f8bb5c5b61ecf2478/session.go#L224C1-L224C1

Maybe it's already sufficient to replace all occurrences of 0x00 after the email address with a space and pass that to the Milter interface implementation. As this is not a real C string, there should be no harm in doing so (we don't need a zero-terminator).

I'm waiting for your feedback before starting to implement it.
@d--j
Copy link
Owner

d--j commented Oct 5, 2023

Hi @hxdmp

thanks for poiting that out. I was under the impression that Postfix/Sendmail passes in all values as space seperated second string.

Your proposed solution sounds good to me. One can use DecodeCStrings to get a string slice and join it with space.

The MAIL ESMTP args need the same handling.

@hxdmp
Copy link
Author

hxdmp commented Oct 5, 2023

Thanks for that very fast response! I'll implement that and open a pull request.

hxdmp added a commit to hxdmp/go-milter that referenced this issue Oct 5, 2023
@hxdmp
fix d--j#15: correctly parse esmtp args on MAIL and RCPT
6b84246
@hxdmp
Copy link
Author

hxdmp commented Oct 5, 2023

I created #16 to fix this for both instances. Due to the implementation of DecodeCStrings, the trailing zero-byte in the input data is omitted - in other words: There is no trailing space.

@d--j d--j linked a pull request Oct 5, 2023 that will close this issue
fix #15: correctly parse esmtp args on MAIL and RCPT #16
Merged
@d--j d--j closed this as completed in #16 Oct 5, 2023
d--j added a commit that referenced this issue Oct 5, 2023
@d--j
Merge pull request #16 from hxdmp/main
6cc737f 
fix #15: correctly parse esmtp args on MAIL and RCPT
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix #15: correctly parse esmtp args on MAIL and RCPT hxdmp/go-milter
2 participants
@d--j @hxdmp