[pfx] improper command pipelining

Mon, 15 Jan 2024 00:34:38 -0800 

dear postfix users,
since the recent SMTP smuggling issue I applied the short term workaround by setting smtpd_forbid_unauth_pipelining = yes 

I also do a daily scan on journalctl with some keywords, e.g. 'pipelining'

the following showed up this morning.

do i need to be worried?

thanks
& greetings
Becki



Jan 14 01:57:15 cx20 postfix/submission/smtpd[25120]: improper command 
pipelining after CONNECT from battery.census.shodan.io[93.174.95.106]: 
\026\003\003\001\244\001\000\001\240\003\003'>\232\037\250\226/zan\025\307\023\350_\373\253\021W\212\3262\246\223\3378\314/\312\200>\200 
\343p5J\020\265q@\355\241\371b\377\236\375\227;\352\202wL\303\204\003\305O\255\273\2319\322\330\000\212\000\026\0003\000g\300\236\300\242\000\236\0009\000k\300\237\300\243\000\237
Jan 14 01:57:15 cx20 postfix/submission/smtpd[25120]: improper command 
pipelining after CONNECT from battery.census.shodan.io[93.174.95.106]: 
\026\003\003\001\244\001\000\001\240\003\003pP\244\201Y\346\233\272\340=\365\222\201\333\ba\354\v1V 
\356\277\200\370\023\264zR\360\243\307 
\270T\336w\204\177\213\220D\317\234\210\220w\2446\b\302\206\376\202\365\317\312\340\353\177\016\370~\032\306\000\212\000\005\000\004\000\a\000\300\000\204\000\272\000A\000\235\300\241\300\235\000=
Jan 14 01:57:15 cx20 postfix/submission/smtpd[25120]: improper command 
pipelining after CONNECT from battery.census.shodan.io[93.174.95.106]: 
\026\003\003\001U\001\000\001Q\003\003V\021\240\231\032m\243\224\002A\fL-\017n\315\f1g\037k\021\357\245\302EG\317\a\226 
\331 
\006^\005V[#\265\001\255t\246\340\364\357\020g\247F\301\317\203\253\201U[\324(\221\247\221R9\000F\300\022\300\a\314\024\023\001\023\002\314\251\300s\300r\300,\300\257\300\255
Jan 14 01:57:15 cx20 postfix/submission/smtpd[25122]: improper command 
pipelining after CONNECT from battery.census.shodan.io[93.174.95.106]: 
\026\003\002\001\231\001\000\001\225\003\002\003\201\335\374\201\271\a\022!\224@\272z]\362\006\371\001\313\371\233(\245\ne\200\fm\370\270\335{ 
\366S\224\365\370\220\355\033\237\3706\033\347\237P\312\236\247\274\232a^_\361\227\257,\275\nu\276D\000\212\000\026\0003\000g\300\236\300\242\000\236\0009\000k\300\237\300\243\000\237
Jan 14 05:05:41 cx20 postfix/submission/smtpd[31071]: improper command 
pipelining after CONNECT from 
scanner-29.ch1.censys-scanner.com[167.248.133.186]: 
\026\003\003\001\244\001\000\001\240\003\003\316@\257\332\b\000\n\337\205^\377\260D\331\344\364\222\250\030\215\234\220\032\341\352\313`\2470K+\306 
\265~P\206\337O\364Q\310\236xi\277\017\266\244\020\205\006i\a\273\317\220\006]t0x\216\221\311\000\212\000\026\0003\000g\300\236\300\242\000\236\0009\000k\300\237\300\243\000\237



_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org






















					Reply via email to