https://bugs.exim.org/show_bug.cgi?id=3063
--- Comment #2 from Jeremy Harris <jgh146exb@???> ---
(In reply to Viktor Dukhovni from comment #1)
> Does Exim enforce pipelining conformance by default?
In general yes, but specifically for the 354 "DATA go-ahead", not
by default. It's possible to induce one.
I could see some value in a change to always enforce.
> That is, what is the default behaviour of Exim when an SMTP client expedites
> Also, I should note that (as specified in RFC1830) BDAT is NOT the last
> command in a pipeline group, and so Exim will accept two messages via a
> transaction of the form:
>
> MAIL FROM:<sender>
> RCPT TO:<nobody>
> DATA
Um, that was DATA and not BDAT.
> From: Some Sender <sender>
> To: Discarded Rcpt <nobody>
> Subject: ...
>
> <Some Message>
> <LF>.<LF>
and IF that gets treated as the dot closing off data, such that the
following are taken as commands for a further message:
> MAIL FROM:<forged-sender>
> RCPT TO:<real-rcpt>
> BDAT <length> LAST
> From: Forged Sender <forged-sender>
> To: Real Rcpt <real-rcpt>
> Subject: Wire all your assets to me
>
> <Phishing attack>
> QUIT
... that "phishing attack" could just as easily have been sent
as a sole message. It will still be subject to all the same
Access Control List operations, either way.
--
You are receiving this mail because:
You are on the CC list for the bug.
--
## subscription configuration (requires account):
##
https://lists.exim.org/mailman3/postorius/lists/exim-dev.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-dev-unsubscribe@???
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/
