src/sbbs3 mailsrvr.c 1.685 1.686
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv26532

Modified Files:
mailsrvr.c
Log Message:
RFC822 "To" fields can contain multiple names/addresses, so can't use
strrchr() here to find terminating chars (quotes, parens, brackets).
e.g. '"Joe Shmoe" <joe@shmoe.com>, "Fred Smith" <fred@smith.org>'
would be parsed as 'Joe Shmoe" <joe@shmoe.com>, "Fred Smith'.



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

src/sbbs3 mailsrvr.c 1.686 1.687
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv28297

Modified Files:
mailsrvr.c
Log Message:
Parse the *first* email address found in "To" header fields, not the last.



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

src/sbbs3 mailsrvr.c 1.687 1.688
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv16891

Modified Files:
mailsrvr.c
Log Message:
Set the (new) MIMEATTACH auxattr flag when receiving mail messages that contain MIME-encoded/embedded attachments.
We probably will want to do this for SMTP-posted messages (to subs) too.



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

src/sbbs3 mailsrvr.c 1.689 1.690
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv8474

Modified Files:
mailsrvr.c
Log Message:
Actually store the SMTP forward-path of received mail messages in the message headers



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

src/sbbs3 mailsrvr.c 1.690 1.691
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/home/rswindell/sbbs/src/sbbs3

Modified Files:
mailsrvr.c
Log Message:
Fix GCC warning: pointer targets in assignment differ in signedness



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

src/sbbs3 mailsrvr.c 1.691 1.692
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv1989

Modified Files:
mailsrvr.c
Log Message:
Bug-fix: if the forward-path is in "<address>" notation, don't include the angle brackets in the "RCPT TO" command sent to the SMTP server. This is an old bug but now appears because we are now (recently) actually storing the SMTP forward-path in the message header.




---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

src/sbbs3 mailsrvr.c 1.692 1.693
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv4314

Modified Files:
mailsrvr.c
Log Message:
Don't auto-exempt "<<address>>", just "<address>"



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

src/sbbs3 mailsrvr.c 1.694 1.695
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv27392

Modified Files:
mailsrvr.c
Log Message:
Set the MSG_SENT netattr attribute flag after sending an email via SMTP but after sending via POP3 (the MSG_READ attribute flag is already indicating that).


---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

src/sbbs3 mailsrvr.c 1.695 1.696
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv5274

Modified Files:
mailsrvr.c
Log Message:
Fix most likely cause of new crashes seen in mailsrvr, calls to smb_freemsgmem():
bounce() is using a strange method of copying a message header in memory
(not using smb_copymsgmem) and when it frees the message, ends up with a double-free of the 2 new smbmsg_t members (not header fields): text_subtype
and text_charset.



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

src/sbbs3 mailsrvr.c 1.696 1.697
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv8254

Modified Files:
mailsrvr.c
Log Message:
Don't read the spamblock.cfg unnecessarily:
We don't store (findable) hostnames in the file, so don't search for them. Don't search file if the host is listed in the spamblock_exempt.cfg file.
If you have a really large spamblock.cfg file, this could result in the unnecessary reading of potential many megabytes of data for each inbound
SMTP connection. We might want to read this file even less frequently and
store the list in a searchable str_list_t or something.



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

src/sbbs3 mailsrvr.c 1.698 1.699
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv14834

Modified Files:
mailsrvr.c
Log Message:
MIME-encoded headers (header field values with RFC 2047 "encoded-words") are getting kind of crazy common now and being employed even when totally unnecessary (e.g. encoding strings that contain just plain ASCII):
- normalize message header fields, when possible
- normalize UTF-8 encoded characters, when possible (e.g. special punctuation
chars)

This allows text filters (e.g. subject.can, name.can) to work on MIME-encoded header fields and notifications about received e-mails are legible to humans.

Encoded-words that contain actual non-ASCII/CP437 chars (e.g. foreign symbols, emojis) are left as encoded-words to be dealt with by whatever displays the message header.

Special handling of folded normalized field values was necessary because
"White space between adjacent 'encoded-word's is not displayed." (per RFC 2047)


---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

src/sbbs3 mailsrvr.c 1.699 1.700
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/home/rswindell/sbbs/src/sbbs3

Modified Files:
mailsrvr.c
Log Message:
Fix warnings from GCC.



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

src/sbbs3 mailsrvr.c 1.700 1.701
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/home/rswindell/sbbs/src/sbbs3

Modified Files:
mailsrvr.c
Log Message:
Translate UTF-8 "horizontal ellipsis" to 3 ASCII '.'s when normalizing MIME-encoded headers.



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

src/sbbs3 mailsrvr.c 1.701 1.702
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv26117

Modified Files:
mailsrvr.c
Log Message:
Moved normalize_utf8() to src/enocde/utf8.c: utf8_normalize_str().



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

src/sbbs3 mailsrvr.c 1.702 1.703
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/home/rswindell/sbbs/src/sbbs3

Modified Files:
mailsrvr.c
Log Message:
Fix GCC warning about signedness.



