COMMAND

    FirstClass Internet Services

SYSTEMS AFFECTED

    FirstClass Internet Services 5.770

PROBLEM

    Adam Prime found following.  He got a bizarre malformed mail  from
    some dot com that hasn't learned about BCC yet with a 1.4 meg  To:
    Header.  The mail was handled fine by Software.com's  Post.Office,
    but when  Post.Office tried  to pass  the mail  to our  FirstClass
    server, the First Class Internet Services process would hang.   He
    wrote a perl  script to send  other emails with  gigantic headers,
    but he was unable to reproduce the problem with just large headers
    (though it did bring the  system to a crawl, and  eventually cause
    strange things to happen).  The original email put's the  Internet
    Services process into  "Not responding" after  only 30 seconds  or
    so.

    A  demonstration  perl  script  which  will  crash  FCIS  Internet
    Services is available at

        http://doot.dyndns.org/fcdos.tar.gz

    Though  be  warned,  it  is  100  K  or  so  because it contains a
    sanitized version of the  original email that received  (addresses
    obfuscated).

SOLUTION

    Emails to the vendor were not returned or acknowledged.