[exim-dev] [Bug 3063] "SMTP Smuggling" attack

Página Inicial
Delete this message
Reply to this message
Autor: Exim Bugzilla
Data:  
Para: exim-dev
Tópicos Antigos: [exim-dev] [Bug 3063] New: Partially vulnerable to "SMTP Smuggling" if pipelining is enabled
Assunto: [exim-dev] [Bug 3063] "SMTP Smuggling" attack
https://bugs.exim.org/show_bug.cgi?id=3063

--- Comment #17 from Simon Arlott <bugzilla.exim.simon@???> ---
This is already creating interoperability problems in conjunction with the
default strict line length limits, because a message body containing bare LFs
which get converted to spaces can make the lines longer:

"< znx> after a recent upgrade .. we have noted that newlines seem to be
getting stripped from a message body. still testing to determine exactly what
is going on. but the message is accepted (passing a linelength check) and then
rejected when it tries to router (failing a linelength check). messages which
don't fail the linelength check .. get through but have their newlines stripped
and replaced by spaces. content is HTML.
< jgh> I bet you're feeding bare CR's in
< znx> possibly, I think it is from Oracle directly, not sure how it handles
< znx> the newlines are in the message body"

This unexplained change should be reverted. As long as Exim understands the
message correctly it can normalise the line endings when storing it.

--
You are receiving this mail because:
You are on the CC list for the bug.

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-dev.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-dev-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/