On Wed, 15 Nov 2023, Victor Ustugov via Exim-users wrote:
> Hello
>
> This is a real case.
>
> Let's resolve the TXT record of the perrigo.com domain.
>
> # pkg info -E exim
> exim-4.96.2
>
> # echo '${lookup dnsdb{>\n; defer_never,txt=perrigo.com}}' | exim -be |
> grep v=spf1
> v=spf1 include:spf-00157e01.pphosted.com
> include:spf-00157e03.pphosted.com include:spf.protection.outlook.com
> include:spf.natchcloud.com include:spf.messagelabs.com
> include:spf.mailjet.com a:smtp5.silae.fr include:_spf-dc8.sapsf.co#
> include:_spf-dc4.sapsf.com ip4:70.42.227.151/32 ip4:70.42.227.152/32
> ip4:65.221.8.29/32 ip4:65.221.12.128/2 ip4:65.221.12.148/32
> ip4:198.11.114.29/32 ~all
git bisect finds that
commit f6b1f8e7d642f82d830a71b78699a4349e0158e1
Date: Tue Oct 10 23:03:28 2023 +0100
Harden dnsdb against crafted DNS responses. Bug 3033
(cherry picked from commit 8787c8994f07c23c3664d76926e02f07314d699d)
is to blame.
[ I note that the '#' in include:_spf-dc8.sapsf.co# is actually 0x9c. ]
--
Andrew C. Aitchison Kendal, UK
andrew@???
--
## subscription configuration (requires account):
##
https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/
