A general buglog of ZMailer with fixes/circumventions

These bugs are listed as release versions where they were recognized, and cured.

Listed (header) versions do contain the bug!

RED text are for those, where user input was able to cause bad behaviour.
Not necessarily leading to security worries, but at least localized denial-of-service.

AN attempt is sometimes made to find, when the problem originated.

ZMailer 2.99.57.pre2 (2004-Jul-07)

• (nothing yet)

ZMailer 2.99.57-pre1 (2004-Apr-04)

• Smtpserver mis-identified %-hack addressing
  • Fixed in CVS ? 2004-Jul-06
  • This is actually operational mistake, and system is just being fortified against its re-occurrences.
    Do note, that this is not trivially automagically pluggable..
  • Chain of events was like this:
    1. RCPT TO:<foo%elsewere@localdomain>
    2. The "localdomain" is not listed in our "localnames" database
       (this omission was the operational mistake!)
    3. The "localdomain" is a DNS object with only A/AAAA data pointing to this server, without any MX data!
    4. Connecting client IP address gets "relay-with-MX-trust" setting
       (it was just average entity from out there without any oarticular privileges)
    5. The MX testing accepted the message for reception, but ..
    6. .. didn't realize that it was destined to local system ..
    7. .. and didn't check for %-hack
    8. But then router did recognize the address to be its own (it being listed in mail.conf), and looked for %-hack address..
       (system was configured to know itself with name 'localdomain', as above)
  • Fixed by recognizing domain being without MX, but having A/AAAA that is pointing to ourself, and then treating that as if the domain were listed in 'localnames' database.
  • Now if the given domain has MX entries, and is known thru e.g. mail.conf, but not listed in the 'localnames' file, then abuse thru %-hack is possible!
  • Is this ever completely pluggable ?
• Router daemon didn't clean child processes properly in Solaris.
  • Fixed in CVS; 2004-Jul-06
  • Existed since 2003-May-08.
  • Not really fatal, as the task processors didn't usually die.
  • Only in Solaris due to bad parameter issued to wait4() call.
  • Err... It does look like e.g. Solaris vs. Linux/*BSD* syscall behaviour differ!
• Router dropped core with malformed header content in crossbar processable headers
  • Fixed in CVS; 2004-Jul-05
  • Core drop sensitivity only in systems with glibc library. ( = Linux )
  • Apparently existed since forever
• Better handling of "\user" syntax entity, which in classical sendmail sense is telling that "store the message to user's mailbox"
  • Fixed in CVS; 2004-Jul-05
  • Previous attempt with $(dequote ...) and bitbuckets wasn't all that successfull.
• Router memory leak observed; slow process growth
  • Fixed (?) in CVS; 2004-Jul-01
  • Not exactly sure, but memory footprint growth was observed, and gcore(1) in Solaris extracted a memory dump that was filled with various ".*:sender" strings. Code reading did show possible memory leak in database lookup.
  • This was observed in Solaris, but no in a Linux system...
  • Since 2004-Apr-12 ?
• Smtpserver dropped core in tail-end of error bailout
  • Fixed in CVS (2004-Jun-23)
  • Since ? (2003 ?)

ZMailer 2.99.56 (2003-Nov-18)

• Smtpserver contentfilter subdaemon had core-drops
  • Fixed in CVS (2004-Apr-27)
  • Since ?
• Smtpserver sloppy-mode white-space fixes
  • Fixed in CVS (2004-Apr-16)
• Gdbm file-descriptor leakage
  • Fixed in CVS (2004-Mar-31)
  • Possibly since 2002-Jul-05
• The 'userdb' processing (e.g. controlling userid -> user.name maps) had bugs
  • Fixed in CVS (2003-Nov-29)
  • Since ? (2000 ? or older ?)
• Buggy autoconfig of dirfd(), affected ROUTERDIRHASH=1
  • Fixed in CVS (2003-Nov-20)
  • Affected only Solaris (?)
  • Since ?

