#!/usr/local/bin/perl # send_mail.cgi # Send off an email message require './mailbox-lib.pl'; # Check inputs &ReadParse(\%getin, "GET"); &ReadParseMime(undef, \&read_parse_mime_callback, [ $getin{'id'} ]); &set_module_index($in{'folder'}); @folders = &list_folders(); $folder = $folders[$in{'folder'}]; &error_setup($text{'send_err'}); if (!$in{'subject'}) { if ($userconfig{'force_subject'} eq 'error') { &error($text{'send_esubject'}); } elsif ($userconfig{'force_subject'}) { $in{'subject'} = $userconfig{'force_subject'}; } } @sub = split(/\0/, $in{'sub'}); $subs = join("", map { "&sub=$_" } @sub); $draft = $in{'draft'} || $in{'save'}; # Construct the email if ($config{'edit_from'} == 2) { $in{'user'} || &error($text{'send_efrom'}); $in{'from'} = $in{'dom'} ? "$in{'user'}\@$in{'dom'}" : $in{'user'}; if ($in{'real'}) { $in{'from'} = "\"$in{'real'}\" <$in{'from'}>"; } } else { $in{'from'} || &error($text{'send_efrom'}); } $in{'to'} = &expand_to($in{'to'}); $in{'cc'} = &expand_to($in{'cc'}); $in{'bcc'} = &expand_to($in{'bcc'}); $newmid = &generate_message_id($in{'from'}); $mail->{'headers'} = [ [ 'From', $in{'from'} ], [ 'Subject', $in{'subject'} ], [ 'To', $in{'to'} ], [ 'Cc', $in{'cc'} ], [ 'Bcc', $in{'bcc'} ], [ 'X-Originating-IP', $ENV{'REMOTE_ADDR'} ], [ 'X-Mailer', "Usermin ".&get_webmin_version() ], [ 'Message-Id', $newmid ] ]; $mail->{'header'}->{'message-id'} = $newmid; push(@{$mail->{'headers'}}, [ 'X-Priority', $in{'pri'} ]) if ($in{'pri'}); push(@{$mail->{'headers'}}, [ 'In-Reply-To', $in{'rid'} ]) if ($in{'rid'}); if ($userconfig{'req_dsn'} == 1 || $userconfig{'req_dsn'} == 2 && $in{'dsn'}) { push(@{$mail->{'headers'}}, [ 'Disposition-Notification-To', $in{'from'} ]); push(@{$mail->{'headers'}}, [ 'Read-Receipt-To', $in{'from'} ]); } if ($in{'replyto'}) { # Add real name to reply-to address, if not given and if possible local $r2 = $in{'replyto'}; local ($r2parts) = &split_addresses($r2); $r2 = $r2parts->[1] || !$userconfig{'real_name'} || !$remote_user_info[6] ? $in{'replyto'} : "\"$remote_user_info[6]\" <$r2parts->[0]>"; push(@{$mail->{'headers'}}, [ 'Reply-To', $r2 ]); } $in{'body'} =~ s/\r//g; %cidmap = ( ); if ($in{'body'} =~ /\S/) { # Perform spell check on body if requested local $plainbody = $in{'html_edit'} ? &html_to_text($in{'body'}) : $in{'body'}; if ($in{'spell'}) { pipe(INr, INw); pipe(OUTr, OUTw); select(INw); $| = 1; select(OUTr); $| = 1; select(STDOUT); if (!fork()) { close(INw); close(OUTr); untie(*STDIN); untie(*STDOUT); untie(*STDERR); open(STDOUT, ">&OUTw"); open(STDERR, ">/dev/null"); open(STDIN, "<&INr"); exec("ispell -a"); exit; } close(INr); close(OUTw); local $indent = " " x 4; local @errs; foreach $line (split(/\n+/, $plainbody)) { next if ($line !~ /\S/); print INw $line,"\n"; local @lerrs; while(1) { ($spell = ) =~ s/\r|\n//g; last if (!$spell); if ($spell =~ /^#\s+(\S+)/) { # Totally unknown word push(@lerrs, $indent.&text('send_eword', "".&html_escape($1)."")); } elsif ($spell =~ /^&\s+(\S+)\s+(\d+)\s+(\d+):\s+(.*)/) { # Maybe possible word, with options push(@lerrs, $indent.&text('send_eword2', "".&html_escape($1)."", "".&html_escape($4)."")); } elsif ($spell =~ /^\?\s+(\S+)/) { # Maybe possible word push(@lerrs, $indent.&text('send_eword', "".&html_escape($1)."")); } } if (@lerrs) { push(@errs, &text('send_eline', "".&html_escape($line)."")."
".join("
", @lerrs)."

\n"); } } close(INw); close(OUTr); if (@errs) { # Spelling errors found! &mail_page_header($text{'compose_title'}); print "$text{'send_espell'}

\n"; print @errs; &ui_print_footer( "javascript:back()", $text{'reply_return'}, "index.cgi?folder=$in{'folder'}", $text{'mail_return'}); exit; } } # For a HTML body, replace images from detach.cgi on the original # email with cid: references. if ($in{'html_edit'}) { $in{'body'} = &create_cids($in{'body'}, \%cidmap); } # Create the body attachment local $mt = $in{'html_edit'} ? "text/html" : "text/plain"; $mt .= "; charset=$userconfig{'charset'}"; if ($in{'body'} =~ /[\177-\377]/) { # Contains 8-bit characters .. need to make quoted-printable $quoted_printable++; @attach = ( { 'headers' => [ [ 'Content-Type', $mt ], [ 'Content-Transfer-Encoding', 'quoted-printable' ] ], 'data' => quoted_encode($in{'body'}) } ); } else { # Plain 7-bit ascii text @attach = ( { 'headers' => [ [ 'Content-Type', $mt ], [ 'Content-Transfer-Encoding', '7bit' ] ], 'data' => $in{'body'} } ); } $bodyattach = $attach[0]; } # Add uploaded attachments $attachsize = 0; for($i=0; defined($in{"attach$i"}); $i++) { next if (!$in{"attach$i"}); &test_max_attach($attachsize); if ($config{'max_attach'} && $attachsize > $config{'max_attach'}) { &error(&text('send_eattachsize', $config{'max_attach'})); } local $filename = $in{"attach${i}_filename"}; $filename =~ s/^.*(\\|\/)//; local $type = $in{"attach${i}_content_type"}."; name=\"". $filename."\""; local $disp = "inline; filename=\"".$filename."\""; push(@attach, { 'data' => $in{"attach${i}"}, 'headers' => [ [ 'Content-type', $type ], [ 'Content-Disposition', $disp ], [ 'Content-Transfer-Encoding', 'base64' ] ] }); } # Add server-side attachments for($i=0; defined($in{"file$i"}); $i++) { next if (!$in{"file$i"} || !$config{'server_attach'}); if ($in{"file$i"} !~ /^\//) { $in{"file$i"} = $remote_user_info[7]."/".$in{"file$i"}; } -r $in{"file$i"} && !-d $in{"file$i"} || &error(&text('send_efile', $in{"file$i"})); local @st = stat($in{"file$i"}); &test_max_attach($st[7]); local $data; open(DATA, "<".$in{"file$i"}) || &error(&text('send_efile', $in{"file$i"})); while() { $data .= $_; } close(DATA); $in{"file$i"} =~ s/^.*\///; local $type = &guess_mime_type($in{"file$i"}). "; name=\"".$in{"file$i"}."\""; local $disp = "inline; filename=\"".$in{"file$i"}."\""; push(@attach, { 'data' => $data, 'headers' => [ [ 'Content-type', $type ], [ 'Content-Disposition', $disp ], [ 'Content-Transfer-Encoding', 'base64' ] ] }); $i++; } # Add forwarded attachments @fwd = split(/\0/, $in{'forward'}); ($sortfield, $sortdir) = &get_sort_field($folder); if (@fwd) { $fwdmail = &mailbox_get_mail($folder, $in{'id'}, 0); &parse_mail($fwdmail); &decrypt_attachments($fwdmail); foreach $s (@sub) { # We are looking at a mail within a mail .. &decrypt_attachments($fwdmail); local $amail = &extract_mail( $fwdmail->{'attach'}->[$s]->{'data'}); &parse_mail($amail); $fwdmail = $amail; } foreach $f (@fwd) { &test_max_attach(length($fwdmail->{'attach'}->[$f]->{'data'})); $a = $fwdmail->{'attach'}->[$f]; if ($cidmap{$f}) { # This attachment has been inlined .. set a content-id $a->{'headers'} = [ grep { lc($_->[0]) ne 'content-id' && lc($_->[0]) ne 'content-location' } @{$a->{'headers'}} ]; push(@{$a->{'headers'}}, [ 'Content-Id', "<$cidmap{$f}>" ]); } push(@attach, $a); } } # Add forwarded emails @mailfwdids = split(/\0/, $in{'mailforward'}); if (@mailfwdids) { @mailfwd = &mailbox_select_mails($folder, \@mailfwdids, 0); foreach $fwdmail (@mailfwd) { local $headertext; foreach $h (@{$fwdmail->{'headers'}}) { $headertext .