#!/usr/local/bin/perl
# send_mail.cgi
# Send off an email message
require './mailbox-lib.pl';
# Check inputs
&ReadParse(\%getin, "GET");
&ReadParseMime(undef, \&read_parse_mime_callback, [ $getin{'id'} ]);
&set_module_index($in{'folder'});
@folders = &list_folders();
$folder = $folders[$in{'folder'}];
&error_setup($text{'send_err'});
if (!$in{'subject'}) {
if ($userconfig{'force_subject'} eq 'error') {
&error($text{'send_esubject'});
}
elsif ($userconfig{'force_subject'}) {
$in{'subject'} = $userconfig{'force_subject'};
}
}
@sub = split(/\0/, $in{'sub'});
$subs = join("", map { "&sub=$_" } @sub);
$draft = $in{'draft'} || $in{'save'};
# Construct the email
if ($config{'edit_from'} == 2) {
$in{'user'} || &error($text{'send_efrom'});
$in{'from'} = $in{'dom'} ? "$in{'user'}\@$in{'dom'}" : $in{'user'};
if ($in{'real'}) {
$in{'from'} = "\"$in{'real'}\" <$in{'from'}>";
}
}
else {
$in{'from'} || &error($text{'send_efrom'});
}
$in{'to'} = &expand_to($in{'to'});
$in{'cc'} = &expand_to($in{'cc'});
$in{'bcc'} = &expand_to($in{'bcc'});
$newmid = &generate_message_id($in{'from'});
$mail->{'headers'} = [ [ 'From', $in{'from'} ],
[ 'Subject', $in{'subject'} ],
[ 'To', $in{'to'} ],
[ 'Cc', $in{'cc'} ],
[ 'Bcc', $in{'bcc'} ],
[ 'X-Originating-IP', $ENV{'REMOTE_ADDR'} ],
[ 'X-Mailer', "Usermin ".&get_webmin_version() ],
[ 'Message-Id', $newmid ] ];
$mail->{'header'}->{'message-id'} = $newmid;
push(@{$mail->{'headers'}}, [ 'X-Priority', $in{'pri'} ]) if ($in{'pri'});
push(@{$mail->{'headers'}}, [ 'In-Reply-To', $in{'rid'} ]) if ($in{'rid'});
if ($userconfig{'req_dsn'} == 1 ||
$userconfig{'req_dsn'} == 2 && $in{'dsn'}) {
push(@{$mail->{'headers'}}, [ 'Disposition-Notification-To', $in{'from'} ]);
push(@{$mail->{'headers'}}, [ 'Read-Receipt-To', $in{'from'} ]);
}
if ($in{'replyto'}) {
# Add real name to reply-to address, if not given and if possible
local $r2 = $in{'replyto'};
local ($r2parts) = &split_addresses($r2);
$r2 = $r2parts->[1] || !$userconfig{'real_name'} ||
!$remote_user_info[6] ? $in{'replyto'} :
"\"$remote_user_info[6]\" <$r2parts->[0]>";
push(@{$mail->{'headers'}}, [ 'Reply-To', $r2 ]);
}
$in{'body'} =~ s/\r//g;
%cidmap = ( );
if ($in{'body'} =~ /\S/) {
# Perform spell check on body if requested
local $plainbody = $in{'html_edit'} ? &html_to_text($in{'body'})
: $in{'body'};
if ($in{'spell'}) {
pipe(INr, INw);
pipe(OUTr, OUTw);
select(INw); $| = 1; select(OUTr); $| = 1; select(STDOUT);
if (!fork()) {
close(INw);
close(OUTr);
untie(*STDIN);
untie(*STDOUT);
untie(*STDERR);
open(STDOUT, ">&OUTw");
open(STDERR, ">/dev/null");
open(STDIN, "<&INr");
exec("ispell -a");
exit;
}
close(INr);
close(OUTw);
local $indent = " " x 4;
local @errs;
foreach $line (split(/\n+/, $plainbody)) {
next if ($line !~ /\S/);
print INw $line,"\n";
local @lerrs;
while(1) {
($spell = <OUTr>) =~ s/\r|\n//g;
last if (!$spell);
if ($spell =~ /^#\s+(\S+)/) {
# Totally unknown word
push(@lerrs, $indent.&text('send_eword', "<i>".&html_escape($1)."</i>"));
}
elsif ($spell =~ /^&\s+(\S+)\s+(\d+)\s+(\d+):\s+(.*)/) {
# Maybe possible word, with options
push(@lerrs, $indent.&text('send_eword2', "<i>".&html_escape($1)."</i>", "<i>".&html_escape($4)."</i>"));
}
elsif ($spell =~ /^\?\s+(\S+)/) {
# Maybe possible word
push(@lerrs, $indent.&text('send_eword', "<i>".&html_escape($1)."</i>"));
}
}
if (@lerrs) {
push(@errs, &text('send_eline', "<tt>".&html_escape($line)."</tt>")."<br>".join("<br>", @lerrs)."<p>\n");
}
}
close(INw);
close(OUTr);
if (@errs) {
# Spelling errors found!
&mail_page_header($text{'compose_title'});
print "<b>$text{'send_espell'}</b><p>\n";
print @errs;
&ui_print_footer(
"javascript:back()", $text{'reply_return'},
"index.cgi?folder=$in{'folder'}",
$text{'mail_return'});
exit;
}
}
# For a HTML body, replace images from detach.cgi on the original
# email with cid: references.
if ($in{'html_edit'}) {
$in{'body'} = &create_cids($in{'body'}, \%cidmap);
}
# Create the body attachment
local $mt = $in{'html_edit'} ? "text/html" : "text/plain";
$mt .= "; charset=$userconfig{'charset'}";
if ($in{'body'} =~ /[\177-\377]/) {
# Contains 8-bit characters .. need to make quoted-printable
$quoted_printable++;
@attach = ( { 'headers' => [ [ 'Content-Type', $mt ],
[ 'Content-Transfer-Encoding',
'quoted-printable' ] ],
'data' => quoted_encode($in{'body'}) } );
}
else {
# Plain 7-bit ascii text
@attach = ( { 'headers' => [ [ 'Content-Type', $mt ],
[ 'Content-Transfer-Encoding',
'7bit' ] ],
'data' => $in{'body'} } );
}
$bodyattach = $attach[0];
}
# Add uploaded attachments
$attachsize = 0;
for($i=0; defined($in{"attach$i"}); $i++) {
next if (!$in{"attach$i"});
&test_max_attach($attachsize);
if ($config{'max_attach'} && $attachsize > $config{'max_attach'}) {
&error(&text('send_eattachsize', $config{'max_attach'}));
}
local $filename = $in{"attach${i}_filename"};
$filename =~ s/^.*(\\|\/)//;
local $type = $in{"attach${i}_content_type"}."; name=\"".
$filename."\"";
local $disp = "inline; filename=\"".$filename."\"";
push(@attach, { 'data' => $in{"attach${i}"},
'headers' => [ [ 'Content-type', $type ],
[ 'Content-Disposition', $disp ],
[ 'Content-Transfer-Encoding',
'base64' ] ] });
}
# Add server-side attachments
for($i=0; defined($in{"file$i"}); $i++) {
next if (!$in{"file$i"} || !$config{'server_attach'});
if ($in{"file$i"} !~ /^\//) {
$in{"file$i"} = $remote_user_info[7]."/".$in{"file$i"};
}
-r $in{"file$i"} && !-d $in{"file$i"} ||
&error(&text('send_efile', $in{"file$i"}));
local @st = stat($in{"file$i"});
&test_max_attach($st[7]);
local $data;
open(DATA, "<".$in{"file$i"}) ||
&error(&text('send_efile', $in{"file$i"}));
while(<DATA>) {
$data .= $_;
}
close(DATA);
$in{"file$i"} =~ s/^.*\///;
local $type = &guess_mime_type($in{"file$i"}).
