MaxHeadersLength

Set maximum header length V8.10 and later

One form of a denial-of-service attack is to send email with many or huge header lines—so huge that memory becomes filled. Prior to V8.10, sendmail limited the maximum total bytes for all headers to the value of the MAXHDRSLEN compile-time macro (MAX... on page 120). That macro defaults to 32,768 bytes if you don’t define it yourself. Beginning with V8.10 sendmail, the MaxHeadersLength option has been added as a way to reduce that limit. The forms of the MaxHeadersLength option are as follows:

O MaxHeadersLength=numconfiguration file (V8.10 and later)
-OMaxHeadersLength=numcommand line (V8.10 and later)
define(`confMAX_HEADERS_LENGTH',num)    ← mc configuration (V8.10 and later)

The num is the maximum total number of bytes you want to allow for all headers combined. If num is missing, it defaults to zero. If the entire MaxHeadersLength option is missing, the default is the value of the MAXHDRSLEN compile-time macro. The default for the mc configuration technique is 32768. If num is less than half of MAXHDRSLEN, the following error is printed, but the limit set by num is still used:

Warning: MaxHeadersLength: headers length limit set lower than (MAXHDRSLEN/2)

During message processing, sendmail reads all headers into memory. When they become larger than the limit imposed by this MaxHeadersLength option (or by the MAXHDRSLEN compile-time macro), the following message is logged:

headers too large (bytes max) headers too large ...

Get sendmail, 4th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.