On Tue, 10 Feb 2004, Matthew Trent wrote:
> > If changing the header size limit for Exim is a workaround, isn't it
> > also a workaround to want the same ability in SpamAssassin?
>
> Well, Spamassassin is where the data comes from, and it should have reasonable
> limits on what it spits out. Exim already has a reasonable limit. SA doesn't
> have anything.
OK, and what happens when some spammer/hacker decides to DoS you with
messages with horribly long headers? Or Mr. Executive/Boss/... creates
a maillist or alias that expands to 1000 recipients, etc...
That's why industrial strength MTAs use dynamically allocated buffers,
they've learned from bad past experience that any "reasonable limit"
sooner or later becomes an unreasonable choke-point/attack-point.
You may have no need to see all those match headers listed, but
what about developers trying to see where their rules hit, or
an admin trying to debug a particular message that went wrong.
If you limit yourself to Exim, that's your choice but please don't
expect the rest of the SA world to cripple our tool to fit your
limitations.
Maybe your time would be better spent over in the Exim community
encouraging its developers to improve their program to the level
that other MTAs have already achieved.
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
