* a delivery backend.
*
* @author Marc Groot Koerkamp
- * @copyright © 1999-2005 The SquirrelMail Project Team
+ * @copyright © 1999-2007 The SquirrelMail Project Team
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
* @version $Id$
* @package squirrelmail
* @return string $header
*/
function prepareRFC822_Header($rfc822_header, $reply_rfc822_header, &$raw_length) {
- global $domain, $version, $username, $encode_header_key, $edit_identity, $hide_auth_header;
+ global $domain, $version, $username, $encode_header_key,
+ $edit_identity, $hide_auth_header;
/* if server var SERVER_NAME not available, use $domain */
if(!sqGetGlobalVar('SERVER_NAME', $SERVER_NAME, SQ_SERVER)) {
$rn = "\r\n";
/* This creates an RFC 822 date */
- $date = date('D, j M Y H:i:s ', mktime()) . $this->timezone();
+ $date = date('D, j M Y H:i:s ', time()) . $this->timezone();
/* Create a message-id */
$message_id = '<' . $REMOTE_PORT . '.';
if (isset($encode_header_key) && trim($encode_header_key)!='') {
* unless you understand all possible forging issues or your
* webmail installation does not prevent changes in user's email address.
* See SquirrelMail bug tracker #847107 for more details about it.
+ *
+ * Add $hide_squirrelmail_header as a candidate for config_local.php
+ * to allow completely hiding SquirrelMail participation in message
+ * processing; This is dangerous, especially if users can modify their
+ * account information, as it makes mapping a sent message back to the
+ * original sender almost impossible.
*/
- if (isset($encode_header_key) &&
+ $show_sm_header = ( defined('hide_squirrelmail_header') ? ! hide_squirrelmail_header : 1 );
+
+ if ( $show_sm_header ) {
+ if (isset($encode_header_key) &&
trim($encode_header_key)!='') {
// use encoded headers, if encryption key is set and not empty
$header[] = 'X-Squirrel-UserHash: '.OneTimePadEncrypt($username,base64_encode($encode_header_key)).$rn;
$header[] = 'X-Squirrel-FromHash: '.OneTimePadEncrypt($this->ip2hex($REMOTE_ADDR),base64_encode($encode_header_key)).$rn;
if (isset($HTTP_X_FORWARDED_FOR))
$header[] = 'X-Squirrel-ProxyHash:'.OneTimePadEncrypt($this->ip2hex($HTTP_X_FORWARDED_FOR),base64_encode($encode_header_key)).$rn;
- } else {
+ } else {
// use default received headers
$header[] = "Received: from $received_from" . $rn;
if ($edit_identity || ! isset($hide_auth_header) || ! $hide_auth_header)
$header[] = " (SquirrelMail authenticated user $username)" . $rn;
$header[] = " by $SERVER_NAME with HTTP;" . $rn;
$header[] = " $date" . $rn;
+ }
}
/* Insert the rest of the header fields */
if ($encoding = $rfc822_header->encoding) {
$header[] = 'Content-Transfer-Encoding: ' . $encoding . $rn;
}
- if ($rfc822_header->dnt) {
+ if (isset($rfc822_header->dnt) && $rfc822_header->dnt) {
$dnt = $rfc822_header->getAddr_s('dnt');
/* Pegasus Mail */
$header[] = 'X-Confirm-Reading-To: '.$dnt. $rn;
$aRefs = explode(' ',$sRefs);
$sLine = 'References:';
foreach ($aRefs as $sReference) {
- if (strlen($sLine)+strlen($sReference) >76) {
+ if ( trim($sReference) == '' ) {
+ /* Don't add spaces. */
+ } elseif (strlen($sLine)+strlen($sReference) >76) {
$hdr_s .= $sLine;
$sLine = $rn . ' ' . $sReference;
} else {
}
/**
- * function calculate_references - calculate correct Referer string
+ * function calculate_references - calculate correct References string
+ * Adds the current message ID, and makes sure it doesn't grow forever,
+ * to that extent it drops message-ID's in a smart way until the string
+ * length is under the recommended value of 1000 ("References: <986>\r\n").
+ * It always keeps the first and the last three ID's.
*
* @param Rfc822Header $hdr message header to calculate from
*
- * @return string $refer concatenated and trimmed Referer string
+ * @return string $refer concatenated and trimmed References string
*/
function calculate_references($hdr) {
- $refer = $hdr->references;
+ $aReferences = preg_split('/\s+/', $hdr->references);
$message_id = $hdr->message_id;
$in_reply_to = $hdr->in_reply_to;
- if (strlen($refer) > 2) {
- $refer .= ' ' . $message_id;
- } else {
- if ($in_reply_to) {
- $refer .= $in_reply_to . ' ' . $message_id;
- } else {
- $refer .= $message_id;
- }
+
+ // if References already exists, add the current message ID at the end.
+ // no References exists; if we know a IRT, add that aswell
+ if (count($aReferences) == 0 && $in_reply_to) {
+ $aReferences[] = $in_reply_to;
}
- trim($refer);
- return $refer;
+ $aReferences[] = $message_id;
+
+ // sanitize the array: trim whitespace, remove dupes
+ array_walk($aReferences, 'sq_trim_value');
+ $aReferences = array_unique($aReferences);
+
+ while ( count($aReferences) > 4 && strlen(implode(' ', $aReferences)) >= 986 ) {
+ $aReferences = array_merge(array_slice($aReferences,0,1),array_slice($aReferences,2));
+ }
+ return implode(' ', $aReferences);
}
/**
return $ret;
}
}
-
-?>
\ No newline at end of file