Maximum length of a header line?
Ralf Hildebrandt
Jul 25 11:26:10 mail-ausfall dkim-filter[4550]: B93813DC16: dkim_eoh(): internal error from libdkim: header too large (max 4097)
and looking at the mail I see a user adding a shitload of E-Mail
addresses to the To:/CC: headers, instead of using the Bcc: headers.
So:
* Can I make postfix truncate the headers to a sensible amount of characters?
* Is there an RFC-imposed limit?
--
Ralf Hildebrandt (Ralf.Hil...@charite.de) pl...@charite.de
Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155
http://www.arschkrebs.de
"How would you rate our government's incompetence?
Typical unix response: Unmatched ".
Ralf Hildebrandt
> Ralf Hildebrandt:
> > * Can I make postfix truncate the headers to a sensible amount of characters?
>
> length up to the next newline (or the end of a $line_length_limit
> chunk of text if they don't hit the ENTER key often enough). It's
> probably good enough.
Yes, it's good enough. I set it to
postconf -e "header_size_limit = 4096"
and requeued the mail. Voila!
> > * Is there an RFC-imposed limit?
>
> Not when I implemented Postfix. Some MTAs (Sendmail) keep all
> primary headers in memory, and therefore impose a limit on the
> total amount of text in a header to avoid a DOS condition. Postfix
> handles headers one at a time, and only needs a per-header length
> limit.
I wonder why that dkim-filter complains about the header then :(
4097 characters is an artificially imposed limit...
Rant (directed at no one in particular):
========================================
I'm under the impression nobody ever tested the dkim-filter
implementation properly.
My users are surely not dumber than the average user out there.
I guess other users at other companies will also send mail with large
lists of recipients. Their mail will fail as well.
Same thing for the PIX issue.
How can anybody expect DKIM to be widely deployed when all it does is
explode in my face?
--
Ralf Hildebrandt (Ralf.Hil...@charite.de) pl...@charite.de
Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155
http://www.arschkrebs.de
"Mosaic is the 1990's equivalent of forcing friends to sit through
slides of your trip to Florida - painful for everyone but the host."
-Steve G. Steinberg
Victor Duchovni
> Ralf Hildebrandt skrev, on 25-07-2007 12:59:
>
> [...]
>
> >Rant (directed at no one in particular):
> >========================================
> >
> >I'm under the impression nobody ever tested the dkim-filter
> >implementation properly.
> >
> >My users are surely not dumber than the average user out there.
> >I guess other users at other companies will also send mail with large
> >lists of recipients. Their mail will fail as well.
> >
> >Same thing for the PIX issue.
> >
> >How can anybody expect DKIM to be widely deployed when all it does is
> >explode in my face?
>
> I have a vested (user) interest in dkim-filter and run 2.0-Beta2 on a
> couple of sites with PF 2.4.3. Perhaps the following is of interest:
>
> http://sourceforge.net/tracker/index.php?func=detail&aid=1559406&group_id=139420&atid=744358
>
> Since it was Marc Martinec who first took this up last fall, and ears
> are only turned to complaints on the dkim lists, perhaps one of these
> would be the best place for a rant ...
My take on it is that the milter must support folded headers of up to
32k in length (Sendmail limits the total header size to this value, so
headers larger than 32k are problematic already). Since milters are still
primarily for Sendmail, the 32k size limit is natural. The next natural
limit is 64k, which is the milter protocol packet size limit, this would
accomodate possibly larger future header size limits in Sendmail.
I don't have a login on the bug tracking system in question, so perhaps
someone else can make the suggestion...
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majo...@postfix.org?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
Ralf Hildebrandt
> My take on it is that the milter must support folded headers of up to
> 32k in length (Sendmail limits the total header size to this value, so
> headers larger than 32k are problematic already). Since milters are still
> primarily for Sendmail, the 32k size limit is natural. The next natural
> limit is 64k, which is the milter protocol packet size limit, this would
> accomodate possibly larger future header size limits in Sendmail.
>
> I don't have a login on the bug tracking system in question, so perhaps
> someone else can make the suggestion...
Done.
--
Ralf Hildebrandt (Ralf.Hil...@charite.de) pl...@charite.de
Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155
http://www.arschkrebs.de
The trouble with being punctual is that people think you have nothing
more important to do.
Victor Duchovni
> > I don't have a login on the bug tracking system in question, so perhaps
> > someone else can make the suggestion...
>
> Done.
Thanks. The comments are there, but the issue status is still "closed"?
Should a new issue be opened or this one re-opened if possible?
Ralf Hildebrandt
> Thanks. The comments are there, but the issue status is still "closed"?
> Should a new issue be opened or this one re-opened if possible?
http://sourceforge.net/tracker/index.php?func=detail&aid=1760481&group_id=139420&atid=744358
--
Ralf Hildebrandt (Ralf.Hil...@charite.de) pl...@charite.de
Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155
http://www.arschkrebs.de
Freedom to be an idiot is part of freedom in general.