- $mime_header = $message->mime_header;
- $rn="\r\n";
- $header = array();
-
- $contenttype = 'Content-Type: '. $mime_header->type0 .'/'.
- $mime_header->type1;
- if (count($message->entities)) {
- $contenttype .= ";\r\n " . 'boundary="'.$boundary.'"';
- }
- if (isset($mime_header->parameters['name'])) {
- $contenttype .= '; name="'.
- encodeHeader($mime_header->parameters['name']). '"';
- }
- if (isset($mime_header->parameters['charset'])) {
- $charset = $mime_header->parameters['charset'];
- $contenttype .= '; charset="'.
- encodeHeader($charset). '"';
- }
-
-
- $header[] = $contenttype . $rn;
- if ($mime_header->description) {
- $header[] .= 'Content-Description: ' . $mime_header->description . $rn;
- }
- if ($mime_header->encoding) {
- $encoding = $mime_header->encoding;
- $header[] .= 'Content-Transfer-Encoding: ' . $mime_header->encoding . $rn;
- } else {
- if ($mime_header->type0 == 'text' || $mime_header->type0 == 'message') {
- $header[] .= 'Content-Transfer-Encoding: 8bit' . $rn;
- } else {
- $header[] .= 'Content-Transfer-Encoding: base64' . $rn;
- }
- }
- if ($mime_header->id) {
- $header[] .= 'Content-ID: ' . $mime_header->id . $rn;
- }
- if ($mime_header->disposition) {
- $disposition = $mime_header->disposition;
- $contentdisp = 'Content-Disposition: ' . $disposition->name;
- if ($disposition->getProperty('filename')) {
- $contentdisp .= '; filename="'.
- encodeHeader($disposition->getProperty('filename')). '"';
- }
- $header[] = $contentdisp . $rn;
- }
- if ($mime_header->md5) {
- $header[] .= 'Content-MD5: ' . $mime_header->md5 . $rn;
- }
- if ($mime_header->language) {
- $header[] .= 'Content-Language: ' . $mime_header->language . $rn;
- }
-
- $cnt = count($header);
- $hdr_s = '';
- for ($i = 0 ; $i < $cnt ; $i++) {
- $hdr_s .= $this->foldLine($header[$i], 78,str_pad('',4));
- }
- $header = $hdr_s;
- $header .= $rn; /* One blank line to separate mimeheader and body-entity */
- return $header;
- }
-
- function prepareRFC822_Header($rfc822_header, $reply_rfc822_header, &$raw_length) {
- $REMOTE_ADDR = $_SERVER['REMOTE_ADDR'];
- $SERVER_NAME = $_SERVER['SERVER_NAME'];
- $REMOTE_PORT = $_SERVER['REMOTE_PORT'];
- if(isset($_SERVER['REMOTE_HOST'])) {
- $REMOTE_HOST = $_SERVER['REMOTE_HOST'];
- }
- if(isset($_SERVER['HTTP_VIA'])) {
- $HTTP_VIA = $_SERVER['HTTP_VIA'];
- }
- if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
- $HTTP_X_FORWARDED_FOR = $_SERVER['HTTP_X_FORWARDED_FOR'];
- }
- global $version, $username;
- $rn = "\r\n";
- /* This creates an RFC 822 date */
- $date = date('D, j M Y H:i:s ', mktime()) . $this->timezone();
- /* Create a message-id */
- $message_id = '<' . $REMOTE_PORT . '.' . $REMOTE_ADDR . '.';
- $message_id .= time() . '.squirrel@' . $SERVER_NAME .'>';
- /* Make an RFC822 Received: line */
- if (isset($REMOTE_HOST)) {
- $received_from = "$REMOTE_HOST ([$REMOTE_ADDR])";
- } else {
- $received_from = $REMOTE_ADDR;
- }
- if (isset($HTTP_VIA) || isset ($HTTP_X_FORWARDED_FOR)) {
- if (!isset($HTTP_X_FORWARDED_FOR) || $HTTP_X_FORWARDED_FOR == '') {
- $HTTP_X_FORWARDED_FOR = 'unknown';
- }
- $received_from .= " (proxying for $HTTP_X_FORWARDED_FOR)";
- }
- $header = array();
- $header[] = "Received: from $received_from" . $rn;
- $header[] = " (SquirrelMail authenticated user $username)" . $rn;
- $header[] = " by $SERVER_NAME with HTTP;" . $rn;
- $header[] = " $date" . $rn;
+ $mime_header = $message->mime_header;
+ $rn="\r\n";
+ $header = array();
+
+ $contenttype = 'Content-Type: '. $mime_header->type0 .'/'.
