Author: Jeremy Harris Date: To: exim-users Subject: Re: [exim] How to reject overlong addresses/local parts in From:
header?
On 16/12/2020 16:49, Frank Richter via Exim-users wrote: >
>>
>> On 12/12/2020 15:30, Jeremy Harris via Exim-users wrote:
>>> On 12/12/2020 14:46, Frank Richter via Exim-users wrote:
>>>> It comes from an e-mail with an overlong From: header:
>>>> From: "…" <PPPPPPPPPPPPPPKKKKKKKKKKKKKKKKKTTTTTTTTTTTTTTTTTTTTTTTTRRRRRRRRRRRRRRRRRRRRRRRRSSSSSSSSSSSSSSSSSSSSSSSSSSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADDDDDDDDDDDDDDDDDFFFFFFFFFFFFFFFFFFFFFCCCCCCCCCCCCCCCBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB@…>
>>>>
>>>> I'd like to reject such "address monsters". How's the best way to achieve this?
>>>
>>> Try a rewrite rule:
>>>
>>> ^.{40,}@tuced.eu deny_me@???
>>>
>>> before your existing rule. Then a simple match-and-deny in your data ACL:
>>>
>>> deny condition = ${if eq {deny_me@???} {${address:$h_from:}}}
>
> Thanks.
>
> This works for local parts from 40 up to 254 characters. For longer local parts we get the same paniclog:
> no @ found in the subject of an address list match …
Bug 2677 opened for that.
> These long addresses also comes an envelope-from now. This should be done in an earlier ACL (acl_smtp_mail, acl_smtp_rcpt), not tested yet.
If that env-from is consistently present in your environment,
checking that should be simpler and sufficient.
The bug is still a bug :)
--
Cheers,
Jeremy
