Hi Guix,
Exim currently has unpatched vulnearabilities regarding its EXTERNAL Auth driver as well as its SPA/NTLM authenticator. According to the project[0] prospective fixes seem to be around the corner. We should probably bump the Exim version we ship to a non-vulnearable version as soon as one is available. [0]: https://www.exim.org/static/doc/security/CVE-2023-zdi.txt -- Kind regards, Wilko Meyer w...@wmeyer.eu