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

src/sbbs3 mailsrvr.c 1.703 1.704
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv5185

Modified Files:
mailsrvr.c
Log Message:
Double the size of the tmp buffer in parse_mail_address() (from 128 to 256 chars) so that massize MIME encoded header fields can be parsed successfull. :-|



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

src/sbbs3 mailsrvr.c 1.705 1.706
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv28008

Modified Files:
mailsrvr.c
Log Message:
Use new smb_msg_is_utf8() to set default MIME content-type charset to UTF-8 (e.g. for UTF-8 Fido or QWK netmail messages sent over SMTP or POP3).



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

src/sbbs3 mailsrvr.c 1.706 1.707
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv17512

Modified Files:
mailsrvr.c
Log Message:
Use the RFC822* header fields, only when the actual header fields are MIME-encoded.
If any RFC822* header field is a MIME-encoded UTF-8 string, then set the
(new) auxattr MSG_HFIELDS_UTF8 flag. This will be used (soon, hopefully) to display UTF-8 encoded header fields to users. There's a gotchas here:
- MIME-encoded header fields with other non-ASCII/8-bit charsets (e.g. CP437,
ISO-8859) are still stored "as decoded", though the MSG_HFIELDS_UTF8 flag
may be set *later* (which would be weird), resulting in a mixture of valid
and invalid UTF-8 header fields. One solution would be to UTF-8-transcode all
the non-UTF-8 header fields if *any* of them are UTF-8, but we wouldn't
know which charset to translate *from*. Assuming CP437 isn't going to be
correct 100% of the time - so punt for now and deal with it at display
time. e.g. if the MSG_HFIELD_UTF8 auxattr flag is set, but an hfield contains
invalid UTF-8 data, don't display as UTF-8 (e.g. treat as CP437). We don't
have translations for other charsets (e.g. ISO-8859) setup yet anyway.



---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

src/sbbs3 mailsrvr.c 1.707 1.708
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/home/rswindell/sbbs/src/sbbs3

Modified Files:
mailsrvr.c
Log Message:
Resolve GCC warnings:
pointer type mismatch in conditional expression
format '%s' expects argument of type 'char *', but argument 5 has type 'void *'




---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/a35cb08fb0a5f69bbe11f010
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Better resource (e.g. client thread) management

My mail server was suddenly and inexplicably creating thousands of SMTPS
client threads, each with a unique remote IP address, and each eventually failing with the rather obscure log message (from cryptlib):
dbg 'Cannot read item from object' (-41) setting session active

Eventually (after not long, really), the server would run out of resources
and fail in weird and wonderful ways (can't malloc, can't create JS runtime
or context, etc.). The max_clients limit (100, as I have it set) wasn't being effectively-imposed on SMTPS connections.

The root-cause: the active_clients (counter) wasn't incremented until *after* the cryptlib/TLS setup for SMTPS connections and SMTPS/TLS connections can
take a long time to fail, resulting in a vulnerability to an effective denial of service attack.

Raise the minimum severity of all cryptlib/TLS log messages from Debug to
Info.

Create wrappers for smtp_thread() [now smtp_client_thread()] and pop3_thread [now pop3_client_thread()] that handle basic resource management (thread counters, active client counters, the client socket).

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/7d9c8624f7d9c5e0fd1cd5a7
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Fix extra decrement of active_clients (added in previous commit)

And fix some use of CRYPT_UNUSED instead of cryptlib session ID.

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/f43e852a170d27afdf6e33a4
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
SMTP mail server wasn't RFC 4954 compliant for "AUTH PLAIN" logins

The base64-encoded credentials can either be supplied with the AUTH PLAIN command or in response to a 334 server-challenge. We only supported the
former form and logged a warning ("Missing AUTH PLAIN argument") when we received the latter. No warning is logged now and the appropriate server-challege is sent and the response accepted and base64-decoded and
parsed as before.

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/952a25f17aa96355e4c92e95
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
More commonization of "CLIENT BLOCKED" log messages

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/62b866c243d9a8201c55b6fa
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
If cryptInit() fails, just disable TLS support

But continue initializing/running for other non-TLS protocol support.

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/fa5ae01239d3488112dae489
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Some more printf formats... mostly off_t but also a size_t and an time_t

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/76055e3d35e795f4ceeefb0e
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Add missing header?

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/f44997570fb796b34f99285f
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Aha! XP_PRIsize_t is a *size*, not a *type*.

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/aaa82ca4c9a5aac286603272
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Oh damn, this is an off_t + size_t + 1... talk about the wild west of types!

Both long long and long are reasonable for some mixes of platforms.

Just punt, cast the whole thing to int64_t, and forget about it.

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/5cc3767eb1d56bb0db294f86
Modified Files:
src/sbbs3/mailsrvr.c
Log Message:
Use fnopen() for auto-retry when opening dnsbl_exempt.cfg for append

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net