From 5d2f8b656ffbe668f50ac5354dc0b37210032576 Mon Sep 17 00:00:00 2001
From: Mark Wooding <mdw@distorted.org.uk>
Date: Mon, 15 Jan 2018 09:37:01 +0000
Subject: [PATCH] base.m4: Neither accept nor transmit messages with long lines
 over SMTP.

This is an upstream bug: https://bugs.exim.org/show_bug.cgi?id=1684
---
 base.m4 | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/base.m4 b/base.m4
index d64f7a6..4961012 100644
--- a/base.m4
+++ b/base.m4
@@ -287,6 +287,10 @@ SECTION(global, acl)m4_dnl
 acl_smtp_data = data
 SECTION(acl, data)m4_dnl
 data:
+	## Don't accept messages with overly-long lines.
+	deny	 message = line length exceeds SMTP permitted maximum: \
+			$max_received_linelength > 998
+		 condition = ${if >{$max_received_linelength}{998}}
 
 SECTION(acl, data-tail)m4_dnl
 	accept
@@ -410,6 +414,11 @@ m4_define(<:APPLY_HEADER_CHANGES:>,
 		<:${if def:acl_m_hdrrm{$acl_m_hdrrm:}}\
 		$2:>):>)
 
+m4_define(<:SMTP_DELIVERY:>,
+	<:## Prevent sending messages with overly long lines.  The use of
+	## `message_size_limit' here is somewhat misleading.
+	message_size_limit = ${if >{$max_received_linelength}{998}{1}{0}}:>)
+
 SECTION(transports)m4_dnl
 ## A standard transport for remote delivery.  By default, try to do TLS, and
 ## don't worry too much if it's not very secure: the alternative is sending
@@ -426,6 +435,7 @@ smtp:
 
 m4_define(<:SMTP_TRANS_DHBITS:>,
 	<:driver = smtp
+	SMTP_DELIVERY
 	APPLY_HEADER_CHANGES
 	hosts_try_auth = *
 	hosts_require_tls = DOMKV(tls-peer-ca, {*}{})
@@ -457,6 +467,7 @@ smtp_dhbits_2048:
 ## authentication.
 smtp_local:
 	driver = smtp
+	SMTP_DELIVERY
 	APPLY_HEADER_CHANGES
 	hosts_require_tls = *
 	tls_certificate = CONF_sysconf_dir/client.certlist
-- 
2.11.0