"; name=\"".$in{"file$i"}."\"";
local $disp = "inline; filename=\"".$in{"file$i"}."\"";
push(@attach, { 'data' => $data,
'headers' => [ [ 'Content-type', $type ],
[ 'Content-Disposition', $disp ],
[ 'Content-Transfer-Encoding',
'base64' ] ] });
$i++;
}
# Add forwarded attachments
@fwd = split(/\0/, $in{'forward'});
($sortfield, $sortdir) = &get_sort_field($folder);
if (@fwd) {
$fwdmail = &mailbox_get_mail($folder, $in{'id'}, 0);
&parse_mail($fwdmail);
&decrypt_attachments($fwdmail);
foreach $s (@sub) {
# We are looking at a mail within a mail ..
&decrypt_attachments($fwdmail);
local $amail = &extract_mail(
$fwdmail->{'attach'}->[$s]->{'data'});
&parse_mail($amail);
$fwdmail = $amail;
}
foreach $f (@fwd) {
&test_max_attach(length($fwdmail->{'attach'}->[$f]->{'data'}));
$a = $fwdmail->{'attach'}->[$f];
if ($cidmap{$f}) {
# This attachment has been inlined .. set a content-id
$a->{'headers'} = [
grep { lc($_->[0]) ne 'content-id' &&
lc($_->[0]) ne 'content-location' }
@{$a->{'headers'}} ];
push(@{$a->{'headers'}},
[ 'Content-Id', "<$cidmap{$f}>" ]);
}
push(@attach, $a);
}
}
# Add forwarded emails
@mailfwdids = split(/\0/, $in{'mailforward'});
if (@mailfwdids) {
@mailfwd = &mailbox_select_mails($folder, \@mailfwdids, 0);
foreach $fwdmail (@mailfwd) {
local $headertext;
foreach $h (@{$fwdmail->{'headers'}}) {
$headertext .= $h->[0].": ".$h->[1]."\n";
}
push(@attach, { 'data' => $headertext."\n".$fwdmail->{'body'},
'headers' => [ [ 'Content-type', 'message/rfc822' ],
[ 'Content-Description',
$fwdmail->{'header'}->{'subject'} ] ]
});
}
}
if ($in{'sign'} ne '' && !$draft) {
# Put all the attachments into a single attachment, with the signature
# as the second attachment
&foreign_require("gnupg", "gnupg-lib.pl");
local @keys = &foreign_call("gnupg", "list_keys");
$key = $keys[$in{'sign'}];
# Create the new attachment
push(@{$mail->{'headers'}}, [ 'Content-Type', 'multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"' ] );
local ($tempdata, $tempbody);
if (@attach == 1) {
# Just use one part
$tempdata = &write_attachment($attach[0]);
$tempheaders = $attach[0]->{'headers'};
$tempbody = $attach[0]->{'data'};
}
else {
# Create new attachment containing all the parts
local $bound = "sign".time();
foreach $a (@attach) {
$tempbody .= "\r\n";
$tempbody .= "--".$bound."\r\n";
$tempbody .= &write_attachment($a);
}
$tempbody .= "\r\n";
$tempbody .= "--".$bound."--\r\n";
$tempdata ="Content-Type: multipart/mixed; boundary=\"$bound\"\r\n".
"\r\n".
$tempbody;
$tempheaders = [ [ "Content-Type", "multipart/mixed; boundary=\"$bound\"" ] ];
}
# Sign the file
local $sigdata;
local $rv = &foreign_call("gnupg", "sign_data", $tempdata, \$sigdata,
$key, 2);
if ($rv) {
&error(&text('send_esign', $rv));
}
@attach = ( { 'data' => $tempbody,
'headers' => $tempheaders },
{ 'data' => $sigdata,
'headers' => [ [ "Content-Type", "application/pgp-signature; name=signature.asc" ] ] }
);
}
$mail->{'attach'} = \@attach;
if ($in{'crypt'} ne '' && !$draft) {
# Encrypt the entire mail
&foreign_require("gnupg", "gnupg-lib.pl");
local @keys = &foreign_call("gnupg", "list_keys");
local @ekeys;
local $key;
if ($in{'crypt'} == -1) {
# Find the keys for the To:, Cc: and Bcc: address
local @addrs = ( &address_parts($in{'to'}),
&address_parts($in{'cc'}),
&address_parts($in{'bcc'}) );
local $a;
foreach $a (@addrs) {
local $found;
foreach $k (@keys) {
if (&indexof($a, @{$k->{'email'}}) >= 0) {
push(@ekeys, $k);
$found++;
last;
}
}
&error(&text('send_ekey', $a)) if (!$found);
}
}
else {
@ekeys = ( $keys[$in{'crypt'}] );
}
if ($userconfig{'self_crypt'}) {
local ($skey) = grep { $_->{'secret'} } @keys;
push(@ekeys, $skey);
}
local $temp = &transname();
&send_mail($mail, $temp);
local ($tempdata, $buf);
open(TEMP, $temp);
local $dummy = <TEMP>; # skip From line
while(read(TEMP, $buf, 1024) > 0) {
$tempdata .= $buf;
}
close(TEMP);
unlink($temp);
local $crypted;
local $rv = &foreign_call("gnupg", "encrypt_data", $tempdata,
\$crypted, \@ekeys, 1);
$rv && &error(&text('send_ecrypt', $rv));
# Put into new attachments format
$mail->{'headers'} =
[ ( grep { lc($_->[0]) ne 'content-type' } @{$mail->{'headers'}} ),
[ 'Content-Type',
'multipart/encrypted; protocol="application/pgp-encrypted"' ] ];
$mail->{'attach'} =
[ { 'headers' => [ [ 'Content-Transfer-Encoding', '7bit' ],
[ 'Content-Type', 'application/pgp-encrypted'] ],
'data' => "Version: 1\n" },
{ 'headers' => [ [ 'Content-Transfer-Encoding', '7bit' ],
[ 'Content-Type', 'application/octet-stream' ] ],
'data' => $crypted }
];
}
# Check for text-only email
$textonly = $userconfig{'no_mime'} && !$quoted_printable &&
@{$mail->{'attach'}} == 1 &&
$mail->{'attach'}->[0] eq $bodyattach && !$in{'html_edit'};
# Tell the user what is happening
if (!$in{'save'}) {
&mail_page_header($draft ? $text{'send_title2'} : $text{'send_title'});
@tos = ( split(/,/, $in{'to'}), split(/,/, $in{'cc'}),
split(/,/, $in{'bcc'}) );
$tos = join(" , ", map { "<tt>".&html_escape($_)."</tt>" } @tos);
print &text($draft ? 'send_draft' : 'send_sending',
$tos || $text{'send_nobody'}),"<p>\n";
}
if ($draft) {
# Save in the drafts folder
($dfolder) = grep { $_->{'drafts'} } @folders;
$qerr = &would_exceed_quota($dfolder, $mail);
&error($qerr) if ($qerr);
&lock_folder($dfolder);
if ($in{'enew'} && $folder->{'drafts'}) {
# Update existing draft mail
($dsortfield, $dsortdir) = &get_sort_field($dfolder);
$oldmail = &mailbox_get_mail($folder, $in{'id'}, 0);
$oldmail || &error($text{'view_egone'});
&mailbox_modify_mail($oldmail, $mail, $dfolder, $textonly);
}
else {
# Save as a new draft
&write_mail_folder($mail, $dfolder, $textonly);
}
&unlock_folder($dfolder);
}
else {
# Send it off and optionally save in sent mail
local $sfolder;
if ($userconfig{'save_sent'}) {
($sfolder) = grep { $_->{'sent'} } @folders;
if ($sfolder) {
$qerr = &would_exceed_quota($sfolder, $mail);
&error($qerr) if ($qerr);
}
}
$notify = $userconfig{'req_del'} == 1 ||
$userconfig{'req_del'} == 2 && $in{'del'} ?
