Am 10.09.19 um 13:33 schrieb Michael Love via Exim-users: > Hi All, > Question: > We have a restricted hostlist of only other servers able to email exim 4.86. > For this new vulnerability, is the TLS handshake executed before the > whitelist hostlist lookup, or is the whitelist hostlist queried first? > Thank you.Michael Love.
If you wanne be sure, use IPTABLES to allow your hosts to relay, not the outdated exim version. There could be a lot more bugs in your version, which combined together, result in a new vulnerability path. best regards, Marius -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