= $h->[0].": ".$h->[1]."\n"; } push(@attach, { 'data' => $headertext."\n".$fwdmail->{'body'}, 'headers' => [ [ 'Content-type', 'message/rfc822' ], [ 'Content-Description', $fwdmail->{'header'}->{'subject'} ] ] }); } } if ($in{'sign'} ne '' && !$draft) { # Put all the attachments into a single attachment, with the signature # as the second attachment &foreign_require("gnupg", "gnupg-lib.pl"); local @keys = &foreign_call("gnupg", "list_keys"); $key = $keys[$in{'sign'}]; # Create the new attachment push(@{$mail->{'headers'}}, [ 'Content-Type', 'multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"' ] ); local ($tempdata, $tempbody); if (@attach == 1) { # Just use one part $tempdata = &write_attachment($attach[0]); $tempheaders = $attach[0]->{'headers'}; $tempbody = $attach[0]->{'data'}; } else { # Create new attachment containing all the parts local $bound = "sign".time(); foreach $a (@attach) { $tempbody .= "\r\n"; $tempbody .= "--".$bound."\r\n"; $tempbody .= &write_attachment($a); } $tempbody .= "\r\n"; $tempbody .= "--".$bound."--\r\n"; $tempdata ="Content-Type: multipart/mixed; boundary=\"$bound\"\r\n". "\r\n". $tempbody; $tempheaders = [ [ "Content-Type", "multipart/mixed; boundary=\"$bound\"" ] ]; } # Sign the file local $sigdata; local $rv = &foreign_call("gnupg", "sign_data", $tempdata, \$sigdata, $key, 2); if ($rv) { &error(&text('send_esign', $rv)); } @attach = ( { 'data' => $tempbody, 'headers' => $tempheaders }, { 'data' => $sigdata, 'headers' => [ [ "Content-Type", "application/pgp-signature; name=signature.asc" ] ] } ); } $mail->{'attach'} = \@attach; if ($in{'crypt'} ne '' && !$draft) { # Encrypt the entire mail &foreign_require("gnupg", "gnupg-lib.pl"); local @keys = &foreign_call("gnupg", "list_keys"); local @ekeys; local $key; if ($in{'crypt'} == -1) { # Find the keys for the To:, Cc: and Bcc: address local @addrs = ( &address_parts($in{'to'}), &address_parts($in{'cc'}), &address_parts($in{'bcc'}) ); local $a; foreach $a (@addrs) { local $found; foreach $k (@keys) { if (&indexof($a, @{$k->{'email'}}) >= 0) { push(@ekeys, $k); $found++; last; } } &error(&text('send_ekey', $a)) if (!$found); } } else { @ekeys = ( $keys[$in{'crypt'}] ); } if ($userconfig{'self_crypt'}) { local ($skey) = grep { $_->{'secret'} } @keys; push(@ekeys, $skey); } local $temp = &transname(); &send_mail($mail, $temp); local ($tempdata, $buf); open(TEMP, $temp); local $dummy = ; # skip From line while(read(TEMP, $buf, 1024) > 0) { $tempdata .= $buf; } close(TEMP); unlink($temp); local $crypted; local $rv = &foreign_call("gnupg", "encrypt_data", $tempdata, \$crypted, \@ekeys, 1); $rv && &error(&text('send_ecrypt', $rv)); # Put into new attachments format $mail->{'headers'} = [ ( grep { lc($_->[0]) ne 'content-type' } @{$mail->{'headers'}} ), [ 'Content-Type', 'multipart/encrypted; protocol="application/pgp-encrypted"' ] ]; $mail->{'attach'} = [ { 'headers' => [ [ 'Content-Transfer-Encoding', '7bit' ], [ 'Content-Type', 'application/pgp-encrypted'] ], 'data' => "Version: 1\n" }, { 'headers' => [ [ 'Content-Transfer-Encoding', '7bit' ], [ 'Content-Type', 'application/octet-stream' ] ], 'data' => $crypted } ]; } # Check for text-only email $textonly = $userconfig{'no_mime'} && !$quoted_printable && @{$mail->{'attach'}} == 1 && $mail->{'attach'}->[0] eq $bodyattach && !$in{'html_edit'}; # Tell the user what is happening if (!$in{'save'}) { &mail_page_header($draft ? $text{'send_title2'} : $text{'send_title'}); @tos = ( split(/,/, $in{'to'}), split(/,/, $in{'cc'}), split(/,/, $in{'bcc'}) ); $tos = join(" , ", map { "".&html_escape($_)."" } @tos); print &text($draft ? 'send_draft' : 'send_sending', $tos || $text{'send_nobody'}),"