[ "SUCCESS","FAILURE" ] : undef;
&send_mail($mail, undef, $textonly, $config{'no_crlf'},
undef, undef, undef, undef,
$notify);
if ($sfolder) {
&lock_folder($sfolder);
&write_mail_folder($mail, $sfolder, $textonly) if ($sfolder);
&unlock_folder($sfolder);
}
}
# Mark the new message as read
&set_mail_read($folder, $mail, 1);
if ($in{'abook'}) {
# Add all recipients to the address book, if missing
local @recips = ( &split_addresses($in{'to'}),
&split_addresses($in{'cc'}),
&split_addresses($in{'bcc'}) );
local @addrs = &list_addresses();
foreach $r (@recips) {
local ($already) = grep { $_->[0] eq $r->[0] } @addrs;
if (!$already) {
&create_address($r->[0], $r->[1]);
push(@addrs, [ $r->[0], $r->[1] ]);
}
}
}
if ($userconfig{'white_rec'}) {
# Add all recipients to the SpamAssassin whitelist
local @recips = ( &split_addresses($in{'to'}),
&split_addresses($in{'cc'}),
&split_addresses($in{'bcc'}) );
local @recip_addrs = map { $_->[0] } @recips;
&addressbook_add_whitelist(@recip_addrs);
}
if ($in{'save'}) {
# Redirect back to editing the email
&redirect("reply_mail.cgi?folder=$dfolder->{'index'}&id=$mail->{'id'}&enew=1");
exit;
}
if ($userconfig{'send_return'}) {
# Return to mail list
print "<script>\n";
print "window.location = 'index.cgi?folder=$in{'folder'}&start=$in{'start'}';\n";
print "</script>\n";
}
# Print footer
print "$text{'send_done'}<p>\n";
if ($in{'id'} ne '') {
&mail_page_footer(
"view_mail.cgi?id=".&urlize($in{'id'}).
"&folder=$in{'folder'}&start=$in{'start'}$subs",
$text{'view_return'},
"index.cgi?folder=$in{'folder'}&start=$in{'start'}",
$text{'mail_return'});
}
else {
&mail_page_footer(
"reply_mail.cgi?new=1&folder=$in{'folder'}&start=$in{'start'}",
$text{'reply_return'},
"index.cgi?folder=$in{'folder'}&start=$in{'start'}",
$text{'mail_return'});
}
# write_attachment(&attach)
sub write_attachment
{
local ($a) = @_;
local ($enc, $rv);
foreach $h (@{$a->{'headers'}}) {
$rv .= $h->[0].": ".$h->[1]."\r\n";
$enc = $h->[1]
if (lc($h->[0]) eq 'content-transfer-encoding');
}
$rv .= "\r\n";
if (lc($enc) eq 'base64') {
local $encoded = &encode_base64($a->{'data'});
$encoded =~ s/\r//g;
$encoded =~ s/\n/\r\n/g;
$rv .= $encoded;
}
else {
$a->{'data'} =~ s/\r//g;
$a->{'data'} =~ s/\n/\r\n/g;
$rv .= $a->{'data'};
if ($a->{'data'} !~ /\n$/) {
$rv .= "\r\n";
}
}
return $rv;
}
sub test_max_attach
{
$attachsize += $_[0];
if ($config{'max_attach'} && $attachsize > $config{'max_attach'}) {
&error(&text('send_eattachsize', $config{'max_attach'}));
}
}
syntax highlighted by Code2HTML, v. 0.9.1