[exim] Exim header check and mailsploit?

Pàgina inicial
Delete this message
Reply to this message
Autor: Adrian Zaugg
Data:  
A: Exim Users
Assumpte: [exim] Exim header check and mailsploit?

Hi

Following the recently published "mailsploit" [1] issue, I wonder why
exim with enabled headers syntax check doesn't reject those message that
use illegal characters in their from address.

The mailsploit attack relies on special chars like newline or the nul
character encoded in base64 or quoted-printable. In my opinion encoded
strings in mail headers should get decoded for validity checking, e.g
when setting in an ACL: require verify = headers_syntax
Am I wrong with this assumption?

Best regards, Adrian.

[1] https://www.mailsploit.com