Re: line lengths for AUTH (was: Requesting reviews: SMTP AUTH update...)2006-12-07 10:07:08On Thu, Dec 07, 2006, Alexey Melnikov wrote: Any existing SASL mechanism I've seen doesn't send more than 300-400 bytes in any step of an authentication exchange. Larger lengths have been reported: ! Active Directory as kdc includes the PAC field and the tickets ! can get quite large. and caused this change for sm 8.14: Increase the length of an input line to 12288 to deal with really long lines during SMTP AUTH negotiations. The "unlimited" length is a pretty bad idea (potential for DoS).
|
|