develooper Front page | perl.qpsmtpd | Postings from April 2013

I found the future by dredging in the past

Matt Simerson
April 30, 2013 03:23
I found the future by dredging in the past
Message ID:

I found myself wanting to check for clients who are adding illegal whitespace after the MAIL FROM and RCPT TO commands.  Before I started hacking, I did a quick search and found this thread:

Stricter parsing of mail from: and rcpt to:

The gist of the thread is that a number of people were for stricter parsing, a number were against, and nothing happened. A similar exchange was had regarding angle brackets, except that time hooks were added allowing plugins to rewrite the address, adding the missing angle brackets.

For other similar purposes, Qpsmtpd::Command was added, and the ability to substitute ones own parser was added, probably about the same time the parse_addr_withhelo plugin was added. 

But I don't need an entirely new parser. I just want to do something quick and fun like:

   if ( 'from: ' eq lc substr($envelope_header, 0, 6) ) {

After reading the proposed solutions, the one I adopted was storing the unparsed line in a connection note, making it available to plugins that wish to inspect and act upon it.


PS: I find it amusing that 7 or 8 years later, clients inserting that space have a 97+% correlation with infected PCs. Not enough to block based on it, but more than enough to cast suspicious glances.

--- a/lib/Qpsmtpd/
+++ b/lib/Qpsmtpd/
@@ -354,6 +354,7 @@ sub mail {
     $self->log(LOGDEBUG, "full from_parameter: $line");
+    $self->connection->notes('envelope_from', $line);
     $self->run_hooks("mail_parse", $line);
@@ -442,6 +443,7 @@ sub mail_respond {
 sub rcpt {
     my ($self, $line) = @_;
+    $self->connection->notes('envelope_rcpt', $line);
     $self->run_hooks("rcpt_parse", $line);
 } Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About