aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--NEWS1
-rw-r--r--driver.c22
-rw-r--r--fetchmail.man4
3 files changed, 23 insertions, 4 deletions
diff --git a/NEWS b/NEWS
index 1559a766..3799c937 100644
--- a/NEWS
+++ b/NEWS
@@ -9,6 +9,7 @@
* GCC warning cleanups from ahaas@neosoft.com.
* Plug another hole that was letting zombies through.
* SA_RESDTART portability fix for SunOS.
+* Ignore Sender and Resent-Sender headers unless they contain @.
fetchmail-5.8.2 (Tue May 8 17:07:53 EDT 2001), 20481 lines:
diff --git a/driver.c b/driver.c
index 4038b484..11338f77 100644
--- a/driver.c
+++ b/driver.c
@@ -760,9 +760,27 @@ static int readheaders(int sock,
resent_from_offs = (line - msgblk.headers);
else if (!strncasecmp("Apparently-From:", line, 16))
app_from_offs = (line - msgblk.headers);
- else if (!strncasecmp("Sender:", line, 7))
+ /*
+ * Netscape 4.7 puts "Sender: zap" in mail headers. Perverse...
+ *
+ * But a literal reading of RFC822 sec. 4.4.2 supports the idea
+ * that Sender: *doesn't* have to be a working email address.
+ *
+ * The definition of the Sender header in RFC822 says, in
+ * part, "The Sender mailbox specification includes a word
+ * sequence which must correspond to a specific agent (i.e., a
+ * human user or a computer program) rather than a standard
+ * address." That implies that the contents of the Sender
+ * field don't need to be a legal email address at all So
+ * ignore any Sender or Resent-Semnder lines unless they
+ * contain @.
+ *
+ * (RFC2822 says the condents of Sender must be a valid mailbox
+ * address, which is also what RFC822 4.4.4 implies.)
+ */
+ else if (!strncasecmp("Sender:", line, 7) && strchr(line, '@'))
sender_offs = (line - msgblk.headers);
- else if (!strncasecmp("Resent-Sender:", line, 14))
+ else if (!strncasecmp("Resent-Sender:", line, 14) && strchr(line, '@'))
resent_sender_offs = (line - msgblk.headers);
#ifdef __UNUSED__
diff --git a/fetchmail.man b/fetchmail.man
index ad6ab70f..cc7e46a2 100644
--- a/fetchmail.man
+++ b/fetchmail.man
@@ -1633,8 +1633,8 @@ When trying to determine the originating address of a message,
fetchmail looks through headers in the following order:
Return-Path:
- Resent-Sender:
- Sender:
+ Resent-Sender: (ignored if it doesn't contain an @)
+ Sender: (ignored if it doesn't contain an @)
Resent-From:
From:
Reply-To:
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-22 11:24:35 +0000