Previous Section Next Section

F=1 (one)

Don't send null bytes V8.10 and above

Prior to V8.10, sendmail would not screen header lines to make sure they contained no null (zero) bytes. Instead, such null bytes were passed through, and sometimes caused misinterpretation of addresses and the like.

It might seem impossible that a null byte could appear in a string because the C-language string library routines use a null character to terminate all strings. But consider the case of a hexadecimal 0x80 character. Such a character has the high bit set, but when delivery is to a 7-bit-only site, sendmail will strip the high bit from 0x80, leaving behind a new 0x00 value in the middle of a string. A null byte!

Beginning with V8.10, sendmail offers a way to strip such null bytes from headers before sending those headers onward. The F=1 delivery agent flag, when set, tells sendmail to strip all null bytes that it finds from all headers. Note that only the headers in the header portion of the message are screened. MIME headers in the body of the message are not screened.

The F=1 delivery agent flag is not set by default for any delivery agent. To add it, just use the MODIFY_MAILER_FLAGS command (See this section). In the following, for example, we add it to the smtp class of delivery agents:

MODIFY_MAILER_FLAGS(`SMTP', `+1')

In general, this delivery agent flag should be set for outbound delivery agents and for local, final delivery agents. In both, there is a small vulnerability to forgeries that use the hex 80 value. Consider:

From: friend0x80@spam.site

If the 0x80 were to be converted to a zero, the message might wrongly appear to be from a friend on the local machine.[24]

[24] Despite this bit of protection, forgeries are still possible.

    Previous Section Next Section