- $mime_header = $message->mime_header;
- $rn="\r\n";
- $header = array();
-
- $contenttype = 'Content-Type: '. $mime_header->type0 .'/'.
- $mime_header->type1;
- if (count($message->entities)) {
- $contenttype .= ";\r\n " . 'boundary="'.$boundary.'"';
- }
- if (isset($mime_header->parameters['name'])) {
- $contenttype .= '; name="'.
- encodeHeader($mime_header->parameters['name']). '"';
- }
- if (isset($mime_header->parameters['charset'])) {
- $charset = $mime_header->parameters['charset'];
- $contenttype .= '; charset="'.
- encodeHeader($charset). '"';
- }
-
-
- $header[] = $contenttype . $rn;
- if ($mime_header->description) {
- $header[] .= 'Content-Description: ' . $mime_header->description . $rn;
- }
- if ($mime_header->encoding) {
- $encoding = $mime_header->encoding;
- $header[] .= 'Content-Transfer-Encoding: ' . $mime_header->encoding . $rn;
- } else {
- if ($mime_header->type0 == 'text' || $mime_header->type0 == 'message') {
- $header[] .= 'Content-Transfer-Encoding: 8bit' . $rn;
- } else {
- $header[] .= 'Content-Transfer-Encoding: base64' . $rn;
- }
- }
- if ($mime_header->id) {
- $header[] .= 'Content-ID: ' . $mime_header->id . $rn;
- }
- if ($mime_header->disposition) {
- $disposition = $mime_header->disposition;
- $contentdisp = 'Content-Disposition: ' . $disposition->name;
- if ($disposition->getProperty('filename')) {
- $contentdisp .= '; filename="'.
- encodeHeader($disposition->getProperty('filename')). '"';
- }
- $header[] = $contentdisp . $rn;
- }
- if ($mime_header->md5) {
- $header[] .= 'Content-MD5: ' . $mime_header->md5 . $rn;
- }
- if ($mime_header->language) {
- $header[] .= 'Content-Language: ' . $mime_header->language . $rn;
- }
-
- $cnt = count($header);
- $hdr_s = '';
- for ($i = 0 ; $i < $cnt ; $i++) {
- $hdr_s .= $this->foldLine($header[$i], 78, ' ');
- }
- $header = $hdr_s;
- $header .= $rn; /* One blank line to separate mimeheader and body-entity */
- return $header;
- }
-
- function prepareRFC822_Header($rfc822_header, $reply_rfc822_header) {
- global $REMOTE_ADDR, $SERVER_NAME, $REMOTE_PORT;
- global $version, $useSendmail, $username;
- global $HTTP_VIA, $HTTP_X_FORWARDED_FOR;
- global $REMOTE_HOST;
- $rn = "\r\n";
- /* This creates an RFC 822 date */
- $date = date("D, j M Y H:i:s ", mktime()) . $this->timezone();
- /* Create a message-id */
- $message_id = '<' . $REMOTE_PORT . '.' . $REMOTE_ADDR . '.';
- $message_id .= time() . '.squirrel@' . $SERVER_NAME .'>';
- /* Make an RFC822 Received: line */
- if (isset($REMOTE_HOST)) {
- $received_from = "$REMOTE_HOST ([$REMOTE_ADDR])";
- } else {
- $received_from = $REMOTE_ADDR;
- }
- if (isset($HTTP_VIA) || isset ($HTTP_X_FORWARDED_FOR)) {
- if ($HTTP_X_FORWARDED_FOR == '') {
- $HTTP_X_FORWARDED_FOR = 'unknown';
- }
- $received_from .= " (proxying for $HTTP_X_FORWARDED_FOR)";
- }
- $header = array();
- $header[] = "Received: from $received_from" . $rn;
- $header[] = " (SquirrelMail authenticated user $username)" . $rn;
- $header[] = " by $SERVER_NAME with HTTP;" . $rn;
- $header[] = " $date" . $rn;
+ $mime_header = $message->mime_header;
+ $rn="\r\n";
+ $header = array();
+
+ $contenttype = 'Content-Type: '. $mime_header->type0 .'/'.