+ $mime_header->type1;
+ if (count($message->entities)) {
+ $contenttype .= ';' . 'boundary="'.$boundary.'"';
+ }
+ if (isset($mime_header->parameters['name'])) {
+ $contenttype .= '; name="'.
+ encodeHeader($mime_header->parameters['name']). '"';
+ }
+ if (isset($mime_header->parameters['charset'])) {
+ $charset = $mime_header->parameters['charset'];
+ $contenttype .= '; charset="'.
+ encodeHeader($charset). '"';
+ }
+
+ $header[] = $contenttype . $rn;
+ if ($mime_header->description) {
+ $header[] = 'Content-Description: ' . $mime_header->description . $rn;
+ }
+ if ($mime_header->encoding) {
+ $header[] = 'Content-Transfer-Encoding: ' . $mime_header->encoding . $rn;
+ } else {
+
+ // inspect attached file for lines longer than allowed by RFC,
+ // in which case we'll be using base64 encoding (so we can split
+ // the lines up without corrupting them) instead of 8bit unencoded...
+ // (see RFC 2822/2.1.1)
+ //
+ if (!empty($message->att_local_name)) { // is this redundant? I have no idea
+ global $username, $attachment_dir;
+ $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
+ $filename = $hashed_attachment_dir . '/' . $message->att_local_name;
+
+ // using 990 because someone somewhere is folding lines at
+ // 990 instead of 998 and I'm too lazy to find who it is
+ //
+ $file_has_long_lines = file_has_long_lines($filename, 990);
+ } else
+ $file_has_long_lines = FALSE;
+
+ if ($mime_header->type0 == 'multipart' || $mime_header->type0 == 'alternative') {
+ /* no-op; no encoding needed */
+ } else if (($mime_header->type0 == 'text' || $mime_header->type0 == 'message')
+ && !$file_has_long_lines) {
+ $header[] = 'Content-Transfer-Encoding: 8bit' . $rn;
+ } else {
+ $header[] = 'Content-Transfer-Encoding: base64' . $rn;
+ }
+ }
+ if ($mime_header->id) {
+ $header[] = 'Content-ID: ' . $mime_header->id . $rn;
+ }
+ if ($mime_header->disposition) {
+ $disposition = $mime_header->disposition;
+ $contentdisp = 'Content-Disposition: ' . $disposition->name;
+ if ($disposition->getProperty('filename')) {
+ $contentdisp .= '; filename="'.
+ encodeHeader($disposition->getProperty('filename')). '"';
+ }
+ $header[] = $contentdisp . $rn;
+ }
+ if ($mime_header->md5) {
+ $header[] = 'Content-MD5: ' . $mime_header->md5 . $rn;
+ }
+ if ($mime_header->language) {
+ $header[] = 'Content-Language: ' . $mime_header->language . $rn;
+ }
+
+ $cnt = count($header);
+ $hdr_s = '';
+ for ($i = 0 ; $i < $cnt ; $i++) {
+ $hdr_s .= $this->foldLine($header[$i], 78);
+ }
+ $header = $hdr_s;
+ $header .= $rn; /* One blank line to separate mimeheader and body-entity */
+ return $header;
+ }
+
+ /**
+ * function prepareRFC822_Header - prepares the RFC822 header string from Rfc822Header object(s)
+ *
+ * This function takes the Rfc822Header object(s) and formats them
+ * into the RFC822Header string to send to the SMTP server as part
+ * of the SMTP message.
