NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Checkpoint FW1 FP3,SMTP Resources and l enght of header lines.



Alberto wrote:
>
> Hi,
>
> I've the same problem. You need support contract to get that fix. If you
> only have software subscription, as I do, just wait and pray...Or pay an
> off-contract support and claim for you money  later,...

I still don't see it as a big problem. Lines greater than 1000 characters break
the SMTP standard. Period, _any_ lines cannot exceed 1000, see RFC 2821, 4.5.3,

   text line
      The maximum total length of a text line including the <CRLF> is
      1000 characters (not counting the leading dot duplicated for
      transparency).  This number may be increased by the use of SMTP
      Service Extensions.

Is it really a Bad Thing that you can't receive these emails? Maybe the
real problem, at the sender's end, needs to be fixed.

Will letting Check Point pass these even fix your problem? I'm lucky enough
to have a situation where even when Check Point accepts mail with long lines,
in the 1000 to 1024 range, the next MTA (Netscape Server if anyone is keeping
score) drops anything greater than >1000. You may want to check the limits on
your MTA behind the firewall before you invest too much time "fixing" a
feature in the firewall that is not a bug.

If you really, really want to accept these bad emails, you might want to
switch to a more robust MTA on the same or a different machine. Personally,
I've always been a bit leary of running an MTA on your firewall in the
first place.

> Jean-Francois Gobin wrote:
>
> >Hello,
> >
> >It seems that I can' find this HFA-303 on the Checkpoint'site. And for our
> >system, I cam affirm that "To:" with more than 1024 char are accepted (or
> >is that an option to set) ?
> >
> >I also noticed that a "number of recipients" is present into the config,
> >but it seems to be inactive. Any idea ?
> >
> >JF
> >
> >On Fri, 28 Feb 2003, Thomas Ahlberg wrote:
> >
> >>HFA-303 should fix this problem.
> >>1.Emails with long list of recipients - more then 1024 characters in the
> >>"To:" field do not traverse through FireWall-1.
> >>
> >>Regards
> >>
> >>Thomas Ahlberg
> >>
> >>>-----Original Message-----
> >>>From: Jean-Francois Gobin [mailto:[email protected]]
> >>>Sent: 28. helmikuuta 2003 15:25
> >>>To: [email protected]
> >>>Subject: [FW-1] Checkpoint FW1 FP3, SMTP Resources and lenght
> >>>of header lines.
> >>>
> >>>
> >>>Hello all,
> >>>
> >>>We migrate recently to FP3 (HF1), and since, we experienced
> >>>strange troubles.
> >>>
> >>>We have an old mail server (Netscape 3.6), which crashed
> >>>several time (Dr
> >>>Watson) We traced that down to the lenght of the "To:" line
> >>>in the headers : the mail which crashed the system has so
> >>>many recipients that the length is longer than 1024 chars.
> >>>
> >>>Here is the trouble : in the spool files, I can see 1
> >>>recipient per line, when I sniff the traffic to the mail
> >>>server, I see all the recipients on the same line.
> >>>
> >>>Any idea why it behaves like that and how to correct this ?
> >>>
> >>>Jean-Francois Gobin
> >>>
> >>>--
> >>>
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================


--
Crist J. Clark                               [email protected]
Globalstar CommunicationsThe information contained in this e-mail message is confidential,
intended only for the use of the individual or entity named above.
If the reader of this e-mail is not the intended recipient, or the
employee or agent responsible to deliver it to the intended recipient,
you are hereby notified that any review, dissemination, distribution or
copying of this communication is strictly prohibited.  If you have
received this e-mail in error, please contact [email protected]

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.