On Mon, Dec 02, 2019 at 02:20:48PM +0100, Cyborg via Exim-users wrote: > Am 30.11.19 um 19:41 schrieb Haines Brown via Exim-users: > > > >> The following address(es) have yet to be delivered: > >> [email protected]: SMTP error from remote mail server > >> after pipelined > >> MAIL FROM:<> SIZE=5753: 554 5.7.1 Empty Sender Address is > >> prohibited through this server > > https://www.exim.org/static/doc/security/CVE-2019-10149.txt > > > > > Your mentioned CVE refers to this Exploit: <${run{bash}}@domain.de> > > But i don't see any connection with you anti-bounce message in a queue.
Unfortunately, I deleted my original notes. It seems a discussion of my errot linked to CVE-2019-10149.txt and nothing in that text indicated I was on the wrong track. > Your service may have been hacked (earlier or on a different service) > and/or is sending spams out and/or receiving spam bounces, to be sure, > pls give us more details. Devuan has an application that automatically sends a message anytime you install an application. I suspect this may be the culprit. > > best regards, > > -- > ## List details at https://lists.exim.org/mailman/listinfo/exim-users > ## Exim details at http://www.exim.org/ > ## Please use the Wiki with this list - http://wiki.exim.org/ -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
