Mailing List Archive: exim: users

Exim maximum line length limit

Index | Next | Previous | View Threaded

snabb at epipe

May 10, 2012, 2:12 AM

Post #1 of 2 (229 views)
Permalink

Exim maximum line length limit

It appears that Exim core does not impose any limits on line lengths of
message bodies.

However, some optional Exim components have arbitrarily set limits:

src/src/pdkim/pdkim.c:
#define PDKIM_MAX_BODY_LINE_LEN 16384

src/src/mime.h:
#define MIME_MAX_LINE_LENGTH 32768

src/src/demime.h:
#define MIME_SANITY_MAX_LINE_LENGTH 131071

I encountered a strange DKIM problem after I received a spam mail which
contained an embedded JPG image file, all encoded on a single long line.
The spam mail was received successfully, but when I tried to forward it
for further processing, the message got stuck in the queue and caused
the following log messages on each delivery attempt:

> DKIM: message could not be signed, and dkim_strict is set. Deferring
message delivery.
> mx.example.org [192.0.2.2]: Permission denied

It appears that DKIM signing failed because the message contained a line
longer than 16384 characters and I had "dkim_strict = true". After
unsetting "dkim_strict" the delivery succeeded (without DKIM signature).

The problem can be repeated by setting DKIM signing policy to strict and
running the following command:

perl -e 'print("x" x 60000 . "\n");' | mail foobar [at] example

According to RFC 5321 and RFC 5322 the maximum line length is 998
characters + CRLF, thus this is not really a bug. I am writing about
this just to make a note for people who might encounter the same issue
in future.

It appears that the line length topic has been discussed previously on
this list:

http://www.gossamer-threads.com/lists/exim/users/39793

Potential future enhancements:

- Fix MIME and DKIM code to handle arbitrarily long lines.

- Harmonize maximum line lengths (now Exim has three different
arbitrary limits for no particular reason).

My solution:

I can limit the line length of incoming messages in the DATA ACL by
adding the following:

deny condition = ${if > {$max_received_linelength}{1024}}
message = Maximum line length here is 1024 characters.

With this ACL in place I should not encounter this problem any more.

Best Regards,
--
Janne Snabb / EPIPE Communications
snabb [at] epipe - http://epipe.com/

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

snabb at epipe

May 10, 2012, 4:03 AM

Post #2 of 2 (224 views)
Permalink

Re: Exim maximum line length limit [In reply to]

On 2012-05-10 16:12, Janne Snabb wrote:
> deny condition = ${if > {$max_received_linelength}{1024}}
> message = Maximum line length here is 1024 characters.

Just an additional observation:

I checked a sample of 61146 mostly non-spam e-mails and noticed that 42
successfully received legitimate e-mails had lines longer than 998
characters. Thus the ACL above would have caused unwanted bounces. None
of the sampled messages had lines longer than 4000 characters (except
the spam mail which I received today and which triggered the DKIM
signing issue).

I relaxed the above ACL condition on my server to accommodate for a bit
longer lines, but less than the 16k limit imposed by the DKIM filter. I
suppose most MTA:s accept and some MUA:s send more than 998 characters
on a line without problems.

--
Janne Snabb / EPIPE Communications
snabb [at] epipe - http://epipe.com/

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads