著者: Jeremy Harris 日付: To: exim-users 題目: Re: [exim] Exim hostlist in the exim config - related to
CVE-2019-15846
On 10/09/2019 12:33, Michael Love via Exim-users wrote: > We have a restricted hostlist of only other servers able to email exim 4.86.
> For this new vulnerability, is the TLS handshake executed before the whitelist hostlist lookup, or is the whitelist hostlist queried first?
It depends where you've used this hostlist in your config,
and whether you support TLS-on-connect.
--
Cheers,
Jeremy