BUG in SG (Was: Some Providers reveal your REAL address)

Discussion re sg development. You don't have to be a developer.

BUG in SG (Was: Some Providers reveal your REAL address)

Postby Skeeve » Thu Dec 08, 2005 9:12 am

Hi!

I just noticed that my provider is inserting 2 header lines which reveal my real mail address. Can spamgourmet do something about it? The headers are:

X-SynServer-RemoteDnsName: pXXXXXXXX.dip.t-dialin.net
X-SynServer-AuthUser: sXXXXXXX@XXXXXX.XXX

I think a good solution would be to remove all header lines containing your real address or to rewrite it. This would remove/rewrite the second line.

I have no idea how to generically find lines like the first one. But OTOH: This is not an E-Mail address and so won't need rewriting/changing to prevent spam.
Last edited by Skeeve on Wed Dec 14, 2005 2:23 pm, edited 1 time in total.
Skeeve
 
Posts: 38
Joined: Tue Jun 01, 2004 9:46 pm

Postby josh » Sat Dec 10, 2005 6:44 pm

Our code

1) hits all the standard headers that would contain your "real" address and substitutes the disposable for *whatever's* there.

2) scans the *entire* message for instances of your *protected* address and replaces those with the disposable.

The code doesn't look for custom headers because there is a very large, growing, and ill-defined list of them out there, but the two steps above should take care of all instances where your MUA (your email reader/sender) is set up to use your protected address as the "from" address.

Are they different in your case? If not, let me know.
josh
 
Posts: 1371
Joined: Fri Aug 29, 2003 2:28 pm

Postby Skeeve » Sun Dec 11, 2005 7:27 pm

josh wrote:Are they different in your case? If not, let me know.

Yes. One of the mentioned two headers contain my real address. If your code just looks inside standard headers and inside the message body, it can't find that line.
Skeeve
 
Posts: 38
Joined: Tue Jun 01, 2004 9:46 pm

Postby josh » Tue Dec 13, 2005 1:52 am

well, this *is* the developer section, so:
Code: Select all
        $msg =~ s/quotemeta $for//gm;
        $msg =~ s/quotemeta $from/$disposable/gmi;
        $msg =~ s/quotemeta $RealEmail/$disposable/gmi;
        $msg =~ s/(^To\: ).*$/$1 $subfrom/mi;


the first line whacks the address to which the message was delivered (the masked address), or what's left of it. The second line swaps the address that the message was otensibly delivered from (regardless of what it is) with the disposable. The third line swaps the user's protected address with the disposable, and the fourth swaps the to address with the reconstructed actual recipient. This code operates on the entire message, including the headers. So what I said earlier about checking just the standard headers isn't the case -- the whole message is checked, and all instances are replaced as above. In your case, was your actual real address (the one in the customer header) different from the stated From: address and your protected address? (or perhaps there's a bug?)
josh
 
Posts: 1371
Joined: Fri Aug 29, 2003 2:28 pm

Postby Skeeve » Tue Dec 13, 2005 7:07 am

josh wrote:well, this *is* the developer section, so:
Code: Select all
        $msg =~ s/quotemeta $for//gm;
        $msg =~ s/quotemeta $from/$disposable/gmi;
        $msg =~ s/quotemeta $RealEmail/$disposable/gmi;
        $msg =~ s/(^To\: ).*$/$1 $subfrom/mi;


(or perhaps there's a bug?)

Is this the actual perl code? shouldn't it be \Q instead of quotemeta in the search string?

And then: why is there no i-switch in the first line and why no g in the last?

this COULD be a bug. To my understanding the first 3 lines do nothing except when the messsage contains "quotemeta <contents of scalar>".

The last line will replace the first occurence of a line starting with "To: ".

And yes: It was my protected address, which I changed until it's fixed. But in order to test it, I can change it back anytiome. Just tell me.

Update: There is a bug!

I just send a testmail containing: "quotemeta <my_protected_address>" and received instead "<my_disposable_address>". So I was not wrong about my "quotemeta" assumption. In perl the left hand side, the search-string, is not executed!
Skeeve
 
Posts: 38
Joined: Tue Jun 01, 2004 9:46 pm

Postby josh » Wed Dec 14, 2005 5:30 pm

OK, I've tested this to the point where I made sure it doesn't make things worse, and I rolled it out:

Code: Select all
        $msg =~ s/\Q$for//gm;
        $msg =~ s/\Q$from/$disposable/gmi;
        $msg =~ s/\Q$RealEmail/$disposable/gmi;
        $msg =~ s/(^To\: ).*$/$1 $subfrom/mi;


better? The reason for the lack on an i in the first line is that we're guaranteed to match case (probably true in the second line, too, but...) and the fourth line only does a single line match.
josh
 
Posts: 1371
Joined: Fri Aug 29, 2003 2:28 pm

Postby Skeeve » Wed Dec 14, 2005 6:13 pm

josh wrote:OK, I've tested this to the point where I made sure it doesn't make things worse, and I rolled it out:

Code: Select all
        $msg =~ s/\Q$for//gm;
        $msg =~ s/\Q$from/$disposable/gmi;
        $msg =~ s/\Q$RealEmail/$disposable/gmi;
        $msg =~ s/(^To\: ).*$/$1 $subfrom/mi;


better?

Looks better. I have to switch back to the other provider in order to really test it, but a simple test with a different mail header seemed to work.

Thanks Josh.

BTW: I downloaded the source from sourceforge and couldn't find the codepieces you posted. It's an older version!? Shall I take a look at the new version whther or not I find other bugs? I have 10 years Perl experience.

Just a sidenote: I love to write it like this:
Code: Select all
        for ($msg) {
                s/\Q$for//gm;
                s/\Q$from/$disposable/gmi;
                s/\Q$RealEmail/$disposable/gmi;
                s/(^To\: ).*$/$1 $subfrom/mi;
        }
Skeeve
 
Posts: 38
Joined: Tue Jun 01, 2004 9:46 pm

Postby josh » Wed Dec 14, 2005 7:40 pm

It's v1.21 in the "mailhandler" subdirectory. Sometimes there's a lag on cvs updates on sourceforge.

Please do have a look at the code. Thanks!!
josh
 
Posts: 1371
Joined: Fri Aug 29, 2003 2:28 pm

Postby Skeeve » Wed Jan 04, 2006 12:36 am

Finally I switched back to my real mail provider and in fact: It works.

OTOH: As I already PM'ed, I had a look at the source and there are several parts I don't understand. I will create, as you suggested, a new thread for that later.
Skeeve
 
Posts: 38
Joined: Tue Jun 01, 2004 9:46 pm


Return to Developers

Who is online

Users browsing this forum: No registered users and 17 guests