MaxHeadersLength

MaxHeadersLength

Set maximum header length V8.10 and later

One form of a denial-of-service attack is to send email with many or huge header linesso huge that memory becomes filled. Prior to V8.10, sendmail limited the maximum total bytes for all headers to the value of the MAXHDRSLEN compile-time macro (MAX...). That macro defaults to 32768 bytes if you don't define it yourself. Beginning with V8.10 sendmail , the MaxHeadersLength option has been added as a way to reduce that limit. The forms of the MaxHeadersLength option are as follows :

 O MaxHeadersLength=  num    configuration file (V8.10 and later)  -OMaxHeadersLength=  num    command line (V8.10 and later)  define(`confMAX_HEADERS_LENGTH',  num)    mc configuration (V8.10 and later)  

The num is the maximum total number of bytes you want to allow for all headers combined. If num is missing it defaults to zero. If the entire MaxHeadersLength option is missing, the default is the value of the MAXHDRSLEN compile-time macro. The default for the mc configuration technique is 32768. If num is less than half of MAXHDRSLEN, the following error is printed, but the limit set by num is still used:

 Warning: MaxHeadersLength: headers length limit set lower than  (   MAXHDRSLEN/2  ) 

During message processing, sendmail reads all headers into memory. When they become larger than the limit imposed by this MaxHeadersLength option (or by the MAXHDRSLEN compile-time macro), the following message is logged:

 headers too large (  bytes  max) headers too large (  bytes  max) from  sending host  during message collect   V8.12 and later  

The offending message will also be bounced with this error:

 552 5.0.0 Headers too large (  bytes  max) 

The MaxHeadersLength option is not safe. If specified from the command line, it can cause sendmail to relinquish its special privileges.



Sendmail
sendmail, 4th Edition
ISBN: 0596510292
EAN: 2147483647
Year: 2002
Pages: 1174

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net