From 9cbad13b652da19396511434b18e88533c8f9901 Mon Sep 17 00:00:00 2001 From: Phil Pennock Date: Mon, 7 May 2012 04:03:37 -0700 Subject: [PATCH] Default accept_8bitmime to true. Some discussion at http://bugs.exim.org/show_bug.cgi?id=817 Refer readers to Dan Bernstein's analysis of the issues. Consensus seen from maintainers is that DJB is right on this point. --- doc/doc-docbook/spec.xfpt | 13 +++++++++++-- doc/doc-txt/ChangeLog | 2 ++ doc/doc-txt/NewStuff | 6 ++++++ doc/doc-txt/OptionLists.txt | 2 +- src/README.UPDATING | 8 ++++++++ src/src/configure.default | 7 +++++++ src/src/globals.c | 2 +- test/confs/0001 | 2 +- test/confs/0390 | 2 +- test/stdout/0001 | 2 +- test/stdout/0390 | 8 ++++---- 11 files changed, 43 insertions(+), 11 deletions(-) diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 0555672dd..2a01a1e5b 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -12850,14 +12850,23 @@ See also the &'Policy controls'& section above. Those options that undergo string expansion before use are marked with †. -.option accept_8bitmime main boolean false +.new +.option accept_8bitmime main boolean true .cindex "8BITMIME" .cindex "8-bit characters" This option causes Exim to send 8BITMIME in its response to an SMTP EHLO command, and to accept the BODY= parameter on MAIL commands. However, though Exim is 8-bit clean, it is not a protocol converter, and it takes no steps to do anything special with messages received by this route. -Consequently, this option is turned off by default. + +Historically Exim kept this option off by default, but the maintainers +feel that in today's Internet, this causes more problems than it solves. +It now defaults to true. +A more detailed analysis of the issues is provided by Dan Bernstein: +.display +&url(http://cr.yp.to/smtp/8bitmime.html) +.endd +.wen .option acl_not_smtp main string&!! unset .cindex "&ACL;" "for non-SMTP messages" diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index e953f9b53..d202cf16b 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -89,6 +89,8 @@ PP/19 DNS resolver init changes for NetBSD compatibility. (Risk of breakage PP/20 Revert part of NM/04, it broke log_path containing %D expansions. Left warnings. Added "eximon gdb" invocation mode. +PP/21 Defaulting "accept_8bitmime" to true, not false. + Exim version 4.77 ----------------- diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index 2872d241f..1c8190597 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -56,6 +56,12 @@ Version 4.78 Currently OpenSSL only. + 8. The existing "accept_8bitmime" option now defaults to true. This means + that Exim is deliberately not strictly RFC compliant. We're following + Dan Bernstein's advice in http://cr.yp.to/smtp/8bitmime.html by default. + Those who disagree, or know that they are talking to mail servers that, + even today, are not 8-bit clean, need to turn off this option. + Version 4.77 ------------ diff --git a/doc/doc-txt/OptionLists.txt b/doc/doc-txt/OptionLists.txt index 52a24b198..20aeff965 100644 --- a/doc/doc-txt/OptionLists.txt +++ b/doc/doc-txt/OptionLists.txt @@ -48,7 +48,7 @@ release 4.00, and so no router options are shown as earlier than 4.00, though in fact some of them were inherited from earlier versions. ----------------------------------------------------------------------------------------- -accept_8bitmime boolean false main 1.60 +accept_8bitmime boolean true main 1.60 changed to true in 4.78 acl_not_smtp string* unset main 4.11 acl_not_smtp_mime string* unset main 4.51 with content scan acl_smtp_auth string* unset main 4.00 diff --git a/src/README.UPDATING