On Fri, 2 Sep 2005, Fred Viles wrote:
> | However, where CFWS occurs in this standard, it MUST NOT be inserted
> | in such a way that any line of a folded header field is made up
> | entirely of WSP characters and nothing else.
>
> Interesting. So it seems arguable that exim should not have
> interpreted the <CRLF><space><CRLF> as a valid header continuation
> line. Since it is also not a valid header first line, it should have
> signaled the end of the headers, and been treated as the first
> message body line.
Could one suggest that it should have failed header syntax checks,
based on that MUST NOT? I have the gut feeling that if mail clients
are going to interpret this invalid syntax in various ways, it has the
makings of a potential security exposure, with some treating the
following lines as headers and others as part of the body. Best not
to let the offending item get that far, IMHO.