- NG Firewall firmware versions 4.2.x,5.0.x, 5.2.x
- netfence firmware versions 4.2.x
Log messages like the following are reported in the log file "Log" > "<Servername>" > "<Servicename>" > "mailgateway.log":
SMTP line limit reached
DENY-PENDING Data contains too long line (from now on, received data won't be written).
What does it mean?
RFC 2821 Simple Mail Transfer Protocol defines various size limits (4.5.3 Sizes and Timeouts). As protection measure, messages exceeding these size limits should not be accepted by a mail gateway. The log messages quoted above are generated, when an e-mail arriving at the mail gateway does not meet line length limitations as defined by RFC 2821. These limitations are the following (quoted from RFC 2821, 4.5.3 Sizes and Timeouts):
The maximum total length of a user name or other local-part is 64 characters.
The maximum total length of a domain name or number is 255 characters.
The maximum total length of a reverse-path or forward-path is 256 characters (including the punctuation and element separators).
The maximum total length of a command line including the command word and the <CRLF> is 512 characters. SMTP extensions may be used to increase this limit.
The maximum total length of a reply line including the reply code and the <CRLF> is 512 characters. More information may be conveyed through multiple-line replies.
The maximum total length of a text line including the <CRLF> is 1000 characters (not counting the leading dot duplicated for transparency). This number may be increased by the use of SMTP Service Extensions.
The maximum total length of a message content (including any message headers as well as the message body) MUST BE at least 64K octets. Since the introduction of Internet standards for multimedia mail , message lengths on the Internet have grown dramatically, and message size restrictions should be avoided if at all possible. SMTP server systems that must impose restrictions SHOULD implement the "SIZE" service extension , and SMTP client systems that will send large messages SHOULD utilize it when possible.
The minimum total number of recipients that must be buffered is 100 recipients. Rejection of messages (for excessive recipients) with fewer than 100 RCPT commands is a violation of this specification. The general principle that relaying SMTP servers MUST NOT, and delivery SMTP servers SHOULD NOT, perform validation tests on message headers suggests that rejecting a message based on the total number of recipients shown in header fields is to be discouraged. A server which imposes a limit on the number of recipients MUST behave in an orderly fashion, such as to reject additional addresses over its limit rather than silently discarding addresses previously accepted. A client that needs to deliver a message containing over 100 RCPT commands SHOULD be prepared to transmit in 100-recipient "chunks" if the server declines to accept more than 100 recipients in a single message.
The Barracuda NG Firewall mailgateway configuration does not allow for customisation of line limit sizes. The log messages quoted above are generated as indicator for malconstructed e-mails. Note that e-mails exceeding line limit sizes will always have been forwarded by non RFC-conformant mail gateways and their incoming in not necessarily desired.