From 72878e0c14893203e247544661e5fbfbea3a6436 Mon Sep 17 00:00:00 2001
From: David Maloney <DMaloney@rapid7.com>
Date: Thu, 12 Feb 2015 14:13:39 -0600
Subject: [PATCH] fixes bug with smtp header order

SMTP servers that support pipelining will not accept any
commands other than MAILFROM and RCPTTO before the DATA
command. We were sending Date and Subject before Data
which would cause some mailservers to suddenly drop
the connection refusing to send the mail.

MSP-12133
---
 lib/msf/core/exploit/smtp_deliver.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/msf/core/exploit/smtp_deliver.rb b/lib/msf/core/exploit/smtp_deliver.rb
index 52d100a141..0dec10cc71 100644
--- a/lib/msf/core/exploit/smtp_deliver.rb
+++ b/lib/msf/core/exploit/smtp_deliver.rb
@@ -141,6 +141,8 @@ module Exploit::Remote::SMTPDeliver
     raw_send_recv("MAIL FROM: <#{datastore['MAILFROM']}>\r\n", nsock)
     raw_send_recv("RCPT TO: <#{datastore['MAILTO']}>\r\n", nsock)
 
+    resp = raw_send_recv("DATA\r\n", nsock)
+
     # If the user supplied a Date field, use that, else use the current
     # DateTime in the proper RFC2822 format.
     if datastore['DATE'].present?
@@ -154,8 +156,6 @@ module Exploit::Remote::SMTPDeliver
       raw_send_recv("Subject: #{datastore['SUBJECT']}\r\n", nsock)
     end
 
-    resp = raw_send_recv("DATA\r\n", nsock)
-
     # Avoid sending tons of data and killing the connection if the server
     # didn't like us.
     if not resp or not resp[0,3] == '354'