Submitted by : roger at: 2008-01-07T05:35:59-08:00 (13 years ago)
Name :
Category : Severity : Status :
Optional subject :  
Optional comment :

Using plone 2-5-3 and zwiki 0-59-0. I'm seeing Bcc lines on mailout messages. A trawl through old issues indicates this has happened and been fixed before. The most recent fix is documented in #1299 (using secureSend in SecureMailHost?) but looking at the source for secureSend I can't see that it treats Bcc any differently from Cc lists, so I don't understand why this would have ever worked.

PS: is there a recommended workaround for the fact that zwiki mailin doesn't reverse-lookup plone id's from emailaddresses in its 'check subcriber' test? I'm using the mail_accept_nonmembers property, but it's pretty yukky...

Further thoughts --roger, Tue, 15 Jan 2008 02:44:30 -0800 reply

I was sufficiently intrigued (and frustrated) by this problem that I delved into the relevant sources (SecureMailHost?, SMTPlib? etc.) and went back to what the standards say about Bcc (revisiting days long ago when I used to 'do' email stuff). Semantically, Bcc headers are supposed to be removed before delivery, but it's not very clear how/where this should be done. RFC2821 draws a strict separation between envelope recipients and header recipients and requires that SMTP systems do not try and relate the two. But it also provides a recommended way of deducing envelope recipients from headers (if no envelope info is provided) which includes the deletion of the Bcc header. Unfortunately, secureSend doesn't implement this: it builds the message headers from the recipient lists provided, and then builds the envelope recipients from the resulting headers, but does not then remove the Bcc header. This is a bug in secureSend. So if ZWiki mailout wants to guarantee that the Bcc field is suppressed (as it probably should), then it shouldn't use secureSend (until it's fixed).

A simple workaround is to modify secureSend so that it deletes the Bcc header, but we don't really want to recommend messing with other people's libraries here, do we? But just in case you do want to do it, add "del msg['bcc']?" after line 231 of SecureMailHost?.py (actually this isn't really good enough, because the RFC says that if removing the Bcc leaves no recipient headers at all (To, Cc etc.), you should add back an empty Bcc header (but my python isn't up to this, yet ...)).

A remaining puzzle: why did anyone ever think secureSend worked with Bcc's? the only answer I can think of is that they tested it with mailhubs which removed the Bcc header further down the line (although I think they aren't supposed to do that, though RFC2822 is not very clear on this...)

re PS --simon, Sat, 19 Jan 2008 11:49:53 -0800 reply

Thanks for the info roger. To respond to your PS, we used to look up plone user's email address but had to stop as it turned out to put a big load on Maybe it can be done more efficiently nowadays.

Problems with SecureMailHost? --betabug, Mon, 21 Jan 2008 18:32:22 +0000 reply

In Feb 2007 I've reported some problems I found with SecureMailHost to one of their devs (I didn't find any issue tracker for it). Looking at the mail, I see that I could not use the send() method, because it wasn't fully implementing the MailHost API, so I had to explicitly test for SecureMailHost and use its secureSend() method. Reading my old mail, I'm not 100% sure what it all meant. Anyway, I've never heard anything back.