Re: [exim] Exim with Dovecot: Typical Misconfiguration Leads…

Top Page
Delete this message
Reply to this message
Author: Lena
Date:  
To: exim-users
Subject: Re: [exim] Exim with Dovecot: Typical Misconfiguration Leads to Remote Command Execution
> the default configuration's RCPT ACL would reject an
> inbound email address containing backticks as being invalid.


Default RCPT ACL checks local_parts, but in the exploit
$sender_address_local_part (in envelope-from) was used.