Hide Forgot
Created attachment 1205150 [details] [PATCH] Increases DEFMAXHDRSZ from 64KiB to 256KiB Description of problem: Occasionally some external senders have a very long To: or Cc: list of recipients, which exceeds the 64KiB header limit which is hard coded into OpenDKIM. This results in a temporary mail rejection which loops until the message expires. From the mail log: ----------------------------------------------------- Sep 27 05:43:56 winterfell opendkim[2594]: too much header data Sep 27 05:43:56 winterfell postfix/cleanup[583]: A23BE8190F6: milter-reject: END-OF-MESSAGE from unknown[::1]: 4.7.1 Service unavailable - try again later; from=<jane.doe> to=<john.doe> proto=ESMTP helo=<localhost> ----------------------------------------------------- The attached patch is taken from the Debian bug ticket 838767 which increases the hard coded header size limit to 256KiB. I have spun my own opendkim package with this patch and it seems to work well. Version-Release number of selected component (if applicable): opendkim-2.10.3-7.el7 How reproducible: Always Steps to Reproduce: Send a mail through a OpenDKIM enabled system using Postfix with milter which have message headers exceeding 64KiB Upstream report: https://sourceforge.net/p/opendkim/support-requests/30/
The "MaximumHeaders" option in opendkim.conf allows an increase in the header size: ## MaximumHeaders n ## ## Disallow messages whose header blocks are bigger than "n" bytes. ## Intended to detect and block a denial-of-service attack. The default ## is 65536. A value of 0 disables this test. # MaximumHeaders n If you prefer a 256K max header size, set Maximum Headers to 262144 in the config file, restart OpenDKIM, and you should be good to go. Classifying this as "not a bug" and closing.