There have been multiple accounts created with the sole purpose of posting advertisement posts or replies containing unsolicited advertising.

Accounts which solely post advertisements, or persistently post them may be terminated.

Attack against postfix allows sending of spoofed mail

FYI: Postfix has currently an unpatched vulnerability which allows sending of spoofed mail: www.postfix.org/smtp-smuggling.html

A fix is currently not available but to have peaceful holidays one should have these lines in the configuration as a workaround:


<span style="color:#323232;">main.cf:
</span><span style="color:#323232;">    smtpd_data_restrictions = reject_unauth_pipelining
</span><span style="color:#323232;">    smtpd_discard_ehlo_keywords = chunking
</span>
azron ,

The “smuggled” SMTP MAIL/RCPT/DATA commands and header plus body text can be used to spoof an email message from any MAIL FROM address whose domain is hosted at email service A, to any RCPT TO address whose domain is hosted at email service B.

If I understand this correctly someone can use Microsoft/other commercial services to email a domain running postfix and make it comes from anyone on the initial service to anyone on the postfix domain. Nice. Good for targeted attacks and probably not bad to get some spam out.

Merry Christmas postfix.

Mailcow tracking bug, they claim the fix in the parent may cause the blocking of legimate traffic from incorrectly implemented smtp servers.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • [email protected]
  • lifeLocal
  • goranko
  • All magazines
    •