ZMailer 2.99.56.pre9 (2003-Aug-22)

• Sometimes SMTP-TA did result wrong return codes
  • Fixed in CVS; (2003-Nov-16)
  • Connection reopening was done without resetting the MX index, which in rare cases caused the connection reopen fail with fatal result code.
• Smtpserver policy interpret used 'signed char', where 'unsigned char' (a.k.a. 'u_int8_t') would have been appropriate
  • Fixed in CVS; (2003-Nov-04)
  • Existed in the policy interpreter since forever...
  • Also policy-compiler could produce invalid length attributes
• The SMTP-TA did loop forever in some rare occasions.
  • Fixed in CVS; (2003-Oct-07)
• More 'makedb is fragile' issues
  • Fixed in CVS; (2003-Aug-25)
• The 'policy-builder' script did crash in some situations due to NULL referral
  • Fixed in CVS; 2003-Aug-22 (right after pubslishing the abovementioned version..)

ZMailer 2.99.56-pre7 (2003-Jun-09)

• ZMailer Licenses published (2003-Jun-27)
• Changed version numbering style into hyphenless one (for RPMs et.al.)
• Didn't always yield diagnostics on outgoing messages
  • Fixed in CVS; 2003-Aug-23
  • Observed, when a delivery to a recipient with quota full didn't produce report about it.
  • Existed since ? Perhaps half a year ?
• Filedescriptor leak in scheduler
  • Fixed in CVS; 2003-Jul-23
  • Did sometimes manifest as message loss after the scheduler had ran out of filedescriptors.
• Memory leaks in transport agents
  • Fixed in CVS; 2003-Jun-19
  • Affected only transport-agents that did live for a very long time (Some rare (un?)lucky ones...)
• Added "info", "biz", "name", "eu" into the list known top-levels.
  • Fixed in CVS; 2003-Jun-19
• The smtp-TA did send possible TLS related diagnostics to scheduler's log
  • Fixed in CVS; 2003-Jun-19
  • A beauty-wart, merely..

ZMailer 2.99.56-pre6 (2003-May-20)

• Improved SFIO library's "iffe" configurer
  • Fixed in CVS; 2003-May-22
  • Original "iffe" (and configurations) were extremely sensitive to proper behaviour of the "sh" script interpreter in the UNIX(like) system where the tool ran. New one should be less sensitive.
  • Fixed by picking "iffe" and test scripts from "SFIO-2002" package.
• The SMTP-ta-client didn't ever do "nagle-collapse" handling
  • Fixed in CVS; 2003-May-22
  • We didn't ever do "NAGLE" control, even though code was written.
  • This tries to optimize network data packet construction, and avoid smaller than MTU frames when not coming up to a sync-point.
• Use of ZENV variable ROUTERDIRHASH will cause trouble
  • Fixed around 2003-Nov-04 (in 2.99.56)
  • Actually looks like it causes extra syscalls to rename(2) files around in between directories (and not bad functionality per se), however it harms total system performance a bit.
  • To fix it, work-file locking algorithm shall be revised so that there is no need for present "rename to iiii-pppp" format filename gymnastics.

ZMailer 2.99.56-pre5 (2003-apr-20)

• The router process segfaulted, when input message has envelope with empty "with" clause.
  • Fixed in CVS; 2003-May-20
  • Existed likely since the beginning of the ZMailer.
  • Similar denial-of-service bad-messages are possible with 'via' and 'user' envelope headers.
• Changed "make install prefix=..." to proper "make install DESTDIR=..."
• Reallocing uninitialized variable in libc/mail.c
  • Fixed in CVS 2003-may-5
  • Existed since 17-Apr-2003
• Support of BSD DB 1.x (obsolete long ago) was broken
  • Fixed in CVS 2003-may-8
  • Existed since 2002-Jun-18 ?
• Added support for SleepyCat DB 4.1.x
  • Fixed in CVS 2003-may-9
• Memory leak in router's "read" function.
  • Fixed in CVS 2003-may-9
  • Existed since forever ? (Rather complex code, probably original.)
  • Actually this was about unnecessary buffer expansion in cases where it isn't really necessary.
• SMTP transport agent in PIPELINING mode had too low timeout for command verbs.
  • Fixed in CVS 2003-may-10
• Smtpserver segfaults by NULL dereference in closing cleanups under some conditions.
  • Fixed in CVS 2003-may-15
  • Existed since ?
  • Didn't affect any real use

