[exim] Multiple To: headers pass verify = header_syntax(?)

Startseite
Nachricht löschen
Nachricht beantworten
Autor: MarkdV
Datum:  
To: exim-users
Betreff: [exim] Multiple To: headers pass verify = header_syntax(?)

I was checking out what kind of crap users/customers send though our
smarthost/relay. This one (below) matched - and was saved for - other
reasons but I noticed there where duplicate headers. Specifically, To:
and Subject:.

Not sure if dup. Subject: headers are illegal, but I'm pretty sure
multiple To: headers are. So I was surprised that this passed an acl
that denies "!verify = header_syntax".

What - or which instances(s) of the header - exactly did exim check in
this case?

I'm also wondering which headers would be contained in $h_to: and
$h_subject: in this case? First? Last? Both(concatenated)?

And (How) could I test for things like this in an acl?

If it matters, this is exim 4.69 (debian backports, -9~bpo40+1).

Cheers,
Mark.

> Received: from [xxxxxxxxxxxxxx] (helo=xxxxxxxxxxxxxx)
>         by xxxxxxxxxxxxxx with esmtp 
>         id 1MMPPo-0004Xe-HA
>         for <xxxxxxxxxxxxxx>; Thu, 02 Jul 2009 18:55:58 +0200
> Received: by xxxxxxxxxxxxxx (Postfix, from userid 0)
>         id 450518A054; Thu,  2 Jul 2009 18:33:26 +0200 (CEST)
> To: 
> Subject: backup 20090702 (18 van 29)
> Date: Thu, 2 Jul 2009 18:33:26 +0200
> To:  <xxxxxxxxxxxxxx>
> From:  <xxxxxxxxxxxxxx>
> Reply-To:  <xxxxxxxxxxxxxx>
> Subject: backup 20090702 (18 van 29)
> X-Priority: 3
> X-Mailer: Outlooking_good ['versie 1.1']


Well, ironically, not really :)

> X-Company: xxxxxxxxxxxxxx
> Message-ID: <xxxxxxxxxxxxxx>
> MIME-Version: 1.0
> Content-type: multipart/mixed; boundary=b1_d5e84b1e2edcba1a63e9515873486324