Great Circle Associates Majordomo-Workers
(July 1998) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: MIME-Mailer Vulnerability
From: Jason L Tibbitts III <tibbs @ hpc . uh . edu>
Date: 30 Jul 1998 11:09:36 -0500
To: majordomo-workers @ greatcircle . com
In-reply-to: Norbert Bollow's message of "Thu, 30 Jul 1998 12:32:46 +0200"
References: <199807301032.MAA01320@leibniz.math.ethz.ch> 
>>>>> "NB" == Norbert Bollow <nb@thinkcoach.com> writes:

NB> This calls for a patch to resend to stop messages with overly long MIME
NB> headers from being relayed. Does anyone know how long is "overly long"?

'Overly long' is very much platform dependent, but 128 characters is
probably more than reasonable.  I'm not sure that this is possible in
1.94.x resend without making it completely MIME-aware, unless you want to
use some nasty heuristics.  It's easy in 2.0 since we already traverse the
MIME tree, and I'll commit a change to make it deal with this tonight.  I
suspect that a default action of bouncing to the owner when any MIME header
exceeds some configurable length (default 128) is sufficient.

I'm not sure this is really Majordomo's responsibility to fix in any case,
but I can't see how it could hurt.

 - J<
References:
Indexed By Date Previous: Re: MIME-Mailer Vulnerability
From: Jeff Wasilko <jeffw@smoe.org>
Next: Perl 5.005_01 problems
From: Jason L Tibbitts III <tibbs@hpc.uh.edu>
Indexed By Thread Previous: Re: MIME-Mailer Vulnerability
From: Jeff Wasilko <jeffw@smoe.org>
Next: Re: MIME-Mailer Vulnerability
From: Dave Wolfe <dwolfe@risc.sps.mot.com>
Google
 
Search Internet Search www.greatcircle.com