[exim] Exim header check and mailsploit?

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Adrian Zaugg
Date:  
À: Exim Users
Sujet: [exim] Exim header check and mailsploit?

Hi

Following the recently published "mailsploit" [1] issue, I wonder why
exim with enabled headers syntax check doesn't reject those message that
use illegal characters in their from address.

The mailsploit attack relies on special chars like newline or the nul
character encoded in base64 or quoted-printable. In my opinion encoded
strings in mail headers should get decoded for validity checking, e.g
when setting in an ACL: require verify = headers_syntax
Am I wrong with this assumption?

Best regards, Adrian.

[1] https://www.mailsploit.com