Package: spfmilter Version: 1.99+0.97-1 Severity: grave Justification: causes data loss and violates a MUST directive of RFC2821
Here's a diff between a two otherwise identical messages (IDs and dates replaced with constants for easy diffing), one with spfmilter disabled, the other with enabled. | --- t3 2008-04-09 09:55:19.000000000 +0100 | +++ t2 2008-04-09 09:55:19.000000000 +0100 | @@ -1,42 +1,39 @@ | From [EMAIL PROTECTED] date | Return-path: <[EMAIL PROTECTED]> | Envelope-to: [EMAIL PROTECTED] | Delivery-date: date | Delivered-To: [EMAIL PROTECTED] | +Received-SPF: none (mail.vicoop.com: [EMAIL PROTECTED] does not designate permitted sender hosts) receiver=mail.vicoop.com; client-ip=70.103.162.29; helo=master.debian.org; [EMAIL PROTECTED]; x-software=spfmilter 0.97 http://www.acme.com/software/spfmilter/ with libspf-unknown; | Received: from mail0.vicoop.com [85.17.210.107] | by beczulka with POP3 (fetchmail-6.3.6) | for <[EMAIL PROTECTED]> (single-drop); date | Received: from master.debian.org (master.debian.org [70.103.162.29]) | by mail.vicoop.com (Postfix) with ESMTP id ID | for <[EMAIL PROTECTED]>; date | -Received: from mail0.vicoop.com ([85.17.210.107] helo=mail.vicoop.com) | - by master.debian.org with esmtp (Exim 4.63) | - (envelope-from <[EMAIL PROTECTED]>) | - id ID | - for [EMAIL PROTECTED]; date | +Received-SPF: pass (mail.vicoop.com: authenticated connection) receiver=mail.vicoop.com; client-ip=82.10.150.33; helo=beczulka; [EMAIL PROTECTED]; x-software=spfmilter 0.97 http://www.acme.com/software/spfmilter/ with libspf-unknown; | Received: from beczulka (cpc2-seve11-0-0-cust544.popl.cable.ntl.com [82.10.150.33]) | (Authenticated sender: [EMAIL PROTECTED]) | by mail.vicoop.com (Postfix) with ESMTP id ID | for <[EMAIL PROTECTED]>; date | Received: from porridge by beczulka with local (Exim 4.63) | (envelope-from <[EMAIL PROTECTED]>) | id ID | for [EMAIL PROTECTED]; date | Date: date | From: Marcin Owsiany <[EMAIL PROTECTED]> | To: [EMAIL PROTECTED] | -Subject: t3 | -Message-ID: <[EMAIL PROTECTED]> | +Subject: t2 | +Message-ID: <[EMAIL PROTECTED]> | MIME-Version: 1.0 | Content-Type: text/plain; charset=us-ascii | Content-Disposition: inline | User-Agent: Mutt/1.5.13 (2006-08-11) | Status: RO | Content-Length: 154 | Lines: 4 | | | -- | Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ | GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 mail0.vicoop.com (which is the host I'm debugging) acted both as a smarthost for beczulka, and as the intermediate destination for the message (subsequently fetched by beczulka). Notice how the "Received" line added by master.debian.org got eaten by mail0. I'm 100% certain that master did send the Received header, because I sniffed the SMTP dialogue. Interestingly, the Received header added by beczulka did NOT get eaten when the message got relayed by mail0 for the first time. This suggests that the header only gets eaten when the status is "none" but not when it's "pass". -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-6b-ovz-686 Locale: LANG=pl_PL.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8) Versions of packages spfmilter depends on: ii adduser 3.102 Add and remove users and groups ii libc6 2.3.6.ds1-13etch5 GNU C Library: Shared libraries ii libmilter0 8.13.8-3 Sendmail Mail Filter API (Milter) ii libspf0 0.999-1.0.0-p3-3 the ANSI C SPF reference library ( spfmilter recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