ZMailer 2.99.56-pre4 (2003-Feb-14)

• Follow strictures of RFC 1123 part 5.2.2 about CNAME rewriting of MAIL FROM and RCPT TO envelope domains.
  • Fixed in CVS; 2003-apr-2
  • Existence since forever (actually presumed that the router does envelope rewritings, but that has been disabled for a long time due to performance reasons.)
• Bug in special SleepyCat DB support fibrary functions
  • Fixed in CVS; 2003-apr-7
  • Existence since 2002-Jun-18
  • Failure was to compile the file at all, if system didn't have SleepyCat DB available.
• "RSET" processing didn't (smtp transport agent)
  • Fixed in CVS 2003-apr-15
  • Existence since 2003-Feb-14 (2.99.56-pre4)
  • Various MAIL FROM related state variables were reset before the optional "RSET" protocol exchange was done, and thus in some cases PIPELINEd processing did lead to undesirable behaviour. This bug was introduced on 2003-02-14 in order to fix scattered around RSET code paths so that there will always be an RSET, when there is need for it. Urgh.
  • It appeared when a message was tried to send in the connection right after something needing that RSET; thanks to reports about "there seem to be multiple messages to these troublesome destinations" for finally finding this.

ZMailer 2.99.56-pre3 (2002-Jul-5)

• Router master daemon did leak file descriptors, if child died for any reason.
  • Fixed in CVS 2002-Oct-4
  • Affected things only, if the routers kept dying, which is an indication of a bug in itself...
• Bad DNS T_TXT data detection, and cutback.
  • Fixed in CVS 2002-Sep-6
  • Existed since 1997-Nov ?
  • The same thing as with e.g. sendmail. Also clean up the received string to have only printable characters in ISO-8859-* character-sets. All that this could have done in ZMailer is to pick garbage data from beyond the (received) buffer, not overwrite anything.
• Producing invalidly encoded "MIME-HEADER" tokens in some cases
  • Fixed in CVS 2002-Aug-23
  • Existed since ?
  • When headers are detected to contain 8-bit chars, which must be MIME encoded, that is done partly wrong...
• The smtpserver content filter interface protocol had to be changed
  • Fixed in CVS 2002-Aug-23
  • Existed since ?
  • Now the protocol is alike with transport-agents, the content filter program does report "#hungry", and when the smtpserver sees it, it sends a task descriptor.
  • Resulted in a note in README.UPGRADING
• A practically unexploitable potential buffer overflow in smtpserver.
  • Fixed in CVS 2002-Jul-5
  • Existed since ? (quite a while)
  • Exploit requires presense of 'h' flag in EHLO greeting match patterns (non documented, non-default style flag), and that the host address reversal text is long in the extreme. Getting the server to crash is less difficult, than to get it to execute anything.. Repeat: A 'h' must be present in style-flags at the end of the smtpserver.conf file EHLO/HELO-patterns, AND the hostname reversal PTR text must be longer than around 100 bytes. Then, maybe, it will be possible to feed working buffer overflow exploit..
  • Yours truly got two questions from CERTs about this issue, no CERT ALERTS of any kind materialized ever from those. There is, possibly, some FreeBSD alert lurking somewhere.

ZMailer 2.99.56-pre1 (2001-Oct-1)

• SMTP client had to separate DATA-phase ending dot-line sending into separate write(2), because world is full of broken firewalls that dislike this particular thing being pipelined...
  • Fixed in CVS 2002-Jun-25, and latter again with smarter "de-nagle" codes
  • Existed since ?
  • Ever since SMTP transport agent begun to use smarter buffering in outgoing SMTP stream, this has been potential trouble-spot.
• Support SleepyCat DB 4.0
  • Added into the CVS; 2002-Jun-18
• Prototype of smtpserver content-filter fixes
  • Fixed in CVS; 2002-Jun-18
  • Rough prototype didn't work...
• SMTP client dropping with SEGV
  • Fixed in CVS; 2002-May-20
  • Sometimes "SS->smtpfp" variable was null, and referring thru it was invitation to disaster. Added testing of its non-nullness into some places
• Scheduler didn't consume scheduler-notify message input socket
  • Fixed in CVS; 2002-May-16
  • Existed since 2002-Feb-7 ?
  • Missing accept() calls did cause a bit trouble, when the scheduler begun to busy-spin in select() as the listening socket was always ready for reading...
  • This didn't affect server functionality all that much, as the messages themselves are pretty much an accelerator thing, not mandatory for server function.
• SMTP transport agent EZMLM mode produced sometimes invalid SMTP protocol
  • Fixed in CVS; 2002-Apr-20
  • Existed since 2001-Feb-26 ? (perhaps not)
  • Implementation of "EZMLM" feature in the system (see 'listexpand' utility) needs support in outgoing SMTP. Sometimes we lacked mandatory trailing ">" in outgoing MAIL FROM envelope addresses.
  • This can't be very old bug, as yours truly gets email from a busy email list system running this thing...
• NDBM treatment in newdb script had a problem
  • Fixed in CVS; 2002-Jan-31
  • Existed since 2000-May-18
  • This relates to varying implementations of NDBM library, which has two functions to look up for the underlying actual fd:s, which are needed in builtin automatic DB change (reopen needed) support.
  • As NDBM has several problems (including that length of key, and data together must not exceed 1024 bytes), it is rather non-preferred database format, and very little used...
• Utterly weird error cases caused a buffer-overlow (core dump) on router/libdb/bind.c.
  • Fixed in CVS; 2002-Jan-31
  • Existed since ?

  • * router/libdb/bind.c:
        h_errhost[] buffer overflow in some oddball cases.

  • Didn't overflow with network received, nor user supplied data, so not really "buffer overflow security trouble" kind..
• Duplicate addresses in fqdnaliases-db caused the router to crash.
  • Bug in router/rfc822.c in which code was written with certain object to be of expected type, failing that the code did read bytes from a string as a pointer, and madness followed...
  • Since:
  • Cure: Fixing the proto/cf/fqdnaliases.cf script's bitbucket returns.

     from:   returns (bitbucket ...)
     to:     returns (((bitbucket ...)))

  • Fix in CVS; (2002-Feb-1)
• Mailbox TA corrupts the user mailbox when it encounters write-failure at Solaris 8. (Relates on side-effects of ftruncate() syscall.)
  • Fixed in CVS; (2001-Dec-7)
• The smtp TA failed to reject a message, when MAIL FROM followed immediately with remote end closing the socket.
  • Fixed in CVS. (2001-Oct-25)
• Potential router script problems with addresses beginning with "-" character, which might become mis-interpreted as an option to some builtin function
  • Fixed in CVS; 2001-Oct-10
  • Existed since forever ?
  • ChangeLog says: Noticed strange bounces which turned out to be due to calls of functions which have optional options beginning with '-' character. These fixes handle cases where localpart and/or domain name begins with a minus. A full throughout analysis of all functions inside the router, and related documentation in the ZMailer Manual is future project.
• Scheduler's configuration parser didn't handle

    AAAA/*
    BBBB/*
    CCCC/*
      params
  

  properly. It failed to process the "CCCC/*" into same set.
  • Fix in CVS. (2001-Oct-4)
• The router scripts didn't handle (properly) local userids which are purely numeric.
  • New scripts and mechanics in CVS. (2001-Oct-2)
• Aliasing to addresses that were purely of decimal digits did produce unexpected behaviour, and in actuality failed to function.
  • Fixed in CVS; 2001-Oct-1
  • Existed since forever.. (including 2.1 and 2.2 series)
  • ChangeLog says: Reports about problems when aliases map into purely decimal digit containing local name prompted rewriting parts of the scripts (and newdbprocessor tool!) with old(*) 'returns' return in place of the original 'return' return. The difference is that 'returns' will _always_ yield a string, while 'return' may yield an integer value if the username/whatever is made of purely decimal digits... ( *: "old" as "long existing" )

ZMailer 2.99.55 patch1 (2001-May-8)

• OpenBSD (compilation) patch-cluster injected..
  • Fixed in CVS. (2001-Sep-22)
• The smtpserver the contentpolicy() calls needed adding fflush() calls so that the incoming file is fully committed into the file.
  • Fixed in CVS. (2001-Jul-31)
  • There are still reports that contentpolicy() needs additional fflush()es... Weird..
• The smtp TA was returning TEMPFAIL when using non-pipelined SMTP protocol, and the MAIL FROM yielded 500 series codes. (E.g. the smtp TA didn't believe when remote end said NO.)
  • Fixed in CVS. (2001-Jun-15)
• The smtpserver did sometimes fail to timeout leaving processes hanging on undead sockets (remote ends had gone away, or something.) This was diagnosed as bad alarm()/syscall bailout thing. Replaced every possibly waiting read() (with alarm()ed breakout) with select()s, and using non-blocking sockets.
  • Fix in CVS. (2001-Jun-4)
• mailq commands oopses internally in some cases.
  • Possibly born after last snapshot.
  • Fixed in CVS. (2001-Jun-03)
• CYGWIN compilation troubles
  • Fixed in CVS. (2001-May-16)
• Compilation problems in Solaris 2.6 :-(
  • Fixed in CVS. (2001-May-10)

ZMailer 2.99.55 (2001-Feb-21)

• Utterly strange misplaced diagnostics, and retry failures detected in smtp transport agent since a long time. If MAIL FROM fails with socket read EOF in non-pipeline system, we did reconnect immediately, but did fail to do avoidance of recipients already diagnosed :-(
  • Fixed in CVS. (2001-May-8)
• Even more SMTP TA return code work.
  • Fixed in CVS. (2001-May-4)
• "newdbprocessor" utility had PERL 5.6.0+ syntax, instead of older version. Not wanting to to force perl upgrade, the detail got backed out.
  • Fixed in CVS. (2001-May-4)
• Scheduler could get hung-up in a tight loop when debugging it in verbose mode. (debug code bug.)
  • Fixed in CVS. (2001-Apr-3)
• Sometimes the SMTP TA could loop tightly asking same question over and over again from the DNS server. Too late variable setting was culprit.
  • Fixed in CVS. (2001-Apr-4)
• Routing of localparts with ``foo+tag+some+more'' didn't cut correctly at the first ``+'' char, but at the last..
  • Fixed in CVS. (2001-Mar-8)
• ``mailq'' utility did sometimes refer to uninitialized data.
  • Fixed in CVS. (2001-Mar-1)
• In PIPELINING mode the SMTP TA didn't properly react on the MAIL FROM result codes (e.g. TEMPFAILed if MAIL FROM yielded 500-series codes.)
  • Fixed in CVS. (2001-Feb-27)

ZMailer 2.99.54-patch1 (2000-Nov-12)

• Scheduler used sometimes stale data pointer at error/diagnostics reporting causing (perhaps) the system to unlink() wrong file(s).
• Router ``filepriv'' test function had problems with regular files.
• Support for TCP-Wrapper has been disabled for a while.
• Things using ``getpwnam()'' had rough time with (temporary) error flagging and tagging
• Smtp TA program did treat smtp reply collection timeout wrong, and when not closing the socket, did slip off the processing phase.
• Header MIME processing has had problems for a while
• Smtp-server didn't accept "BDAT 0 LAST" - which is a valid thing!
• DECNET-IV address processing issues; wrong (de-)quotation
  • Fixed in CVS. (2001-Feb-8)
• FreeBSD/OpenBSD getaddrinfo() SEGV
  • Symptom: smtp transport agents SIGSEGV
  • Since: 1997 ??
  • Unchecked referral to ai->ai_canonname, which is always defined at Linux GLIBC systems, but hardly ever at KAME based BSDs.
  • Cure: CVS (and future versions)
• FreeBSD/OpenBSD getifaddrs() function usage bug
  • Symptom: Compilation failure
  • Since 2.99.53
  • Blindly coded and never tested code has its disadvantages..
  • Cure: CVS (and future versions)
• On Solaris nonexistent usernames go into hold channel
  (This has been seen at Solaris only, but nothing prevents it from happening elsewere as well.)
  • Symptom: The hold channel gets addresses which really should end up in error channel
  • Since 2000-Sep-21 (CVS)
  • The ``hold'' processing of $(homedir ..) function missed handling errno == 0 case.
  • Cure: CVS; 2001-Jan-16 (and future versions)

ZMailer 2.99.54 (2000-Sep-19)

• scheduler mailq-v2 handling queue traversal crashes the scheduler
  • Symptom: dead scheduler (SIGSEGV) (parallelly running instances of ``mailq -Q'' scramble internal chains of descriptors)
  • Symptom: scheduler is busily spinning, but doing no syscalls, and ``mailq -Q'' just hangs
  • Since 2.99.54
  • Source patch needed; 2.99.54-patch1
  • Circumvent: try to avoid running several instances of mailq at the same time.
• scheduler mailq-v2 authentication leaks file descriptors
  • Symptom: very hard to spot, long-running scheduler runs out of fd's, and depending on the luck, just performance worsenes, or the scheduler may even crash (SIGSEGV)
  • Since: from beginning of said feature (2.99.52-pre4)
  • Cure: suitably placed fclose(), source patch needed.
• router 'routes' db problems
  • Symptom: Suffixed domain routings, and ``.'' ``global route'' don't work.
  • Since: 2.99.53 ? (when newdbprocessor has been in use)
  • Cure: PERL script fixes, dbases.conf data fixes.
• Transport agents parse ``Content-Type:'' poorly
  • Symptom: A message with ``Content-Type: text/plain; charset = US-ASCII'' goes thru rewriting as ``Content-Type: text/plain; charset="= US-ASCII"'' (notice spaces! very hard to spot.)
  • Since: forever (of 2.80+ series)
  • Cure1: Code fixes intergrated into 2.99.54-patch1
  • Cure2: better RFC822+MIME-tokens scanner implemented after 2.99.54-patch1

ZMailer 2.99.53 (2000-Jul-17)

• SMTPserver ``BDAT'' SIGSEGV
  • Combination of PIPELINING, and CHUNKING features caused diagnostic reports to be suspended while more input was available, and MAIL FROM failure did lead to 'SS->mfp' variable being NULL, but said variable was referred without check -> SEGV.
  • Since ???
  • Circumvent by uncommenting $MAILSHARE/smtpserver.conf PARAM NoCHUNKING
  • Cure entered code on 23-Aug-2000, included in version 2.99.54
• SMTP transport agent has loop problems
  • Since ???
  • Cure ? 2000-Nov-20 version seems to be stable in developer's systems, but this is notorously difficult beast;
    The ``S'' in ``SMTP'' stands for ``Simple'', but these days the protocol is nothing but...
• Routing to ``@[1.2.3.4]:foo@bar'' fails to do proper RFC-822 source-route picking at the router.
  • Symptom: Routing of addresses containing ``['' and ``]'' characters causes the entire address to be bound in double-quotes, and treating it local
  • Since: ??
  • Cure: code patch changeing (a bit) of quotation rules
• smtp transport-agent bounces emails which it should not
  • Symptom: DATA/BDAT tells that ``5xx no recipients given'', while ``MAIL'' tells something about temporary failure. (PIPELINING mode problem.)
  • Since: ??
  • Cure: Code patch
• Oddball resolver problems with dnscache program
  • Symptom: All DNS MX lookups fail, when dnscache is used as a local DNS cache (instead of 'bind' a.k.a. 'named')
  • Since: ?? (long ago ?)
  • Cure: Code patch for the fencepost error.
  • Circumvention: Use named/bind instead of dnscache.

