On 04/07/2019 21:23, Ian Zimmerman via Exim-users wrote: > After your important discovery that escaping is done on local parts as > part of SMTP (at least that's how I interpreted the disappearance of the > backslash from "it\z"), the next question should be but has not yet > been: why is this needed at all?
Because Exim's string-escaping lets you write a dollar-sign as \x24. So we need to get a matcher for that into the RE. > Won't the whole escape sequence be > transformed into a dollar sign by the time it is matched against the > rule? No; the SMTP string-escaping does not provide that facility. So an attacker can fairly simply get somthing into a local-part which ends up as a \x24 after the SMTP de-escaping. -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
