Hi Haines,
Haines Brown via Exim-users <exim-users@???> (Sa 30 Nov 2019 19:41:11 CET):
> Of late (perhaps since October?) I've received random messages like
> this:
>
> > Date: Fri, 29 Nov 2019 21:30:34 -0500
> > From: Mail Delivery System <Mailer-Daemon@???>
> > To: postmaster@???
> > Subject: Message frozen
> >
> > Message 1iasWk-0004Ya-NP has been frozen (delivery error message).
> > The sender is <>.
> >
> > The following address(es) have yet to be delivered:
> > dng-bounces@???: SMTP error from remote mail server
> > after pipelined
> > MAIL FROM:<> SIZE=5753: 554 5.7.1 Empty Sender Address is
> > prohibited through this server
Your system tried to send a message with an empty sender (probably a
bounce) to dng-bounces@???. The remote system didn't accept
this.
I do not see, how this is related to the mentioned CVE 2019-10149.
(Maybe I'm missing something.)
> My impression is this exploit is not harmless, and so I'd like to know
> if there is a way to block it. Since it depends on emacs4
> configuration, this might be possible.
Here again - I may miss the point, but I do not understand, how the
dependency on emacs4 (configuration?) gives an easy way to block
it (what?).
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