\n"; } if ($draft) { # Save in the drafts folder ($dfolder) = grep { $_->{'drafts'} } @folders; $qerr = &would_exceed_quota($dfolder, $mail); &error($qerr) if ($qerr); &lock_folder($dfolder); if ($in{'enew'} && $folder->{'drafts'}) { # Update existing draft mail ($dsortfield, $dsortdir) = &get_sort_field($dfolder); $oldmail = &mailbox_get_mail($folder, $in{'id'}, 0); $oldmail || &error($text{'view_egone'}); &mailbox_modify_mail($oldmail, $mail, $dfolder, $textonly); } else { # Save as a new draft &write_mail_folder($mail, $dfolder, $textonly); } &unlock_folder($dfolder); } else { # Send it off and optionally save in sent mail local $sfolder; if ($userconfig{'save_sent'}) { ($sfolder) = grep { $_->{'sent'} } @folders; if ($sfolder) { $qerr = &would_exceed_quota($sfolder, $mail); &error($qerr) if ($qerr); } } $notify = $userconfig{'req_del'} == 1 || $userconfig{'req_del'} == 2 && $in{'del'} ? [ "SUCCESS","FAILURE" ] : undef; &send_mail($mail, undef, $textonly, $config{'no_crlf'}, undef, undef, undef, undef, $notify); if ($sfolder) { &lock_folder($sfolder); &write_mail_folder($mail, $sfolder, $textonly) if ($sfolder); &unlock_folder($sfolder); } } # Mark the new message as read &set_mail_read($folder, $mail, 1); if ($in{'abook'}) { # Add all recipients to the address book, if missing local @recips = ( &split_addresses($in{'to'}), &split_addresses($in{'cc'}), &split_addresses($in{'bcc'}) ); local @addrs = &list_addresses(); foreach $r (@recips) { local ($already) = grep { $_->[0] eq $r->[0] } @addrs; if (!$already) { &create_address($r->[0], $r->[1]); push(@addrs, [ $r->[0], $r->[1] ]); } } } if ($userconfig{'white_rec'}) { # Add all recipients to the SpamAssassin whitelist local @recips = ( &split_addresses($in{'to'}), &split_addresses($in{'cc'}), &split_addresses($in{'bcc'}) ); local @recip_addrs = map { $_->[0] } @recips; &addressbook_add_whitelist(@recip_addrs); } if ($in{'save'}) { # Redirect back to editing the email &redirect("reply_mail.cgi?folder=$dfolder->{'index'}&id=$mail->{'id'}&enew=1"); exit; } if ($userconfig{'send_return'}) { # Return to mail list print "\n"; } # Print footer print "$text{'send_done'}

\n"; if ($in{'id'} ne '') { &mail_page_footer( "view_mail.cgi?id=".&urlize($in{'id'}). "&folder=$in{'folder'}&start=$in{'start'}$subs", $text{'view_return'}, "index.cgi?folder=$in{'folder'}&start=$in{'start'}", $text{'mail_return'}); } else { &mail_page_footer( "reply_mail.cgi?new=1&folder=$in{'folder'}&start=$in{'start'}", $text{'reply_return'}, "index.cgi?folder=$in{'folder'}&start=$in{'start'}", $text{'mail_return'}); } # write_attachment(&attach) sub write_attachment { local ($a) = @_; local ($enc, $rv); foreach $h (@{$a->{'headers'}}) { $rv .= $h->[0].": ".$h->[1]."\r\n"; $enc = $h->[1] if (lc($h->[0]) eq 'content-transfer-encoding'); } $rv .= "\r\n"; if (lc($enc) eq 'base64') { local $encoded = &encode_base64($a->{'data'}); $encoded =~ s/\r//g; $encoded =~ s/\n/\r\n/g; $rv .= $encoded; } else { $a->{'data'} =~ s/\r//g; $a->{'data'} =~ s/\n/\r\n/g; $rv .= $a->{'data'}; if ($a->{'data'} !~ /\n$/) { $rv .= "\r\n"; } } return $rv; } sub test_max_attach { $attachsize += $_[0]; if ($config{'max_attach'} && $attachsize > $config{'max_attach'}) { &error(&text('send_eattachsize', $config{'max_attach'})); } }