[exim-dev] [Bug 2624] When using manualroute TLS certificati…

Top Page
Delete this message
Reply to this message
Author: admin
Date:  
To: exim-dev
Subject: [exim-dev] [Bug 2624] When using manualroute TLS certification is not safe
https://bugs.exim.org/show_bug.cgi?id=2624

--- Comment #3 from Jason Gunthorpe <jgg@???> ---
4.94 fails too, but the commit linked to bug 2594 is not in 4.94, so I will try
building from source as it does look like the right fix (give me a bit to get
this done).

Regarding standards, bug 2594 has a good quote from the SMTP RFC:

   -  A SMTP client would probably only want to authenticate an SMTP
      server whose server certificate has a domain name that is the
      domain name that the client thought it was connecting to.


In my particular case the manualroute is choosing a transport with
authentication enabled, so the above applies.

In terms of Exim, when the above says "the domain name that the client thought
it was connecting to" it means the route_data in the manualroute. This
specifies the "domain name" that Exim is to allowed to send the authentication
to.

The problem here is that DNS is insecure and it is not so hard to inject a
CNAME response into Exim. With authentication turned on this means someone can
steal the authentication secret. I think it is understandable why this is bad.

I recommend backporting this patch into earlier releases.

--
You are receiving this mail because:
You are on the CC list for the bug.