Am 23.06.19 um 21:02 schrieb Jeremy Harris via Exim-users:
>
> deny local_parts = \N ^.*$ : ^.*\\x24 : ^.*\\0?44 \N
> message = no mate
>
> Thie is perhaps over-broad - a dollar sign in a local-part
> is strictly legitimate per the standards. However, it's
> not something most strictly-Ascii sites would be wanting to
> use, I suspect.
Anyone who used this restricted chars patch:
deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[\$@%!/|]
Should add Jeremy's version as an addition to the old one, because tests
have shown that
attackers can substitute $ with \x24 .
We are not aware of any exploit succeeding to circumvent the patched
restricted chars rule, but better be safe than sorry!
best regards,
Marius
