Prev: Inbound Mail Problems
Next: Mailman Integration Issue
From: Michael C on 19 Oct 2009 18:55
Occasionally folks where I works send email with a large number of
addresses in the To: field, instead of using Bcc: which we recommend
to avoid "reply all" mail storms. I should note that the addesses
typically are internal, though not always. These are not standard mass
mailings, nor mailing-list type stuff, but appear to be one-off and
suddenly constructed messages.

Where this becomes a problem is Max Header Size can grow larger that
the magic 32K (32768), the default for sendmail, and then bounce with
"Headers too large". This is mostly because we use DKIM signing, with
the To & Cc headers as part of the signature (thus doubling the To:
data in the headers). Internally our MX relays have a large Max Header
setting, but other systems within the company probably do not, nor can
I depend on anyone else in the world to have made similar changes.

What I would have preferred was bounce any emails exceeding some
arbitrary number of To: addresses, but the powers that be (heh - eg,
the culprets & their delegates) have nixed that, so as a workaround I
wish to clone (split) any message exceeding X-number of To/Cc headers
into Y-numbered groups. The Core MXs doing this are before the
outgoing MXs that sign, so the signing MXs would only see Y-numbered
messages, thus Max Header Size wouldn't exceed 32K (or come close).

Is this something doable with Sendmail configuration (ie, via MC) or
doable via a Milter?

Answers and/or suggestions for alternative methods (with details or at
least document pointers) are most welcome.

- Michael
From: Carl Byington on 19 Oct 2009 19:07

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


> What I would have preferred was bounce any emails exceeding some
> arbitrary number of To: addresses, but the powers that be (heh - eg,
> the culprets & their delegates) have nixed that, so as a workaround I
> wish to clone (split) any message exceeding X-number of To/Cc headers
> into Y-numbered groups. The Core MXs doing this are before the
> outgoing MXs that sign, so the signing MXs would only see Y-numbered
> messages, thus Max Header Size wouldn't exceed 32K (or come close).

> Is this something doable with Sendmail configuration (ie, via MC) or
> doable via a Milter?

Depending on the mail path, you might be able to add
confMAX_RCPTS_PER_MESSAGE to your sendmail.mc. But if you have

client MUA (thunderbird, etc)
-> core MX
-> signing MX servers

Then adding confMAX_RCPTS_PER_MESSAGE to the core MX might cause problems
when it rejects recipients coming directly from the MUA. If your signing
stuff on the signing MX servers can handle it, you could add
confMAX_RCPTS_PER_MESSAGE to the signing MX servers, and the core MX would
send multiple messages to the signing servers, each with Y recipients.

However, I am almost sure that none of those options will rewrite the To:
header field, so it would still be too large. I think this needs a custom
milter.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFK3PD/L6j7milTFsERAgTqAJ4jo8axXpAxdn3xfm0H1HZwB31/lgCeIqeO
G+7Hm2j4WZPbtXrFLi1lWCs=
=cy0n
-----END PGP SIGNATURE-----

From: Joe Brennan on 20 Oct 2009 09:40
This can be done with the Mimedefang milter. You have to write your
own code in perl to put the To and Cc into variables and get the
length, but Mimedefang gives you a work file with the header lines and
a function to replace them, so it's not too hard to write. We change
an overly long To or CC to contain "many recipients :;" instead-- and
I use that wording to identify our change vs the usual "undisclosed
recipients :;" without having to look at the log. We make the change
at 100 addresses. This has really cut down the number of reply-all
storms.

Joseph Brennan
Columbia University I T






From: Joe Brennan on 20 Oct 2009 10:10
confMAX_RCPTS_PER_MESSAGE

This controls the number of recipients, which could be very different
from the number of addresses shown in the To field. Mail can come
from outside with 500 addresses in the To, and only 1 local
recipient! And that local recipient might not be in the To field.

If there were in fact 500 local recipients, the sender (that is the
mail system doing the sending) would have to send 5 times to 100 each,
but each message would still have the 500 addresses in the To field.

I think there is a way to check the length of a header field and
replace it, purely with a custom sendmail.cf ruleset. If you have a
lot of time on your hands you could try it :-)

Joseph Brennan
Columbia University I T
From: Claus Aßmann on 20 Oct 2009 10:10
Joe Brennan wrote:
> This can be done with the Mimedefang milter. You have to write your

Only if:
- the length of the To: header stays below 64K, or
- libmilter, the milter, and the MTA have been compiled with
a different size limit, or
- you wait for 8.14.4 and compile with a new FFR.
 |  Next  |  Last
Pages: 1 2
Prev: Inbound Mail Problems
Next: Mailman Integration Issue