header_checks apply to headers of attached messages?

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

header_checks apply to headers of attached messages?

mrobti
If I send a message as attachment, header_checks are applied to the
headers of the attachment also. Why does it happen? Can I turn it off?
Reply | Threaded
Open this post in threaded view
|

Re: header_checks apply to headers of attached messages?

Dominic Raferd
On Wed, 22 May 2019 at 09:11, MRob <[hidden email]> wrote:
If I send a message as attachment, header_checks are applied to the
headers of the attachment also. Why does it happen? Can I turn it off?

Try:
nested_header_checks =

Reply | Threaded
Open this post in threaded view
|

Re: header_checks apply to headers of attached messages?

mrobti
On 2019-05-22 08:35, Dominic Raferd wrote:
> On Wed, 22 May 2019 at 09:11, MRob <[hidden email]> wrote:
>
>> If I send a message as attachment, header_checks are applied to the
>> headers of the attachment also. Why does it happen? Can I turn it
>> off?
>
> Try:
> nested_header_checks =

Thank you for pointing it out. Why is default for the setting same as
header_checks? I don't understand the common need for smtp server to run
the same header checks on attachment headers, can someone explain?
Reply | Threaded
Open this post in threaded view
|

Re: header_checks apply to headers of attached messages?

Viktor Dukhovni
> On May 22, 2019, at 1:50 PM, MRob <[hidden email]> wrote:
>
> Thank you for pointing it out. Why is default for the setting same as header_checks? I don't understand the common need for smtp server to run the same header checks on attachment headers, can someone explain?

This is backwards-compatibility.  I agree that in most cases you'll
want nested_header_checks to either be empty, or written specifically
to handle some appropriate requirement, separate from the primary
header checks.

--
        Viktor.

Reply | Threaded
Open this post in threaded view
|

Re: header_checks apply to headers of attached messages?

Wietse Venema
Viktor Dukhovni:
> > On May 22, 2019, at 1:50 PM, MRob <[hidden email]> wrote:
> >
> > Thank you for pointing it out. Why is default for the setting same as header_checks? I don't understand the common need for smtp server to run the same header checks on attachment headers, can someone explain?
>
> This is backwards-compatibility.  I agree that in most cases you'll
> want nested_header_checks to either be empty, or written specifically
> to handle some appropriate requirement, separate from the primary
> header checks.

Header_checks was introduced to stop malware, and for that reason
it was definitely desirable to inspect attached messages, too.

But I agree, changing defaults is painful.

        Wietse