Re: [EXIM] [Followup] Explanation please: <<< 552 Header li…

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MChristian Kurz at <-
MPhilip Hazel at ->
Delete this message
Reply to this message
Author: Chris Thompson
Date:  
To: exim-users
Subject: Re: [EXIM] [Followup] Explanation please: <<< 552 Header line is ridiculously overlong
On Fri, 28 May 1999, Philip Hazel wrote:

> On Fri, 28 May 1999, Kevin J Collins wrote:
>
> > Thanks for the explanations of the '552' error. Is the limit of 8192
> > defined in any of the relevant RFC's, is it a rule-of-thumb or is it a
> > reasonable if arbitrary limit?
>
> Rule of thumb. In Exim 3.00 and later, you can change this by setting
>
> HEADER_MAXLENGTH=xxxx
>
> in your Local/Makefile. There has to be *some* limit, because otherwise
> a malefactor can open an SMTP channel to your host, start a message, and
> then just send characters continuously until your machine runs of of
> memory (because Exim is storing the header up in memory).

and in a similar thread on Fri, 7 May 1999:

> On 5 May 1999 nbecker@??? wrote:
>
> > Is there any RFC that specifies what constitutes ridiculously long?
> > (Or other standard)?
>
> Not that I know of (though the SMTP RFC makes recommendations about the
> length of individual lines).
>
> Exim has to impose *some* limit, otherwise a rogue host could send
> "junk: aaaaaaaaaaaaaaaaa......." forever, tying up an SMTP channel and
> eventually filling all your memory (Exim keeps headers in memory). I
> chose 8192 (8191 + a zero terminator) as what I thought was a
> sufficiently high number that no reasonable header would ever reach it.
> It is trivial to compile Exim with a larger number if you want to.

So perhaps that makes it an FAQ...

I have never been very happy with the limit on the length of individual
headers, and it has been known to bite great rambling "To:" headers of
messages that were not, in fact, spam. In particular, it seems anomalous
that Exim will reject 

  To: Alpha <aaaaaaaaaaaaaaaaaaaaaaaa@???>,
      Bravo <bbbbbbbbbbbbbbbbbbbbbbbb@???>,
      Charlie <cccccccccccccccccccccc@???>,
      ...


if it goes on too long, but not the same amount of data presented as

To: Alpha <aaaaaaaaaaaaaaaaaaaaaaaa@???>
To: Bravo <bbbbbbbbbbbbbbbbbbbbbbbb@???>
To: Charlie <cccccccccccccccccccccc@???>
...

It seems to me that it would make more sense to protect what is really
at issue, by imposing a limit (alterable by configuaration file) on the
*total* size of the headers, rather than the size of any one of them. 

Chris Thompson               Cambridge University Computing Service,
Email: cet1@???    New Museums Site, Cambridge CB2 3QG,
Phone: +44 1223 334715       United Kingdom.


--
*** Exim information can be found at http://www.exim.org/ ***


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[EXIM] problem implementing exim on SCO OpenServerRe: [EXIM] problem implementing exim on SCO OpenServer->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)