Re: [exim] Limit the total number of headers in incoming SMT…

Góra strony
Delete this message
Reply to this message
Autor: Heiko Schlittermann
Data:  
Dla: exim-users
Temat: Re: [exim] Limit the total number of headers in incoming SMTP messages?
Chris Siebenmann <cks@???> (Mo 23 Mär 2015 19:53:33 CET):
> We use a commercial anti-spam system behind our Exim-based inbound MX
> gateway that turns out to be unhappy if a message has 'too many' headers
> (where this is an undocumented value of more than 512 headers). I'd like
> to detect and reject these messages in the DATA phase, rather than having
> them accepted, passed to the anti-spam system, and die quietly.
>
> Given that the 'regex' ACL condition is specifically restricted to
> handling a single line, about the only way to do this that I can see
> is to (ab)use Exim's content scanning interface to run a program that
> counts header lines and emits a suitable 'I found bad stuff' message
> when it finds too many headers that the DATA ACL will then use to reject
> the message. This seems a little bit brute force (among other things,
> it means running an external program on every incoming messages).


I believe there is no such counter, but it shouldn't be too hard to
implement some expansion item like '$header_count' that you may use in
your DATA acl.

… just wrote this and checked the spec again. And found this:

    Here is an example of the use of this variable in a DATA ACL:


    deny message   = Too many lines in message header
         condition = \
          ${if <{250}{${eval:$message_linecount - $body_linecount}}}


    In the MAIL and RCPT ACLs, the value is zero because at that stage the
    message has not yet been received.



Now I'm not sure if $message_linecount - $body_linecount is equal to the
number of message headers, but may be it's a good approximation and I
even don't know if the anti-spam system counts the headers, or the
header lines. (Probably it's an Exim too and they use the same logic!)

I love the spec, almost all questions are answered already ;)


    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -
 ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -