https://bugs.exim.org/show_bug.cgi?id=3063
--- Comment #2 from Jeremy Harris <[email protected]> --- (In reply to Viktor Dukhovni from comment #1) > Does Exim enforce pipelining conformance by default? In general yes, but specifically for the 354 "DATA go-ahead", not by default. It's possible to induce one. I could see some value in a change to always enforce. > That is, what is the default behaviour of Exim when an SMTP client expedites > Also, I should note that (as specified in RFC1830) BDAT is NOT the last > command in a pipeline group, and so Exim will accept two messages via a > transaction of the form: > > MAIL FROM:<sender> > RCPT TO:<nobody> > DATA Um, that was DATA and not BDAT. > From: Some Sender <sender> > To: Discarded Rcpt <nobody> > Subject: ... > > <Some Message> > <LF>.<LF> and IF that gets treated as the dot closing off data, such that the following are taken as commands for a further message: > MAIL FROM:<forged-sender> > RCPT TO:<real-rcpt> > BDAT <length> LAST > From: Forged Sender <forged-sender> > To: Real Rcpt <real-rcpt> > Subject: Wire all your assets to me > > <Phishing attack> > QUIT ... that "phishing attack" could just as easily have been sent as a sole message. It will still be subject to all the same Access Control List operations, either way. -- You are receiving this mail because: You are on the CC list for the bug. -- ## subscription configuration (requires account): ## https://lists.exim.org/mailman3/postorius/lists/exim-dev.lists.exim.org/ ## unsubscribe (doesn't require an account): ## [email protected] ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