+ $mime_header->type1;
+ if (count($message->entities)) {
+ $contenttype .= ';' . 'boundary="'.$boundary.'"';
+ }
+ if (isset($mime_header->parameters['name'])) {
+ $contenttype .= '; name="'.
+ encodeHeader($mime_header->parameters['name']). '"';
+ }
+ if (isset($mime_header->parameters['charset'])) {
+ $charset = $mime_header->parameters['charset'];
+ $contenttype .= '; charset="'.
+ encodeHeader($charset). '"';
+ }
+
+ $header[] = $contenttype . $rn;
+ if ($mime_header->description) {
+ $header[] = 'Content-Description: ' . $mime_header->description . $rn;
+ }
+ if ($mime_header->encoding) {
+ $header[] = 'Content-Transfer-Encoding: ' . $mime_header->encoding . $rn;
+ } else {
+ if ($mime_header->type0 == 'text' || $mime_header->type0 == 'message') {
+ $header[] = 'Content-Transfer-Encoding: 8bit' . $rn;
+ } else if ($mime_header->type0 == 'multipart' || $mime_header->type0 == 'alternative') {
+ /* no-op; no encoding needed */
+ } else {
+ $header[] = 'Content-Transfer-Encoding: base64' . $rn;
+ }
+ }
+ if ($mime_header->id) {
+ $header[] = 'Content-ID: ' . $mime_header->id . $rn;
+ }
+ if ($mime_header->disposition) {
+ $disposition = $mime_header->disposition;
+ $contentdisp = 'Content-Disposition: ' . $disposition->name;
+ if ($disposition->getProperty('filename')) {
+ $contentdisp .= '; filename="'.
+ encodeHeader($disposition->getProperty('filename')). '"';
+ }
+ $header[] = $contentdisp . $rn;
+ }
+ if ($mime_header->md5) {
+ $header[] = 'Content-MD5: ' . $mime_header->md5 . $rn;
+ }
+ if ($mime_header->language) {
+ $header[] = 'Content-Language: ' . $mime_header->language . $rn;
+ }
+
+ $cnt = count($header);
+ $hdr_s = '';
+ for ($i = 0 ; $i < $cnt ; $i++) {
+ $hdr_s .= $this->foldLine($header[$i], 78,str_pad('',4));
+ }
+ $header = $hdr_s;
+ $header .= $rn; /* One blank line to separate mimeheader and body-entity */
+ return $header;
+ }
+
+ /**
+ * function prepareRFC822_Header - prepares the RFC822 header string from Rfc822Header object(s)
+ *
+ * This function takes the Rfc822Header object(s) and formats them
+ * into the RFC822Header string to send to the SMTP server as part
+ * of the SMTP message.
+ *
+ * @param Rfc822Header $rfc822_header
+ * @param Rfc822Header $reply_rfc822_header
+ * @param integer &$raw_length length of the message
+ *
+ * @return string $header
+ */
+ function prepareRFC822_Header(&$rfc822_header, $reply_rfc822_header, &$raw_length) {
+ global $domain, $username, $encode_header_key,
+ $edit_identity, $hide_auth_header;
+
+ /* if server var SERVER_NAME not available, or contains
+ ":" (e.g. IPv6) which is illegal in a Message-ID, use $domain */
+ if(!sqGetGlobalVar('SERVER_NAME', $SERVER_NAME, SQ_SERVER) ||
+ strpos($SERVER_NAME,':') !== FALSE) {
+ $SERVER_NAME = $domain;
+ }
+
+ sqGetGlobalVar('REMOTE_ADDR', $REMOTE_ADDR, SQ_SERVER);
+ sqGetGlobalVar('REMOTE_PORT', $REMOTE_PORT, SQ_SERVER);
+ sqGetGlobalVar('REMOTE_HOST', $REMOTE_HOST, SQ_SERVER);
+ sqGetGlobalVar('HTTP_VIA', $HTTP_VIA, SQ_SERVER);
+ sqGetGlobalVar('HTTP_X_FORWARDED_FOR', $HTTP_X_FORWARDED_FOR, SQ_SERVER);
+
+ $rn = "\r\n";
+
+ /* This creates an RFC 822 date */
