Re: [exim] Exim with Dovecot: Typical Misconfiguration Leads…

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M\Jan Ingvoldstad at <-
MM 
Delete this message
Reply to this message
Author: Lena
Date:  
To: exim-users
Subject: Re: [exim] Exim with Dovecot: Typical Misconfiguration Leads to Remote Command Execution
> the default configuration's RCPT ACL would reject an
> inbound email address containing backticks as being invalid.

Default RCPT ACL checks local_parts, but in the exploit
$sender_address_local_part (in envelope-from) was used.

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] missing log entriesRe: [exim] shunting off email from MX1+MX2 to third unpublished MX running Exim4 to filter just one user locally?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)