"Eric Thomas (CERN/L3)" <ERIC@LEPICS>
Tue, 9 Aug 88 12:32:57 GMT
|
The MFEGATE issue allowed me to discover a number of problems in the current
LSVXMAIL code:
1. LISTSERV *does*, in principle, support HT characters in RFC822 headers
(well if you can assume that X'05' is the equivalent of a HT). They get
converted to blanks by LSV822IN. However, in the case of FAL mail, ie
RFC822 mail with a filetype of NOTE, the first line in the mailfile was
compared to 'RECEIVED:' (case ignored) in an attempt to determine what is
pure IBM NOTE and what is FAL mail. This test didn't translate HT's, so
that mail items could occasionally be treated as IBM NOTE --> error.
2. There was an error in the handling of FAL mail, due to the fact that the
filetype was left as 'NOTE' after the mailfile was recognized to be RFC822.
This caused the wrong path to be taken in a further series of test, and the
message 'File origin inconsistent with "Sender:" or "From:"' was sent to
the NJE origin of the file, which normally happens ONLY with IBM NOTE
format (otherwise the notification is sent to the 'From:' field - the NJE
origin is supposed to be a mailer in the RFC822 case). It is of course
silly to notify the mailer of this error.
3. I have modified LISTSERV so that all the gateway id's listed in DOMAIN
NAMES are treated as 'trusted' userids. This means that if your FAL gateway
is listed in DOMAIN NAMES, it will now be able to mail to lists and even
submit commands to LISTSERV normally.
4. In the MFEGATE affair, the 'From:' field of error messages points to
GATEMAN@ANLVMS, which is not the gateway userid and is therefore not
considered 'suspicious'. Prior to 15N2, FAL mail was not recognized and the
file was considered an IBM NOTE --> origin was MFEGATE@ANLVMS (NJE origin)
--> the file was considered suspicious.
I have sent the fix to John Halperin and Tony Monteiro for testing (LSVXMAIL
and LSVRDR - John already got LSVRDR so I didn't resend it). Tony: please add
a dummy entry for your local SMTPSERV in DOMAIN NAMES to check that the code
works. We might wish to eventually register all SMTP gateways in DOMAIN NAMES,
just for the authorization check.
Eric
|
|
|