Re: [exim] Exim (aoom) named in context of new TLS cross-protocol attack
> ... and here is the EXIM EXPLOIT : > https://github.com/RUB-NDS/alpaca-code/blob/master/exploits/smtp/02-exim.md That's interesting because I expected a 503 no greeting received yet if a throw a "mail from:..." to Exim before EHLO/HELO. But in the case the address given is invalid it is indeed 501 alert(1);: malformed address: alert(1); may not follow without prior greeting. According to debug +all output there is no way to prevent that by ACL because none is called in this case mail from: