Sendmail bug

Discussion in 'Tomato Firmware' started by n4mwd, Apr 22, 2013.

  1. n4mwd

    n4mwd Serious Server Member

    I have Toastman Tomato installed on an ASUS RT-N16 with asterisk 1.8. I have been having problems using the voicemail -> email feature and I have tracked it down to a faulty busybox sendmail program.

    Here is what I have found. When I use sendmail with the following command line:
    /usr/sbin/sendmail -t -f -S server:465 -auMyUser -apMyPass < mail.txt

    And mail.txt is:
    To: "Joe" <>
    Date: Sat, 20 Apr 2013 11:01:42 -0400
    Subject: test mail
    first line of my message
    Needs a space.
    For some reason, sendmail strips the quotes and brackets from the TO field, and generates the following line:

    RCPT TO:<>

    It should not do that.

    If anybody else is having problems with asterisk emails, this is probably the reason.

    I'm going to try to get msmtp to work, but so far, no luck.
  2. n4mwd

    n4mwd Serious Server Member

    I just noticed another problem. For whatever reason, busybox sendmail is keeping the connection to the mail server open long after it sends the email. Its supposed to release the connection once it sends the mail.
  3. jerrm

    jerrm Network Guru Member

    I use bb sendmail extensively, sending dozens of messages daily from various routers.

    I don't use the -t option, my wrapper script doesn't need it, but stripping out the quoted friendly name really shouldn't impact anything. Mail clients generally just look at the header which should remain intact.

    I've never noticed a delay in closing the connection. I have to wonder if something else is going on.

    Your example shows port 465, does the server accept clear text connections on 465? 465 is usually only for ssl connections. 587 is usually for starttls negotiated connections and sometimes will accept clear text. BB sendmail does not support any form of ssl/starttls without a helper like openssl s_client.
  4. n4mwd

    n4mwd Serious Server Member

    I replied to your post this morning, but for some reason its not here. I'm not going to retype the whole thing again, but in short, the bug in busybox sendmail is definite. It is stripping the quote characters ' " ' and concatenating the whole line into one big invalid email address.

    TO: "user" <>
    RCPT TO:<>

    I found out what the problem with the unclosed connection was and its not related. I'm going to start a new thread about that one.
  5. koitsu

    koitsu Network Guru Member

    You misunderstand how SMTP works. You're also conflating two things: SMTP envelope headers vs. "mail headers".

    The To: line is a "mail header". It's considered part of the body/content of the Email.

    The RCPT TO line is an SMTP envelope header (it's part of the SMTP communication protocol), and has no relation to the To: line. They do not have to be the same.

    The same goes for From: vs. MAIL FROM.

    If Busybox sendmail doesn't let you do what you need or is "broken" in some regard, you need to file a ticket/bug with the Busybox folks.
  6. n4mwd

    n4mwd Serious Server Member

    I understand how the basic SMTP works. Sendmail should translate the TO field into a RCPT TO field at the server. The translation isn't working. It works fine if you just have TO:, but when you add a user friendly name, (i.e. - TO: "John Smith" <> ) it messes up.

    I'll look into filing a ticket with busybox.
  7. jerrm

    jerrm Network Guru Member

    I think that's the right approach, this isn't something that needs to be fixed at the tomato source level. I can confirm I get the same result when using -t.

    Easiest work around if you really need to keep the quoted name is not to use -t and instead specifiy recipients on the command line. This works fine, and is what my wrapper script has fortuitously always done.
  8. koitsu

    koitsu Network Guru Member

    As usual: Busybox, a pile of crap. It looks to me like they already fixed a whole crapload of bugs in March 2013:

    It looks like the commits titled "don't mangle email headers" and "support addresses inside angle brackets" solve your issue.

    However, these were only committed to master. I looked at the 1_20_2 and 1_21_0 branches (Toastman runs 1.20.2) and they aren't there. So basically the fixes are already there, just that Busybox has not tagged a new release that incorporates them. You're welcome to build your own firmware + get all the fixes and patch Busybox in the meantime.

    Starting to see why I hate Busybox and wish it would be nuked from orbit? This thing is used in commercial embedded devices (like cable modems). The number of bugs/design idiocies are utterly astounding.
  9. n4mwd

    n4mwd Serious Server Member

    I don't have a choice with the -t because asterisk wants it in the file. I solved the problem by using msmtp instead. Msmtp is extremely convoluted. It wants me to buy a SSL certificate before it will let me send TLS mail. I had to shut all that off and use it to send plain mail. I copied a certificate from someone else, but it didn't work. After about 50 questions, certtool generated a fake one, but it was in the wrong format for msmtp. That, coupled with the fact that msmtp doesn't give useful error messages (ie-"error 1234") and has no list of meanings anywhere that I could find.

    I mean, WHY does it have to be that complicated. My cell phone and laptop didn't require me to buy a ssl certificate....
  10. jerrm

    jerrm Network Guru Member

    You don't need to buy an ssl cert just to send over ssl/starttls. If you want to verify the cert chain then you need to point tls_trust_file to root certs, otherwise use tls_certcheck off.

    My gmail msmtprc file:
    port 587
    auth on
    password pass1234
    tls on
    tls_starttls on
    tls_certcheck off
    #tls_trust_file /etc/ssl/certs/ca-certificates.crt
    syslog LOG_MAIL
    EDIT: Confirmed "sendmail -t < msg.txt" works when "sendmail" is a link to msmtp with the above msmtprc.
  11. n4mwd

    n4mwd Serious Server Member

    I'll try your file tomorrow. I already did use a similar one, but without the starttls on. Since I could see that it was sending a starttls anyway, I didn't think it was important, but maybe it was.
  12. jerrm

    jerrm Network Guru Member

    msmtp will default to tls_starttls=on if not specified and tls=on. If you prefer to use straight ssl, be sure to specify "tls_starttls off."
  13. n4mwd

    n4mwd Serious Server Member

    I used this msmtp config file successfully:

    account default
    port 465
    auth on
    password MySecretPasswordWithUpperAndLowerCaseCharactersPlus1234Digits--andPunc,tuation!
    timeout 10
    tls on
    tls_starttls off
    tls_certcheck off
    #tls_trust_file /etc/ssl/certs/ca-certificates.crt
    syslog LOG_MAIL
    #logfile /opt/var/log/msmtp/log_file.txt

    It seems to be happy with this one. I'm using the command line:
    msmtp -t ---read-envelope-from <mail.txt

    The --read-envelope-from lets the file creator decide the from address. However, ATT is really yahoo mail so I had to go in and create "authorized senders" in yahoo before it would take "from:". But for some reason, even though this config works most of the time, I got "TLS handshake failed: Connection reset by peer" once with the same config.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice