f secure Email message is found suspicious. "Too long header field"

gvaccarellogvaccarello Posts: 21 Explorer

Hello everybody,

 

Some mails are dropped because the header field is too long. Could you tell me what mean "the header field" and why this is blocked ?

 

Thanks in advance,

 

GV

 

 

Best Answer

Comments

  • DmitriyDmitriy Posts: 212

    If you can find the blocked email message in the quarantine, open the raw message and check which header and how long it is. If you see a header that exeeds 1024 characters, then it is too long according to RFC. Note that too long header field may indicate that the message is sent a badly designed software (like spammers use) or malicious.

  • gvaccarellogvaccarello Posts: 21 Explorer

    thank you for your helpful replies

  • MikaKMikaK Posts: 22 F-Secure Product Expert

    Hello,

     

    We have to have a sample of the email to make further investigation with the issue. Go to FSAV4MSE quarantine and download the email (= header field is too long) as an *.eml format and then send it to our support as a support request.

     

    Thank you in advance,

    Mika

  • mahazmahaz Posts: 12

    I guess header field length can be changed in config file. I remember there must be a code like this:
    $MAX_HEADER_LINE_LENGTH = 128;
    and
    $MAX_TOTAL_HEADER_LENGTH = 1024;

     

    so changing these limits would impact the header 

This discussion has been closed.