b/src/README.UPDATING index 5b6bea869..0d729a384 100644 --- a/src/README.UPDATING +++ b/src/README.UPDATING @@ -69,6 +69,14 @@ Exim version 4.78 attribute as a comma-separated list. Note the distinction from multiple attributes being returned, where each one is a name=value pair. + * accept_8bitmime now defaults on, which is not RFC compliant but is better + suited to today's Internet. See http://cr.yp.to/smtp/8bitmime.html for a + sane rationale. Those who wish to be strictly RFC compliant, or know that + they need to talk to servers that are not 8-bit-clean, now need to take + explicit configuration action to default this option off. This is not a + new option, you can safely force it off before upgrading, to decouple + configuration changes from the binary upgrade while remaining RFC compliant. + Exim version 4.77 ----------------- diff --git a/src/src/configure.default b/src/src/configure.default index a527b41a8..963ec1696 100644 --- a/src/src/configure.default +++ b/src/src/configure.default @@ -304,6 +304,13 @@ timeout_frozen_after = 7d # because of some popular, yet buggy, mail composition software. +# If you wish to be strictly RFC compliant, or if you know you'll be +# exchanging email with systems that are not 8-bit clean, then you may +# wish to disable advertising 8BITMIME. Uncomment this option to do so. + +# accept_8bitmime = false + + ###################################################################### # ACL CONFIGURATION # # Specifies access control lists for incoming SMTP mail # diff --git a/src/src/globals.c b/src/src/globals.c index f11c7c2db..af0c14b02 100644 --- a/src/src/globals.c +++ b/src/src/globals.c @@ -247,7 +247,7 @@ uschar *acl_wherecodes[] = { US"550", /* RCPT */ BOOL active_local_from_check = FALSE; BOOL active_local_sender_retain = FALSE; -BOOL accept_8bitmime = FALSE; +BOOL accept_8bitmime = TRUE; /* deliberately not RFC compliant */ address_item *addr_duplicate = NULL; address_item address_defaults = { diff --git a/test/confs/0001 b/test/confs/0001 index aa07ef053..14db5ae26 100644 --- a/test/confs/0001 +++ b/test/confs/0001 @@ -13,7 +13,7 @@ gecos_pattern = "" gecos_name = CALLER_NAME -accept_8bitmime +no_accept_8bitmime acl_not_smtp = check_local_message acl_smtp_auth = check_auth acl_smtp_connect = check_connect diff --git a/test/confs/0390 b/test/confs/0390 index 6da8949d8..d6e5b9cd8 100644 --- a/test/confs/0390 +++ b/test/confs/0390 @@ -12,7 +12,7 @@ gecos_name = CALLER_NAME # ----- Main settings ----- .ifdef AA -accept_8bitmime +no_accept_8bitmime .endif .ifndef AA diff --git a/test/stdout/0001 b/test/stdout/0001 index 77d202228..d9ce2f07b 100644 --- a/test/stdout/0001 +++ b/test/stdout/0001 @@ -1,4 +1,4 @@ -accept_8bitmime +no_accept_8bitmime bounce_message_file = callout_domain_negative_expire = 1h daemon_smtp_ports = diff --git a/test/stdout/0390 b/test/stdout/0390 index f42f459d4..d573699ef 100644 --- a/test/stdout/0390 +++ b/test/stdout/0390 @@ -1,4 +1,4 @@ -no_accept_8bitmime +accept_8bitmime acl_not_smtp = xxx acl_smtp_auth = acl_smtp_connect = @@ -8,7 +8,7 @@ acl_smtp_expn = zzz acl_smtp_mail = yyy acl_smtp_rcpt = acl_smtp_vrfy = -accept_8bitmime +no_accept_8bitmime acl_not_smtp = acl_smtp_auth = xxx acl_smtp_connect = xxx @@ -18,7 +18,7 @@ acl_smtp_expn = acl_smtp_mail = xxx acl_smtp_rcpt = acl_smtp_vrfy = -no_accept_8bitmime +accept_8bitmime acl_not_smtp = xxx acl_smtp_auth = xxx acl_smtp_connect = yyy @@ -28,7 +28,7 @@ acl_smtp_expn = yyy acl_smtp_mail = yyy acl_smtp_rcpt = acl_smtp_vrfy = -accept_8bitmime +no_accept_8bitmime acl_not_smtp = acl_smtp_auth = xxx acl_smtp_connect = xxx -- 2.30.2