Name
MaxHeadersLength
Synopsis
One form of a denial-of-service attack is to send email with many or
huge header lines—so huge that memory becomes filled. Prior to
V8.10, sendmail limited the maximum total bytes
for all headers to the value of the MAXHDRSLEN compile-time macro
(MAX...). That macro defaults to 32768 bytes if
you don’t define it yourself. Beginning with V8.10
sendmail, the
MaxHeadersLength option has been added as a way to
reduce that limit. The forms of the
MaxHeadersLength option are as follows:
O MaxHeadersLength=num ← configuration file (V8.10 and later) -OMaxHeadersLength=num ← command line (V8.10 and later) define(`confMAX_HEADERS_LENGTH',num)← mc configuration (V8.10 and later)
The num is the maximum total number of
bytes you want to allow for all headers combined. If
num is missing it defaults to zero. If the
entire MaxHeadersLength option is missing, the
default is the value of the MAXHDRSLEN compile-time macro. The
default for the mc configuration technique is
32768. If num is less than half of
MAXHDRSLEN, the following error is printed, but the limit set by
num is still used:
Warning: MaxHeadersLength: headers length limit set lower than (MAXHDRSLEN/2)
During message processing, sendmail reads all
headers into memory. When they become larger than the limit imposed
by this MaxHeadersLength option (or by the
MAXHDRSLEN compile-time macro), the following message is logged:
headers too large (bytes max) headers too large (bytes max) from sending host during message ...
Get Sendmail, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
