From 7727cc8b9e981c2969b0ac1519f964cfb8b90126 Mon Sep 17 00:00:00 2001
From: "Rob Swindell (on Debian Linux)" <rob@synchro.net>
Date: Thu, 2 Mar 2023 01:04:56 -0800
Subject: [PATCH] Fix false FORGED mail header 'FROM' field detection/rejection

Pretty much any From field that contains an '@' in the username portion
was subject to comparison to the full email address, but clearly some of
these rejected emails were not forge attempts:

'Chris @ StubHub' vs 'events@mail.stubhub.com'
'Eric S. Raymond (@esr)' vs 'gitlab@mg.gitlab.com'

Fixed by requiring that the sender name is actually a well-formed Internet
email address using smb_netaddr_type(), which was also recently improved to
be more accurate.

Unrelated change: include reverse-path (email address for bounces) in
ILLEGALLY-LONG body and header line log messages (usually SPAM from what
I can tell).
---
 src/sbbs3/mailsrvr.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/sbbs3/mailsrvr.c b/src/sbbs3/mailsrvr.c
index 89520f4a29..bac9ec9f45 100644
--- a/src/sbbs3/mailsrvr.c
+++ b/src/sbbs3/mailsrvr.c
@@ -3643,7 +3643,7 @@ static void smtp_thread(void* arg)
 					continue;
 				}
 				if(relay_user.number == 0
-					&& strchr(sender, '@') != NULL
+					&& smb_netaddr_type(sender) == NET_INTERNET
 					&& compare_addrs(sender, sender_addr) != 0) {
 					lprintf(LOG_WARNING,"%04d %s %s !FORGED mail header 'FROM' field ('%s' vs '%s', %lu total)"
 						,socket, client.protocol, client_id, sender, sender_addr, ++stats.msgs_refused);
@@ -4073,8 +4073,8 @@ static void smtp_thread(void* arg)
 				p=buf;
 				if(*p=='.') p++;	/* Transparency (RFC821 4.5.2) */
 				if(strlen(p) > RFC822_MAX_LINE_LEN) {
-					lprintf(LOG_WARNING, "%04d %s %s sent an ILLEGALLY-LONG body line (%d chars > %d): '%s'"
-						,socket, client.protocol, client_id, (int)strlen(p), RFC822_MAX_LINE_LEN, p);
+					lprintf(LOG_WARNING, "%04d %s %s !%s sent an ILLEGALLY-LONG body line (%d chars > %d): '%s'"
+						,socket, client.protocol, client_id, reverse_path, (int)strlen(p), RFC822_MAX_LINE_LEN, p);
 					sockprintf(socket, client.protocol, session, "500 Line too long (body)");
 					break;
 				}
@@ -4090,8 +4090,8 @@ static void smtp_thread(void* arg)
 			}
 			/* RFC822 Header parsing */
 			if(strlen(buf) > RFC822_MAX_LINE_LEN) {
-				lprintf(LOG_WARNING, "%04d %s %s sent an ILLEGALLY-LONG header line (%d chars > %d): '%s'"
-					,socket, client.protocol, client_id, (int)strlen(buf), RFC822_MAX_LINE_LEN, buf);
+				lprintf(LOG_WARNING, "%04d %s %s !%s sent an ILLEGALLY-LONG header line (%d chars > %d): '%s'"
+					,socket, client.protocol, client_id, reverse_path, (int)strlen(buf), RFC822_MAX_LINE_LEN, buf);
 				sockprintf(socket, client.protocol, session, "500 Line too long (header)");
 				break;
 			}
-- 
GitLab