Re: [exim] bypassing exim string expansion with invalid addr…

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Jeremy Harris
日付:  
To: exim-users
題目: Re: [exim] bypassing exim string expansion with invalid addresses
On 13/03/2019 11:43, Graeme Fowler via Exim-users wrote:
> On 13 Mar 2019, at 09:55, Cyborg via Exim-users <exim-users@???> wrote:
>> I forgot to add the "attack" pattern:
>>
>> From: "ONLINE PHARMACY" <guclxfh@???>
>
> Valid per RFC5322.
>
>>       R="CANADA-DRUGSTORE" guclxfh@???>"

>
> Invalid per RFC5322. If it’s invalid, addresses cannot be extracted. We can only code against the valid format, as forms of invalidity are for all practical purposes infinite.



You *could* check the validity, using "verify = header_syntax".
--
Cheers,
Jeremy