oss-sec mailing list archives
Re: Fwd: [pfx-ann] Postfix stable release 3.8.4
From: Solar Designer <solar () openwall com>
Date: Fri, 22 Dec 2023 23:45:27 +0100
On Fri, Dec 22, 2023 at 05:41:56PM +0100, Solar Designer wrote:
Subject: [pfx-ann] Postfix stable release 3.8.4
This was followed by almost identical announcements for 3 other stable branches of Postfix, with the fix included in 3.7.9, 3.6.13, and 3.5.23. I'm not forwarding those individual messages in here, but I thought it's relevant to mention that these 4 branches/releases got the fix now.
[An on-line version of this announcement will be available at https://www.postfix.org/announcements/postfix-3.8.4.html] Fixed with Postfix 3.8.4: * Security: this release adds support to defend against an email spoofing attack (SMTP smuggling) on recipients at a Postfix server. For background, see https://www.postfix.org/smtp-smuggling.html. Sites concerned about SMTP smuggling attacks should enable this feature on Internet-facing Postfix servers. For compatibility with non-standard clients, Postfix by default excludes clients in mynetworks from this countermeasure. The recommended settings are: # Optionally disconnect remote SMTP clients that send bare newlines, # but allow local clients with non-standard SMTP implementations # such as netcat, fax machines, or load balancer health checks. # smtpd_forbid_bare_newline = yes smtpd_forbid_bare_newline_exclusions = $mynetworks The smtpd_forbid_bare_newline feature is disabled by default. You can find the updated Postfix source code at the mirrors listed at https://www.postfix.org/. Wietse _______________________________________________ Postfix-announce mailing list -- postfix-announce () postfix org To unsubscribe send an email to postfix-announce-leave () postfix org ----- End forwarded message -----
Alexander
Current thread:
- Fwd: [pfx-ann] Postfix stable release 3.8.4 Solar Designer (Dec 22)
- Re: Fwd: [pfx-ann] Postfix stable release 3.8.4 Solar Designer (Dec 22)