Email
Exim 的 !verify = header_syntax ACL 項目拒絕了帶有 RFC 2047 編碼的 From/To 標頭的郵件是否合法?
最近的 Exim 升級將此添加到預設
acl_smtp_data
ACL:.ifndef NO_CHECK_DATA_VERIFY_HEADER_SYNTAX deny !acl = acl_local_deny_exceptions !verify = header_syntax message = header syntax log_message = header syntax ($acl_verify_message) .endif
這會導致某些消息被拒絕。例如,垃圾郵件中的以下標頭:
2020-03-02 09:22:48 1j8hHk-0000gS-3Y H=(static-181-143-69-27.une.net.co) [181.143.69.27] F=<Danika@une.net.co> rejected after DATA: header syntax (unqualified address not permitted: failing address in "From:" header is: =?utf-8?B?IkRhbmlrYSIgPERhbmlrYUB1bmUubmV0LmNvPg==?=): unqualified address not permitted: failing address in "From:" header is: =?utf-8?B?IkRhbmlrYSIgPERhbmlrYUB1bmUubmV0LmNvPg==?=
解碼有問題的標頭,我們得到:
00000000 22 58 69 6d 65 6e 61 22 20 3c 58 69 6d 65 6e 61 |"Ximena" <Ximena| 00000010 40 76 69 6c 2e 63 6f 6d 2e 75 61 3e |@vil.com.ua>| 0000001c
From
在我看來,這對於標題來說是一個非常好的價值。我是否冒著使用 拒絕合法郵件的風險
verify = header_syntax
,或者上面的標題是否無效並且可以安全拒絕?
深入研究 RFC 2047:
5. Use of encoded-words in message headers An 'encoded-word' may appear in a message header or body part header according to the following rules: [...] (3) As a replacement for a 'word' entity within a 'phrase', for example, one that precedes an address in a From, To, or Cc header. The ABNF definition for 'phrase' from RFC 822 thus becomes: phrase = 1*( encoded-word / word ) [...] These are the ONLY locations where an 'encoded-word' may appear. In particular: + An 'encoded-word' MUST NOT appear in any portion of an 'addr-spec'.
似乎 an
encoded-word
可以用於標題中地址之前的文本,但不能用於地址本身。因此使用 是安全的verify = header_syntax
,只要我們假設合法郵件不會包含違反 RFC 2047 的標頭,即通過將地址偷偷帶入標頭的編碼部分。另一方面…… RFC 6854呢?這允許標題,例如:
From: Automated System:;
公平地說,RFC 還說此語法“僅用於有限使用”(“僅適用於有限或獨特的情況”,例如,根據RFC 2026進行實驗)。所以我不會因此而失眠!