[exim-dev] [Bug 1390] New: Long Incoming Header Lines Corrup…

Top Page
Delete this message
Reply to this message
Author: Martin Nicholas
Date:  
To: exim-dev
Subject: [exim-dev] [Bug 1390] New: Long Incoming Header Lines Corrupt Message header
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1390
           Summary: Long Incoming Header Lines Corrupt Message header
           Product: Exim
           Version: 4.80
          Platform: x86-64
        OS/Version: Linux
            Status: NEW
          Severity: bug
          Priority: medium
         Component: Mail Receipt
        AssignedTo: nigel@???
        ReportedBy: exim_bugs-throw@???
                CC: exim-dev@???



Long incoming header lines (>1000 characters) cause the Header to be split and
the header block to be prematurely terminated, corrupting the message.

Here's a snippet of the header block sent in a message by Critical Path:
X-CTCH-Spam:
=?utf-8?B?VW5rbm93bm4xNzUscnVsZXM9TEVPX09CRlVfU1VCSl9SRSwgX19CT1VOQ0VfQ0hBTExFTkdFX1NVQkosIF9fQk9VTkNFX05EUl9TVUJKX0VYRU1QVCwgX19IQVNfRlJPTSwgX19QSElTSF9GUk9NMiwgX19GUkFVRF9XRUJNQUlMX0ZST00sIF9fQ1QsIF9fQ1RZUEVfTVVMVElQQVJUX0FMVCwgX19DVFlQRV9IQVNfQk9VTkRBUlksIF9fQ1RZUEVfTVVMVElQQVJULCBDVFlQRV9NVUxUSVBBUlRfTk9fUVVPVEUsIF9fSEFTX1hfTUFJTEVSLCBfX0lOX1JFUF9UTywgX19IQVNfTVNHSUQsIF9fU0FORV9NU0dJRCwgX19NU0dJRF9BUFBMRU1BSUwsIF9fVE9fTUFMRk9STUVEXzIsIF9fQ1RFLCBfX01JTUVfVkVSU0lPTiwgTUlNRV9MT1dFUl9DQVNFLCBfX0FOWV9VUkksIF9fVVJJX05PX1BBVEgsIF9fU1RPQ0tfUEhSQVNFXzI0LCBfX1NUT0NLX1BIUkFTRV82LCBfX1NVQkpfQUxQSEFfTkVHQVRFLCBfX0lOVF9QUk9EX0xPQywgX19ISUdIQklUUywgU1VQRVJMT05HX0xJTkUsIF9fRk9SV0FSREVEX01TRywgX19IQVNfSFRNTCwgQk9EWVRFWFRQX1NJWkVfMzAwMF9MRVNTLCBCT0RZX1NJWkVfMzAwMF8zOTk5LCBCT0RZVEVYVEhfU0laRV8xMDAwMF9MRVNTLCBfX01JTUVfSFRNTCwgX19UQUdfRVhJU1RTX0hUTUwsIF9fU1RZTEVfUkFUV0FSRV9ORUcsIF9fUkROU19QT09MRURfNywgX19SRE5TX0JST0FEQkFORF8zLCBfX1VSSV9OUywgU1hMX0lQX0RZTkFNSUNbMTc1LjIxNC4yMDcuOTAuZnVyXSw
X-tvScience-SendingHost: 65.20.0.122 smtpout02.bt.lon5.cpcloud.co.uk us

gSFRNTF81MF83MCwgQk9EWV9TSVpFXzUwMDBfTEVTUywgUkROU19CUk9BREJBTkQsIFJETlNfUE9PTEVELCBSRE5TX1NVU1BfU1BFQ0lGSUMsIF9fUEhJU0hfRlJPTSwgUkROU19TVVNQLCBfX0ZSQVVEX1dFQk1BSUwsIEJPRFlfU0laRV83MDAwX0xFU1MHA8AB?=
X-Junkmail-Premium-Raw: ...

The "X-CTCH-Spam:" header has been chopped at 1000 characters and then an
'add_header' ACL instruction has placed a new locally generated header,
breaking up the header block.

It's not immediately clear, but the first section of the "X-CTCH-Spam:" header
is a single line. Then there is a CR, followed by the
"X-tvScience-SendingHost:" header added by an ACL. Next an empty line. Next
presumably the remains of the "X-CTCH-Spam:" header. Finally there are further
headers, starting with "X-Junkmail-Premium-Raw:", which are omitted for
brevity.

the exim version is: "Exim version 4.80 #2 built 02-Jan-2013 19:40:19" as
supplied by Debian wheezy.


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email