Skip Navigation

Attack against postfix allows sending of spoofed mail

www.postfix.org /smtp-smuggling.html

FYI: Postfix has currently an unpatched vulnerability which allows sending of spoofed mail: https://www.postfix.org/smtp-smuggling.html

A fix is currently not available but to have peaceful holidays one should have these lines in the configuration as a workaround:

main.cf:
    smtpd_data_restrictions = reject_unauth_pipelining
    smtpd_discard_ehlo_keywords = chunking
1
1 comments