Re: [exim] Long 'From:' header and verify = header_sender is…

Top Page
Delete this message
Reply to this message
Author: Phil Pennock
Date:  
To: Bryan Rawlins
CC: exim-users
Subject: Re: [exim] Long 'From:' header and verify = header_sender issue.
On 2011-06-22 at 15:06 -0400, Bryan Rawlins wrote:
>      I have been working with the coordinators for the Virus Bulletin 
> Spam test on an issue where our servers were returning "421 Unexpected 
> failure, please try later" in response to some messages relayed to us 
> through the competition server.

>
>      It took some time to establish what the issue was because the only 
> trace of the messages in the Exim logs were one line like the following.

>
> +++ 1QZOwg-0002iz-Ix has not completed +++
> 2011-06-22 11:02:24 [10477] 1QZOwg-0002iz-Ix string_sprintf expansion
> was longer than 32768
>
>      We finally determined that all the failed emails had one thing in 
> common, their From: header was 1000's of characters long.  Every example 
> that we examined was obvious spam, so not accepting the messages isn't 
> really a problem, especially in production environments.  However, it 
> would be nice if this type of error was handled better.


The size checks are explicit, to protect against buffer attacks, so I
believe that there's no security issues here; it is handled better than
a crash would be. :)

I agree that the error message is less than helpful; on the other hand,
I'm cautious about the idea of undoing the panic handling, to let a
normal message be returned. It *might* be reasonable to have a "context
stack" which can be reported in the panic line.

Against this, it shouldn't be possible for a remote person to choose to
insert content into the panic log; that should always be for major site
issues, not individual mails.

Could you please open a feature request at <http://bugs.exim.org/>, and
feel free to assign it directly to me?

Thanks,
-Phil