On 12/23/23 19:15, Ian Z via Exim-users wrote:
On Sat, Dec 23, 2023 at 10:27:02AM +0000, Jeremy Harris via Exim-users wrote:
Some changes in that direction are already available.
An intriguing statement ;-) Available in 4.97, on master, on another
branch?
In the git master.
Are there build time or run time configuration setting changes
needed to enable taking an installation in that direction?
I already disable pipelining and chunking. Anything else I can do to
get the strictest, most boring implementation of SMTP possible? I have
no need to cater to broken clients.
Sure. You'd need to fine-tooth both the Makefile and your config,
thinking hard about every feature and the relation to your security
posture.
I can't really advise on specifics. For example, just supporting
TLS is a massive increase in compiled code and therefore attack surface.
Personally I prefer to have it available, but YMMV.
--
Cheers,
Jeremy
--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## [email protected]
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
