Dnia 1.01.2024 o godz. 23:10:22 Jaroslaw Rafa via mailop pisze:
>
> This is basically equal to the new configuration setting
> "smtpd_forbid_unauth_pipelining = no" which is a default for Postfix
> versions >= 3.9.
Sorry, of course I made a mistake here. I meant
"smtpd_forbid_unauth_pipelining
Dňa 1. januára 2024 21:31:19 UTC používateľ Marco Moock via mailop
napísal:
>True, although, that can be used to send mail to local mailboxes only.
>To relay to an external sender, MX must be allowed to relay via the
>final destination MTA.
I will consider that by "relay to an external sender"
Dnia 1.01.2024 o godz. 21:53:59 Gellner, Oliver via mailop pisze:
>
> Yes, but as with Postfix the update alone does not fix the vulnerability.
> You have to additionally change the config as instructed. The vendors and
> distributions don’t do this automatically as this changes the behavior of
On 01.01.2024 at 20:38 Marco Moock wrote:
Am 01.01.2024 um 17:58:47 Uhr schrieb Gellner, Oliver via mailop:
To exploit the issue, an email message needs to traverse two MTAs
that treat the EOM marker differently. The MTAs do not need to be in
a special trust relationship or allowed to relay to
Am 01.01.2024 um 20:25:54 Uhr schrieb Slavko via mailop:
> Dňa 1. januára 2024 19:38:08 UTC používateľ Marco Moock via mailop
> napísal:
> >Am 01.01.2024 um 17:58:47 Uhr schrieb Gellner, Oliver via mailop:
> >
> >> To exploit the issue, an email message needs to traverse two MTAs
> >> that
Am 01.01.2024 um 15:56:02 Uhr schrieb John Covici via mailop:
> Thanks much -- that version is not in my repository yet, but I will
> keep an eye out for it.
That is a snapshot - a release for testing - and such releases are
normally not in the normal repos of the distributions.
I dunno when
Thanks much -- that version is not in my repository yet, but I will
keep an eye out for it.
On Mon, 01 Jan 2024 13:53:57 -0500,
ml+mailop--- via mailop wrote:
>
> On Mon, Jan 01, 2024, John Covici via mailop wrote:
> > I use sendmail 8.17.1.9 under gentoo -- any patch for that one to fix this?
Dňa 1. januára 2024 19:38:08 UTC používateľ Marco Moock via mailop
napísal:
>Am 01.01.2024 um 17:58:47 Uhr schrieb Gellner, Oliver via mailop:
>
>> To exploit the issue, an email message needs to traverse two MTAs
>> that treat the EOM marker differently. The MTAs do not need to be in
>> a
Am Mon, Jan 01, 2024 at 06:53:57PM + schrieb ml+mailop--- via mailop:
> > I use sendmail 8.17.1.9 under gentoo -- any patch for that one to fix this?
>
> Upgrade to 8.18.0.2,:
Additionally needs "Srv_Features: o" for sendmail to only accept CR LF . CR LF
as end of an SMTP message.
Am 01.01.2024 um 10:17:25 Uhr schrieb Randolf Richardson, Postmaster
via mailop:
> > > On 28.12.2023 at 20:29 Marco Moock via mailop wrote:
> > >
> > > Am 28.12.2023 um 18:15:39 Uhr schrieb Tom Perrine via mailop:
> > >
> > >> Has anyone detected or seen any evidence of SMTP smuggling in the
>
Am 01.01.2024 um 17:58:47 Uhr schrieb Gellner, Oliver via mailop:
> To exploit the issue, an email message needs to traverse two MTAs
> that treat the EOM marker differently. The MTAs do not need to be in
> a special trust relationship or allowed to relay to each other.
Sorry for the second
Am 01.01.2024 um 17:58:47 Uhr schrieb Gellner, Oliver via mailop:
> The vulnerability is not super critical, but it has been fixed only
> for a very small subset of affected systems. All kind of MTAs from
> Postfix to Sendmail, Exim and various proprietary systems are
> affected and the
On Mon, Jan 01, 2024, John Covici via mailop wrote:
> I use sendmail 8.17.1.9 under gentoo -- any patch for that one to fix this?
Upgrade to 8.18.0.2,:
https://ftp.sendmail.org/snapshots/sendmail.8.18.0.2.tar.gz
https://ftp.sendmail.org/snapshots/sendmail.8.18.0.2.tar.gz.sig
I use sendmail 8.17.1.9 under gentoo -- any patch for that one to fix this?
On Mon, 01 Jan 2024 12:58:47 -0500,
Gellner, Oliver via mailop wrote:
>
>
> > On 28.12.2023 at 20:29 Marco Moock via mailop wrote:
> >
> > Am 28.12.2023 um 18:15:39 Uhr schrieb Tom Perrine via mailop:
> >
> >> Has
> > On 28.12.2023 at 20:29 Marco Moock via mailop wrote:
> >
> > Am 28.12.2023 um 18:15:39 Uhr schrieb Tom Perrine via mailop:
> >
> >> Has anyone detected or seen any evidence of SMTP smuggling in the
> >> wild?
> >>
> >> I´m trying to get an independent read on how quickly the bad actors
> >>
> Am 01.01.2024 um 01:46:44 Uhr schrieb Randolf Richardson, Postmaster
> via mailop:
>
> > Is anyone seeing large numbers of dictionary attacks from
> > 20.42.100.251 (which is owned by Microsoft)? I'm curious if they're
> > engaging in large-scale targeting.
>
> Doesn't have a PTR, so no
> On 28.12.2023 at 20:29 Marco Moock via mailop wrote:
>
> Am 28.12.2023 um 18:15:39 Uhr schrieb Tom Perrine via mailop:
>
>> Has anyone detected or seen any evidence of SMTP smuggling in the
>> wild?
>>
>> I’m trying to get an independent read on how quickly the bad actors
>> have (or haven’t)
On 31/12/2023 16:02, John Levine via mailop wrote:
> A message with a dozen recipients in the same SMTP session is a very
> strong spam signal. So don't do that, do single deliveries like
> everyone else does.
Except that Google and Microsoft don't do single deliveries. Yahoo does.
"Do as I say,
Am 01.01.2024 um 01:46:44 Uhr schrieb Randolf Richardson, Postmaster
via mailop:
> Is anyone seeing large numbers of dictionary attacks from
> 20.42.100.251 (which is owned by Microsoft)? I'm curious if they're
> engaging in large-scale targeting.
Doesn't have a PTR, so no regular mail
Is anyone seeing large numbers of dictionary attacks from
20.42.100.251 (which is owned by Microsoft)? I'm curious if they're
engaging in large-scale targeting.
I'm seeing more than 2,000 attempts daily from 20.42.100.251 against
mail account local-parts like "test" and
20 matches
Mail list logo