[Bug 253759] sendmail does not quote GECOS information for From header

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 15 Apr 2024 17:14:03 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253759

--- Comment #2 from Michael Osipov <michaelo@FreeBSD.org> ---
As it turns out to:
$ grep -ri -e MustQuoteChars -e MUST_QUOTE_CHARS .
./KNOWNBUGS:  If a full name phrase includes characters from MustQuoteChars,
sendmail
./KNOWNBUGS:  will quote the entire full name phrase.  If MustQuoteChars
includes
./KNOWNBUGS:  MustQuoteChars even though it is not listed as a special
character in
./RELEASE_NOTES:        DOC: Note to set MustQuoteChars=. due to DKIM
signatures.
./RELEASE_NOTES:                confALLOW_BOGUS_HELO, and confMUST_QUOTE_CHARS
for
./RELEASE_NOTES:                MustQuoteChars respectively.
./RELEASE_NOTES:        Add MustQuoteChars option.  This is a list of
characters that must
./cf/README:confMUST_QUOTE_CHARS        MustQuoteChars  [.'] Characters to be
quoted in a full
./cf/cf/submit.cf:#O MustQuoteChars=.
./cf/m4/proto.m4:_OPTION(MustQuoteChars, `confMUST_QUOTE_CHARS', `.')
./doc/op/op.me:.ip MustQuoteChars=\fIs\fP
./doc/op/op.me:O MustQuoteChars=.
./src/conf.c:   MustQuoteChars = "@,;:\\()[].'";
./src/headers.c:                if (strchr(MustQuoteChars, c) != NULL)
./src/readcf.c: { "MustQuoteChars",             O_MUSTQUOTE,    OI_NONE },
./src/readcf.c:                                      "Warning: MustQuoteChars
too long, ignored.\n");
./src/readcf.c:         MustQuoteChars = newstr(buf);
./src/sendmail.h:EXTERN char    *MustQuoteChars;        /* quote these
characters in phrases */
./src/util.c:** XXX: This may be a problem for EAI? MustQuoteChars is used.
./src/util.c:                            strchr(MustQuoteChars, *c) != NULL)

sendmail does include a sensible default in C, but it is overridden in
./cf/m4/proto.m4, thus disabling it.

You have to modify your mc file:
define(`confMUST_QUOTE_CHARS', `@,;:\()[].<>')
to get back RFC compliant behavior with 3.2.3 specials production.

Personally, I don't understand that since I expect by default compliant
behavior. I still consider it as a bug in the default installation.

-- 
You are receiving this mail because:
You are the assignee for the bug.