ZMailer 2.99.53-pre1 (2000-Mar-28)

• smtpserver's smtp-policy.src _RBL rules are badly named
  • Symptom: _RBL rules don't seem to have effect at the smtpserver
  • The ``='' alias lookup machinery inside the policy code expects to find exactly same string as is fed to it in a parameter -- unfortunately the database keys are pre-translated into lowercase strings by the ``makedb'' utility.
  • Since ??
  • Cure1: Refer to the ``_RBL'' rules as ``= _rbl''
  • Note: Much latter the lookup was changed to do the string lowercasifying
• smtpserver Document bug
  • Since ???
  • smtpserver's documents tell param name ``RcptLimitCount''
  • Recognized parameter name in the parser was only: ``RcptLimitCnt''
  • Added recognition of documented form into the code.
• Scheduler crashes (SIGSEGV)
  • Symptom: Debugger shows bad diagnostic messages arriving to the scheduler which forthwith segfaults.
  • Since ??
  • Cure: Code fix, also at trouble source
• Smtp transport-agent program in PIPELINING + TLS mode deadlocks against some servers
  • Symptom: When communicating under TLS encryption with the CommuniGate Pro system announcing PIPELINING capability, the connection hangs
  • Since: ?? (a short while)
  • Cure: Code fixes for non-blocking SSL library call usage
• smtpserver replies policy rejections with a text parameter to the user using 400-series status codes
  • Symptom: smtp-policy.spam(.manual) listed domains yield 400-series responses when given in MAIL FROM or RCPT TO addresses.
  • Since: quite old (pre 2.99.50 ?)
  • Circumvent: Make sure no "message" strings are used in replies
  • Cure: 2.99.53 baseline source
• Routing to ``@foo.bar:foo@bar'' fails to do proper RFC-822 source-route picking at the router.
  • Symptom: Routing of addresses containing ``,'' and/or ``:'' characters causes the entire address to be bound in double-quotes, and treating it local
  • Since: ??
  • Cure: code patch changeing (a bit) of quotation rules

ZMailer 2.99.52-patch1 (1999-Dec-31)

• Y2K buglet
  • Symptom: Router programs crash on ``Bad Message[tm]'' of ``Date: 00-mm-dd hh:mm:ss''
  • ``Date:'' header is parsed (unnecessarily), and the parser does div-by-zero on bad input
  • Since ? Quite a while
  • Cured on CVS two days latter, a patch given at the ``Y2K page''.

ZMailer 2.99.52 (1999-Dec-30)

ZMailer 2.99.52-pre5 (1999-Dec-30)

ZMailer 2.99.52-pre4 (1999-Nov-15)

• Code to extract local interface addresses fails when ``too many'' interfaces are present in the system
  • Symptom: smtpserver's relay-control systems don't seem to work
  • Symptom: open relaying thru server which has valid configuration
  • Clue: system has lots and lots of virtual interfaces/addresses
  • Clue2: "cd lib; make selfaddrs-test; ./selfaddrs-test" and you get no interfaces listed!
  • Cure: Fixed the reply buffer allocation retry loop
• MTBW

ZMailer 2.99.52-pre3 (1999-Sep-21)

ZMailer 2.99.52-pre2 (1999-Sep-05)

ZMailer 2.99.52-pre1 (1999-Aug-30)

ZMailer 2.99.51 (1999-Jul-19)

• Doing implicite dequotation of quotefull strings in router script interpreter's ssift, and tsift routines is bad for the system behaviour.
  • Fixed in CVS; 1999-Jul-20
  • Existed since ? Forever ?
  • Appears as converting: '"foo@bar"' to 'foo@bar', which latter is again processed by splitting in two.
  • Potential exists for causing uncontrolled relaying

ZMailer 2.99.51-pre3 (1999-Jul-12)

ZMailer 2.99.51-pre2 (1999-Jul-07)

ZMailer 2.99.51-pre1 (1999-Jul-05)

ZMailer 2.99.50s19 (1999-Jun-06)

ZMailer 2.99.50s18 (1999-May-14)

ZMailer 2.99.50s17 (1999-May-10)