On 2011-06-22 at 15:06 -0400, Bryan Rawlins wrote: > I have been working with the coordinators for the Virus Bulletin > Spam test on an issue where our servers were returning "421 Unexpected > failure, please try later" in response to some messages relayed to us > through the competition server. > > It took some time to establish what the issue was because the only > trace of the messages in the Exim logs were one line like the following. > > +++ 1QZOwg-0002iz-Ix has not completed +++ > 2011-06-22 11:02:24 [10477] 1QZOwg-0002iz-Ix string_sprintf expansion > was longer than 32768 > > We finally determined that all the failed emails had one thing in > common, their From: header was 1000's of characters long. Every example > that we examined was obvious spam, so not accepting the messages isn't > really a problem, especially in production environments. However, it > would be nice if this type of error was handled better.
The size checks are explicit, to protect against buffer attacks, so I believe that there's no security issues here; it is handled better than a crash would be. :) I agree that the error message is less than helpful; on the other hand, I'm cautious about the idea of undoing the panic handling, to let a normal message be returned. It *might* be reasonable to have a "context stack" which can be reported in the panic line. Against this, it shouldn't be possible for a remote person to choose to insert content into the panic log; that should always be for major site issues, not individual mails. Could you please open a feature request at <http://bugs.exim.org/>, and feel free to assign it directly to me? Thanks, -Phil -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
