Max SpamAssassin Size problems

Julian Field mailscanner at
Sat Aug 26 12:32:02 IST 2006

Hash: SHA1

Desai, Jason wrote:
>>>> do I chop half way through an image?
>>>> do I chop at the end of an image?
>>>> do I carry on for a max of 100 lines of Base64 data or until the end
> [snip]
>> If the code was chopping at the end of an image (ie until it found a 
>> MIME boundary or a blank line.  It would be very easy for someone to 
>> craft an email message that had a starting boundary claiming to be an 
>> image type, but then pumped 100s of Mb without an ending boundary. 
>> There _HAS_ to be a limit to this.
> Agreed.  I don't think the limit should be 100 lines though.  A
> malicious email could be crafted which had a mime boundary claiming to
> be an image, a few normal lines, and then one very long line, MBs long.
> Instead, the limit should probably be a certain number of bytes.
> Perhaps something like 8kB?

Very good thought. I'll measure the length of the next line and only add 
it if that doesn't take me over the 8kb limit.

We're slowly getting there...
- -- 
Julian Field
Buy the MailScanner book at

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
For all your IT requirements visit

Version: PGP Desktop 9.5.0 (Build 1112)
Charset: ISO-8859-1


This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
For all your IT requirements visit

More information about the MailScanner mailing list