BAD HEADER from local Amavis

[erikpkn]

When sending an e-mail, the local Amavis (at the sending side) reports a BAD HEADER. This happens with every e-mail. The e-mail is forwarded, but I presume an Amavis-installation at the receiving side will not accept it.

User-Agent: RoundCube Webmail/0.3-stable
X-Virus-Scanned: amavisd-new at xxxxxxxxxxxxxxx.xx
X-Amavis-Alert: BAD HEADER SECTION, Improper use of control character (char 0D
	hex): X-PHP-Originating-Script: 0:func.inc\r
X-PHP-Originating-Script: 0:func.inc

Software used:

Fedora 12
amavisd-new: 2.6.4
Postfix: 2.6.5
PHP: 5.3.1

[alec]

Try to disable mail.add_x_header option in php.ini.

[alec]

Also you can try to test with Roundcube's mail_header_delimiter="\n";

[erikpkn]

First suggestion (disable mail.add_x_header option in php.ini) worked. No more BAD HEADERs. Am I right to presume that this is a PHP bug?

Second suggestion ($rcmail_configmail_header_delimiter? = '\n';) didn't work. Also tried '\r\n' and '\r', but all these caused numerous other problems in the header and didn't solve the BAD HEADERs error.

Thank you for the suggestions!

[alec]

Did you used '\n' or "\n" for delimiter? This is not the same in PHP.

[erikpkn]

You're right. Forgot about that. But "\n" didn't work either. Neither did "\r\n\" and "\r". But in my maillog the different settings cause different messages:

with NULL or "\n" I get: INFO: removed bare CR from 1 header line(s)
with "\r\n" I get: INFO: removed bare CR from 8 header line(s)
with "\r" I get: I get: INFO: removed bare CR from 2 header line(s)

[alec]

I'm trying to find a workaround. What if you add in steps/mail/funct.inc in function rcmail_deliver_message() a line:

$header_str = trim($header_str);

before this line:

if (ini_get('safe_mode'))
  $sent = mail($headers_enc['To'], $headers_enc['Subject'], $msg_body, $header_str);

[erikpkn]

No, that did not work. Same BAD HEADER message as before.

[gui1ty]

I worked around the BAD HEADER X-PHP-Originating-Script line, just to have the same message blocked on the Subject line.

INVALID HEADER

  Improper use of control character (char 0D hex): Subject:
    ...2=5F=30=31=33=5Farticle?=\r\n =?UTF-8?Q?=39[...]

It appears RoundCube encoded the mail in UTF-8. The source of the (un)sent message shows the subject as:

Subject: Re: =?UTF-8?Q?NRC=5F=32=30=31=30=30=31=32=31=5F=32=5F=30=31=33=5Farticle?=
 =?UTF-8?Q?=39=2Epdf?=

whereas 'cat -A' reveals it to be:

Subject: Re: =?UTF-8?Q?NRC=5F=32=30=31=30=30=31=32=31=5F=32=5F=30=31=33=5Farticle?=^M$
 =?UTF-8?Q?=39=2Epdf?=$

All other lines in the header are "human readable" ASCII.

The subject of the message I replied to was:

Subject: NRC_20100121_2_013_article9.pdf

[alec]

@gui1ty: what happens when you change in steps/mail/sendmail.inc line:

$headers['Subject'] = mb_encode_mimeheader($headers['Subject'], $message_charset, 'Q');

to:

$headers['Subject'] = mb_encode_mimeheader($headers['Subject'], $message_charset, 'Q', $RCMAIL->config->header_delimiter(), 8);

[gui1ty]

Replying to alec:

I changed the line and the messages is no longer blocked by Amavis.

The subject line now looks like:

Subject: Re: =?UTF-8?Q?NRC=5F=32=30=31=30=30=31=32=31=5F=32=5F=30=31=33=5F?=  =?UTF-8?Q?article=39=2Epdf?=

Thanks!

[alec]

​http://bugs.php.net/bug.php?id=50907. So, assume PHP bug and close this ticket.