On 8/3/2021 12:23 PM, John Levine wrote:
It appears that Wietse Venema <postfix-users@postfix.org> said:
Here's a nice writeup that illustrates why Postfix blocks ALPACA attacks.
https://nakedsecurity.sophos.com/2021/06/11/alpaca-the-wacky-tls-security-vulnerability-with-a-funky-name/
Just wondering, did you add the anti-http stuff because of ALPACA or was it
already there?
R's,
John
I think 2004, so it's been there a while. Back then sometimes open
web proxies were used to send spam knowing the MTA would ignore the
invalid commands.
-- Noel Jones
