procmail
[Top] [All Lists]

Re: Missing headers: Sendmail or Procmail problem?

2000-01-31 19:53:26
Dominic Mitchell <dominic(_at_)cedep(_dot_)net> writes:
those that where suspicious that I had been hacked were right!

I'm not sure why you're calling this "hacked".  All I see is a broken
email system.


With a lot of checking I am slowly pining down the problem.  The
problem as it appears, is that someone is exploiting a bug probably in
sendmail, but I am lacking knowledge in the interaction between
fetchmail, sendmail, and procmail to be sure.

What I have noticed is that the messages are chinese spam, somehow
they are getting split in two parts.  One that has the full
headers and the other which has incomplete and erroneous headers.

Comparing the message that procmail has backed up and the splitted
version of it. I am not seeing these lines 

X-From-Line: foo(_at_)bar  Wed Jan 26 16:50:04 2000
Message-ID: <m3n1psfp56(_dot_)fsf(_at_)totally-fudged-out-message-id>
...

That X-From-Line: looks like it started as a "From " line generated by
formail.  Some POP servers rename the "From " line to X-From-Line: which
makes me wonder whether the messages are being munged on the server before
fetchmail has a chance.  How is your email handled on your POP server?


Philip Guenther

<Prev in Thread] Current Thread [Next in Thread>
  • Re: Missing headers: Sendmail or Procmail problem?, Philip Guenther <=