On Fri, 2 Sep 2005, Fred Viles wrote: > | However, where CFWS occurs in this standard, it MUST NOT be inserted > | in such a way that any line of a folded header field is made up > | entirely of WSP characters and nothing else. > > Interesting. So it seems arguable that exim should not have > interpreted the <CRLF><space><CRLF> as a valid header continuation > line. Since it is also not a valid header first line, it should have > signaled the end of the headers, and been treated as the first > message body line.
Could one suggest that it should have failed header syntax checks, based on that MUST NOT? I have the gut feeling that if mail clients are going to interpret this invalid syntax in various ways, it has the makings of a potential security exposure, with some treating the following lines as headers and others as part of the body. Best not to let the offending item get that far, IMHO. -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
