top | item 38732155

(no title)

amar0c | 2 years ago

Anyone have idea for Postfix "workaround fix" on versions prior to 3.5.x ?

For example, Ubuntu 20.04 (LTS) is on 3.4 and 'smtpd_forbid_unauth_pipelining' is not available at all.

discuss

[quote] With all Postfix versions, "smtpd_data_restrictions = reject_unauth_pipelining" will stop the published exploit. [/quote]

https://www.postfix.org/smtp-smuggling.html

ToniAlfredo|2 years ago

You should be able to set "smtpd_data_restrictions = reject_unauth_pipelining" in your main.cf This option is available in "older" postfix versions and even works with postfix 2.10. Don't know if it is as good of a measure as the 'smtpd_forbid_unauth_pipelining' that is recommended for newer versions.