+ *
+ * @param Rfc822Header $rfc822_header
+ * @param Rfc822Header $reply_rfc822_header
+ * @param integer &$raw_length length of the message
+ *
+ * @return string $header
+ */
+ function prepareRFC822_Header(&$rfc822_header, $reply_rfc822_header, &$raw_length) {
+ global $domain, $username, $encode_header_key,
+ $edit_identity, $hide_auth_header;
+
+ /* if server var SERVER_NAME not available, or contains
+ ":" (e.g. IPv6) which is illegal in a Message-ID, use $domain */
+ if(!sqGetGlobalVar('SERVER_NAME', $SERVER_NAME, SQ_SERVER) ||
+ strpos($SERVER_NAME,':') !== FALSE) {
+ $SERVER_NAME = $domain;
+ }
+
+ sqGetGlobalVar('REMOTE_ADDR', $REMOTE_ADDR, SQ_SERVER);
+ sqGetGlobalVar('REMOTE_PORT', $REMOTE_PORT, SQ_SERVER);
+ sqGetGlobalVar('REMOTE_HOST', $REMOTE_HOST, SQ_SERVER);
+ sqGetGlobalVar('HTTP_VIA', $HTTP_VIA, SQ_SERVER);
+ sqGetGlobalVar('HTTP_X_FORWARDED_FOR', $HTTP_X_FORWARDED_FOR, SQ_SERVER);
+
+ $rn = "\r\n";
+
+ /* This creates an RFC 822 date */
+ $date = date('D, j M Y H:i:s ', time()) . $this->timezone();
+
+ /* Create a message-id */
+ $message_id = 'MESSAGE ID GENERATION ERROR! PLEASE CONTACT SQUIRRELMAIL DEVELOPERS';
+ if (empty($rfc822_header->message_id)) {
+ $message_id = '<';
+ /* user-specifc data to decrease collision chance */
+ $seed_data = $username . '.';
+ $seed_data .= (!empty($REMOTE_PORT) ? $REMOTE_PORT . '.' : '');
+ $seed_data .= (!empty($REMOTE_ADDR) ? $REMOTE_ADDR . '.' : '');
+ /* add the current time in milliseconds and randomness */
+ $seed_data .= uniqid(mt_rand(),true);
+ /* put it through one-way hash and add it to the ID */
+ $message_id .= md5($seed_data) . '.squirrel@' . $SERVER_NAME .'>';
+ }
+
+ /* Make an RFC822 Received: line */
+ if (isset($REMOTE_HOST)) {
+ $received_from = "$REMOTE_HOST ([$REMOTE_ADDR])";
+ } else {
+ $received_from = $REMOTE_ADDR;
+ }
+ if (isset($HTTP_VIA) || isset ($HTTP_X_FORWARDED_FOR)) {
+ if (!isset($HTTP_X_FORWARDED_FOR) || $HTTP_X_FORWARDED_FOR == '') {
+ $HTTP_X_FORWARDED_FOR = 'unknown';
+ }
+ $received_from .= " (proxying for $HTTP_X_FORWARDED_FOR)";
+ }
+ $header = array();
+
+ /**
+ * SquirrelMail header
+ *
+ * This Received: header provides information that allows to track
+ * user and machine that was used to send email. Don't remove it
+ * unless you understand all possible forging issues or your
+ * webmail installation does not prevent changes in user's email address.
+ * See SquirrelMail bug tracker #847107 for more details about it.
+ *
+ * Add hide_squirrelmail_header as a candidate for config_local.php
+ * (must be defined as a constant: define('hide_squirrelmail_header', 1);
+ * to allow completely hiding SquirrelMail participation in message
+ * processing; This is dangerous, especially if users can modify their
+ * account information, as it makes mapping a sent message back to the
+ * original sender almost impossible.
+ */
+ $show_sm_header = ( defined('hide_squirrelmail_header') ? ! hide_squirrelmail_header : 1 );
+
+ // FIXME: The following headers may generate slightly differently between the message sent to the destination and that stored in the Sent folder because this code will be called before both actions. This is not necessarily a big problem, but other headers such as Message-ID and Date are preserved between both actions
+ if ( $show_sm_header ) {
+ if (isset($encode_header_key) &&
+ trim($encode_header_key)!='') {
+ // use encoded headers, if encryption key is set and not empty
+ $header[] = 'X-Squirrel-UserHash: '.OneTimePadEncrypt($username,base64_encode($encode_header_key)).$rn;
+ $header[] = 'X-Squirrel-FromHash: '.OneTimePadEncrypt($this->ip2hex($REMOTE_ADDR),base64_encode($encode_header_key)).$rn;
+ if (isset($HTTP_X_FORWARDED_FOR))
+ $header[] = 'X-Squirrel-ProxyHash:'.OneTimePadEncrypt($this->ip2hex($HTTP_X_FORWARDED_FOR),base64_encode($encode_header_key)).$rn;
+ } else {
+ // use default received headers
+ $header[] = "Received: from $received_from" . $rn;
+ if (!isset($hide_auth_header) || !$hide_auth_header)
+ $header[] = " (SquirrelMail authenticated user $username)" . $rn;
+ $header[] = " by $SERVER_NAME with HTTP;" . $rn;
+ $header[] = " $date" . $rn;
+ }
+ }
+