Hi Haines, Haines Brown via Exim-users <[email protected]> (Sa 30 Nov 2019 19:41:11 CET): > Of late (perhaps since October?) I've received random messages like > this: > > > Date: Fri, 29 Nov 2019 21:30:34 -0500 > > From: Mail Delivery System <[email protected]> > > To: [email protected] > > Subject: Message frozen > > > > Message 1iasWk-0004Ya-NP has been frozen (delivery error message). > > The sender is <>. > > > > The following address(es) have yet to be delivered: > > [email protected]: SMTP error from remote mail server > > after pipelined > > MAIL FROM:<> SIZE=5753: 554 5.7.1 Empty Sender Address is > > prohibited through this server
Your system tried to send a message with an empty sender (probably a bounce) to [email protected]. The remote system didn't accept this. I do not see, how this is related to the mentioned CVE 2019-10149. (Maybe I'm missing something.) > My impression is this exploit is not harmless, and so I'd like to know > if there is a way to block it. Since it depends on emacs4 > configuration, this might be possible. Here again - I may miss the point, but I do not understand, how the dependency on emacs4 (configuration?) gives an easy way to block it (what?). Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
signature.asc
Description: PGP signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
