[exim-dev] [Bug 3096] There is no limit on the number of MAI…

Pàgina inicial
Delete this message
Reply to this message
Autor: Exim Bugzilla
Data:  
A: exim-dev
Assumpte: [exim-dev] [Bug 3096] There is no limit on the number of MAIL commands that can be sent before EHLO.
https://bugs.exim.org/show_bug.cgi?id=3096

Jeremy Harris <jgh146exb@???> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Priority|medium                      |low


--- Comment #2 from Jeremy Harris <jgh146exb@???> ---
Also, the default setting for the main-config option "hosts_require_helo" is
"*"
- so all connections will need a HELO or EHLO before accepting a MAIL.

I have to assume that the complaint is that there is no automatic connection
drop due to an excessive number of such MAILs being reveived; is that so?

It'd not be hard to count them in your mail ACL, and drop when needed.

This is surely marginal for being a security issue, and I'm downgrading it to
low importance from medium. Please justify the security aspect.
Otherwire I'll call it "wishlist".
I'm also unclear that Documentation is the right component, although
there is no obvious match - neither ACLs nor Mail Receipt are perfect.

--
You are receiving this mail because:
You are on the CC list for the bug.

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-dev.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-dev-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/