Re: [exim-dev] [Bug 1684] Malformed headers which exceed len…

Top Page
Delete this message
Reply to this message
Author: Viktor Dukhovni
Date:  
To: exim-dev
Subject: Re: [exim-dev] [Bug 1684] Malformed headers which exceed length spec willingly passed to remote servers
On Wed, Sep 30, 2015 at 10:53:03PM +0200, Heiko Schlittermann wrote:

> Viktor Dukhovni <viktor1dane@???> (Mi 30 Sep 2015 22:25:14 CEST):
> > On Wed, Sep 30, 2015 at 07:39:11PM +0000, admin@??? wrote:
> >
> > > We should also consider body lines; the spec (rfc 5322 section 2.3) says the
> > > same limit applies. Probably the same variable should control behaviour and
> > > the name should reflect this.
> >
> > Yes, the Postfix SMTP client (outgoing SMTP) folds all overly long
> > message lines (header and body) by inserting "<CRLF><SPACE>". Some
>
> Folds body lines? I'm not sure, you are talking about a somehow MIME
> encoded body, or about any body (including a plain text (MIME headers
> absent) body)?


All lines over 998 bytes, whether header or body. The SMTP protocol
requires all lines to be under 1000 bytes include the CRLF, so all
lines are folded by default.

> Or did I get somethow wrong?
> Because I wouldn't expect to get my my plain text non-mime body lines
> folded in any way. But I could accept a server rejecting my message
> because of overlong physical body lines.


In most cases, better folded, than dropped. The original message
should have used QuotedPrintable or Base64 to avoid the problem.
Messages that emit raw output with lines longer than 1000 bytes
are handled on a best-effort basis.

Discovering that the message contains such lines and then automatically,
enabling a MIME downgrade to QuotedPrintable or Base64 is possible,
but complicated by the possibility that the message might in fact
be QP encoded, and still have overly long lines, ...

Putting in that much effort for poorly constructed messages was
not deemed worth the effort.

The Postfix approach is to prioritize delivery of mail over being
pedantic about RFC requirements. So we fold instead of rejecting.
This has the advantage that mail delivered locally can be accepted
and delivered unmangled regardless of line length, only mail relayed
out via SMTP is subject to folding.

-- 
    Viktor.