--On 7 February 2009 02:36:36 -0200 Carlos Horowicz <carlos.horowicz@xxxxxxxxx> wrote:
> I'm wondering what to do in a live system with may be hundreds of> thousands of these strange e-mails already in users´ mailboxes,>> Should imapd be patched so that it just ignores the repetitions , both> when building cyrus.cache and when it returns the headers to a client> ? or should imapd really modify the original e-mail by stripping> unnecessary/illegal headers and store a cleaned-up version ?
It shouldn't be modifying messages. It should handle such messages elegantly. Ignoring repetitions (beyond a threshold of repeats) seems the most sensible option. However, failing to report them to a client could cause confusion, so a threshold should be reasonably high. Of course some headers are supposed to have multiple instances...
Alerting the system administrator to the existence of such bogus messages seems like a good idea, too. Perhaps through the logging system.
If you don't want a particular message in the system, then it should not be accepted by LMTP or by any IMAP message creation mechanism.
> Regards,>> Carlos>> On Fri, Feb 6, 2009 at 9:02 PM, Bron Gondwana <brong@xxxxxxxxxxx> wrote:>> On Fri, Feb 06, 2009 at 04:34:39PM -0200, Carlos Horowicz wrote:>>> Hi there,>>>>>> postfix author suggested me to post here following issue :>>>>>> we received a spam that bypassed all controls and consisted of a huge>>> header (4M) , repeating these four lines 31.000 times (chaning only>>> the Reply-To):>>>>>> MIME-Version: 1.0>>> Content-type: text/html; charset=iso-8859-1>>> From: Magaly <verano@xxxxxxxx>>>> Reply-To: fdsafdsafdsa@xxxxxx>>>> Oh yeah! I just recreated this on my testbed here (copying that and>> appending a number from 1 to 31000 after the address part of the reply>> to)>>>> Gosh!>>>> Here's a segment of the cyrus.cache file:>>>> (("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.co m")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "ver ano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Mag aly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "cl ub.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com") ("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano " "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly " NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club. com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "v erano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("M agaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano" ">> club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" N IL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com ")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "vera no">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Maga ly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "clu b.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")( "Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">> "club.com")("Magaly" NIL "verano" "club.com")("Magaly" NIL "verano">>>> -rw------- 1 cyrus mail 5446660 Feb 6 17:58 cyrus.cache>>>> That's pretty much all just this one email.>>>> It looks like Cyrus needs not only a "maximum number of headers to cache">> but a "maximum number of instances of each header"!>>>> Bron.>>> ----> Cyrus Home Page: http://cyrusimap.web.cmu.edu/> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
-- Ian EiloartIT Services, University of Sussexx3148----Cyrus Home Page: http://cyrusimap.web.cmu.edu/Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twikiList Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
