[prev in list] [next in list] [prev in thread] [next in thread]
List: postfix-users
Subject: [pfx] Postfix stable release 3.8.4
From: Wietse Venema via Postfix-users <postfix-users () postfix ! org>
Date: 2023-12-22 16:30:21
Message-ID: 4SxXpP5q3SzJrP4 () spike ! porcupine ! org
[Download RAW message or body]
[An on-line version of this announcement will be available at https://www.postfix.org/announcements/postfix-3.8.4.html]
Fixed with Postfix 3.8.4:
* Security: this release adds support to defend
against an email spoofing attack (SMTP smuggling) on
recipients at a Postfix server. For background, see
https://www.postfix.org/smtp-smuggling.html.
Sites concerned about SMTP smuggling attacks should enable this
feature on Internet-facing Postfix servers. For compatibility
with non-standard clients, Postfix by default excludes clients
in mynetworks from this countermeasure.
The recommended settings are:
# Optionally disconnect remote SMTP clients that send bare newlines,
# but allow local clients with non-standard SMTP implementations
# such as netcat, fax machines, or load balancer health checks.
#
smtpd_forbid_bare_newline = yes
smtpd_forbid_bare_newline_exclusions = $mynetworks
The smtpd_forbid_bare_newline feature is disabled by default.
You can find the updated Postfix source code at the mirrors listed at
https://www.postfix.org/.
Wietse
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-leave@postfix.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic