On 06/12/17 16:12, Adrian Zaugg wrote: > The mailsploit attack relies on special chars like newline or the nul > character encoded in base64 or quoted-printable. In my opinion encoded > strings in mail headers should get decoded for validity checking, e.g > when setting in an ACL: require verify = headers_syntax > Am I wrong with this assumption?
RFC 5322 says nothing about encoding. -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
