-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Fred Viles wrote: > On 3 Sep 2005 at 11:56, Ted Cooper wrote about > "Re: [exim] Spam using a space to se": > > |... > | To the RFC's! > |... > | However, where CFWS occurs in this standard, it MUST NOT be inserted > | in such a way that any line of a folded header field is made up > | entirely of WSP characters and nothing else. > > Interesting. So it seems arguable that exim should not have > interpreted the <CRLF><space><CRLF> as a valid header continuation > line. Since it is also not a valid header first line, it should have > signaled the end of the headers, and been treated as the first > message body line. > > - Fred
I found the be all and end all for this matter in another section which I have listed at the end, however, as for interpreting the above.. I think this in reference to creating a message in the first place. You MUST NOT create a folded header with only white space because when you unfold them and the CRLF all become "invisible" all you get is the one header line with a few white spaces in it. By the definition of folding, the following is perfectly allowed because a CRLF is followed by any WSP char - the header then continues on it's way as another CRLF again followed by a WSP char and the rest of the header. Header: start [WSP][CRLF] [WSP]end Or at least this is how it should be done when un-folding. It just states that you MUST NOT _make_ a header with a WSP+CRLF line, so the email is bogus. When it comes to unfolding, the above follows because WSP is a valid header token. A WSP token doesn't need to be a "space", to can also be an HTAB. I'm sure there's more if I read the spec more. After further reading, I have found this section (which I really should have read before :P) which someone circumvents the entire thing. It defines where the header ends and the body starts. <quote> 2.1. General Description [snip] A message consists of header fields (collectively called "the header of the message") followed, optionally, by a body. The header is a sequence of lines of characters with special syntax as defined in this standard. The body is simply a sequence of characters that follows the header and is separated from the header by an empty line (i.e., a line with nothing preceding the CRLF). </quote> So basically, that message is all header and there's nothing that can be done about it. The space at the beginning isn't an illegal character and a non-empty line does not the end of headers make. hmm? Treating the [WSP][CRLF] as the end of the headers breaks 2.2.1. Unstructured Header Field Bodies which are allowed to contain they want except for seperated CR and LF characters. Ted. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDGb/2HTFM6KkFI5oRArHaAJ9FahX4C29v9r6y5OH+L8lxKckQywCePn4I Ohv11fhN+vNo35v7N87cX0Q= =yUwx -----END PGP SIGNATURE----- -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