+ $date = date('D, j M Y H:i:s ', time()) . $this->timezone();
+
+ /* Create a message-id */
+ $message_id = 'MESSAGE ID GENERATION ERROR! PLEASE CONTACT SQUIRRELMAIL DEVELOPERS';
+ if (empty($rfc822_header->message_id)) {
+ $message_id = '<';
+ /* user-specifc data to decrease collision chance */
+ $seed_data = $username . '.';
+ $seed_data .= (!empty($REMOTE_PORT) ? $REMOTE_PORT . '.' : '');
+ $seed_data .= (!empty($REMOTE_ADDR) ? $REMOTE_ADDR . '.' : '');
+ /* add the current time in milliseconds and randomness */
+ $seed_data .= uniqid(mt_rand(),true);
+ /* put it through one-way hash and add it to the ID */
+ $message_id .= md5($seed_data) . '.squirrel@' . $SERVER_NAME .'>';
+ }
+
+ /* Make an RFC822 Received: line */
+ if (isset($REMOTE_HOST)) {
+ $received_from = "$REMOTE_HOST ([$REMOTE_ADDR])";
+ } else {
+ $received_from = $REMOTE_ADDR;
+ }
+ if (isset($HTTP_VIA) || isset ($HTTP_X_FORWARDED_FOR)) {
+ if (!isset($HTTP_X_FORWARDED_FOR) || $HTTP_X_FORWARDED_FOR == '') {
+ $HTTP_X_FORWARDED_FOR = 'unknown';
+ }
+ $received_from .= " (proxying for $HTTP_X_FORWARDED_FOR)";
+ }
+ $header = array();
+
+ /**
+ * SquirrelMail header
+ *
+ * This Received: header provides information that allows to track
+ * user and machine that was used to send email. Don't remove it
+ * unless you understand all possible forging issues or your
+ * webmail installation does not prevent changes in user's email address.
+ * See SquirrelMail bug tracker #847107 for more details about it.
+ *
+ * Add $hide_squirrelmail_header as a candidate for config_local.php
+ * to allow completely hiding SquirrelMail participation in message
+ * processing; This is dangerous, especially if users can modify their
+ * account information, as it makes mapping a sent message back to the
+ * original sender almost impossible.
+ */
+ $show_sm_header = ( defined('hide_squirrelmail_header') ? ! hide_squirrelmail_header : 1 );
+
+ // FIXME: The following headers may generate slightly differently between the message sent to the destination and that stored in the Sent folder because this code will be called before both actions. This is not necessarily a big problem, but other headers such as Message-ID and Date are preserved between both actions
+ if ( $show_sm_header ) {
+ if (isset($encode_header_key) &&
+ trim($encode_header_key)!='') {
+ // use encoded headers, if encryption key is set and not empty
+ $header[] = 'X-Squirrel-UserHash: '.OneTimePadEncrypt($username,base64_encode($encode_header_key)).$rn;
+ $header[] = 'X-Squirrel-FromHash: '.OneTimePadEncrypt($this->ip2hex($REMOTE_ADDR),base64_encode($encode_header_key)).$rn;
+ if (isset($HTTP_X_FORWARDED_FOR))
+ $header[] = 'X-Squirrel-ProxyHash:'.OneTimePadEncrypt($this->ip2hex($HTTP_X_FORWARDED_FOR),base64_encode($encode_header_key)).$rn;
+ } else {
+ // use default received headers
+ $header[] = "Received: from $received_from" . $rn;
+ if (!isset($hide_auth_header) || !$hide_auth_header)
+ $header[] = " (SquirrelMail authenticated user $username)" . $rn;
+ $header[] = " by $SERVER_NAME with HTTP;" . $rn;
+ $header[] = " $date" . $rn;
+ }
+ }
+