Signature Detail

Short Name	SMTP:OVERFLOW:CONTENT-NAME
Severity	High
Recommended	No
Category	SMTP
Release Date	2003/04/22
Update Number	1213
Supported Platforms	di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SMTP: Attachment Content Name Overflow

This protocol anomaly detects a SMTP content-type name that exceeds the user-defined maximum. The default number of bytes in a content-type name is 128; you can change this setting in the Sensor Settings Rulebase>Protocol Thresholds and Configuration>SMTP>Maximum length of the value for content-type's name attribute.

Extended Description

The default length of the Content-Type name is 128 bytes. An SMTP Content-Type name that exceeds the user-defined maximum length is a protocol anomaly and should be detected.

References

URL: http://www.faqs.org/rfcs/rfc2821.html
URL: http://www.faqs.org/rfcs/rfc1521.html

Signature Detail

Short Name

Severity

Recommended

Category

Release Date

Update Number

Supported Platforms

SMTP: Attachment Content Name Overflow

Extended Description

References