Hi all,

first of all, thanks Gilles for the heads-up and a fix on short notice.

For people like me who relay on the portable version and for systems which 
relay on built packages as they lack the local development tools, a filter 
should help to mitigate the problem until a package could be built on another 

Shouldn’t something like 

filter exploit_check phase mail-from match mail-from regex {  '<*\;*' } \
    disconnect "550 no exploiting, kthx”

listen on $interface filter exploit_check

sufficiently mitigate the problem?
I am not fluent in regex’ing so maybe I am missing an edge case. It does 
prevent the example exploit and any others I’ve seen in the last hours.

Best regards

Reply via email to