[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
OpenSMTPd and the "smuggling" attack
From: |
Felix Lechner |
Subject: |
OpenSMTPd and the "smuggling" attack |
Date: |
Tue, 09 Jan 2024 17:29:15 -0800 |
Hi,
Due to the popularity of OpenSMTPd here, I thought the group might
appreciate that MTA is not affected by the "SMTP smuggling" attack [1]
like the other mail servers. [2]
According to #opensmtpd, our MTA does not support pipelining and is
therefore not vulnerable.
Some additional patches for hardening are being tested but they do not
currently play nice with all others.[3]
Kind regards
Felix
[1] https://marc.info/?l=oss-security&m=170316959409269&w=2
[2] https://marc.info/?l=oss-security&m=170341041116636&w=2
[3] https://marc.info/?l=openbsd-tech&m=170306668710940&w=2
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- OpenSMTPd and the "smuggling" attack,
Felix Lechner <=