I found myself wanting to check for clients who are adding illegal whitespace after the MAIL FROM and RCPT TO commands. Before I started hacking, I did a quick search and found this thread:
Stricter parsing of mail from: and rcpt to:
http://grokbase.com/t/perl/qpsmtpd/04cmjwqh9p/stricter-parsing-of-mail-from-and-rcpt-to/oldest
The gist of the thread is that a number of people were for stricter parsing, a number were against, and nothing happened. A similar exchange was had regarding angle brackets, except that time hooks were added allowing plugins to rewrite the address, adding the missing angle brackets.
For other similar purposes, Qpsmtpd::Command was added, and the ability to substitute ones own parser was added, probably about the same time the parse_addr_withhelo plugin was added.
But I don't need an entirely new parser. I just want to do something quick and fun like:
if ( 'from: ' eq lc substr($envelope_header, 0, 6) ) {
$self->adjust_karma(-1);
};
After reading the proposed solutions, the one I adopted was storing the unparsed line in a connection note, making it available to plugins that wish to inspect and act upon it.
Matt
PS: I find it amusing that 7 or 8 years later, clients inserting that space have a 97+% correlation with infected PCs. Not enough to block based on it, but more than enough to cast suspicious glances.
--- a/lib/Qpsmtpd/SMTP.pm
+++ b/lib/Qpsmtpd/SMTP.pm
@@ -354,6 +354,7 @@ sub mail {
}
$self->log(LOGDEBUG, "full from_parameter: $line");
+ $self->connection->notes('envelope_from', $line);
$self->run_hooks("mail_parse", $line);
}
@@ -442,6 +443,7 @@ sub mail_respond {
sub rcpt {
my ($self, $line) = @_;
+ $self->connection->notes('envelope_rcpt', $line);
$self->run_hooks("rcpt_parse", $line);
}