Dňa 26. mája 2023 23:45:22 UTC používateľ Victor Ustugov via Exim-users
<exim-users@lists.exim.org> napísal:
>But more than one address in a From header is rare. And if there are
>several such incorrect addresses in the From header of the attacker's
>email, then it's good that at least one of them can be extracted using a
>simple regular expression.
I do not manipulate From: nor any other (address) header by
that way on incomming mails, nor from wild, nor from users.
But i use ${address:...} expansion to extract address from
Sender: and From: headers (forced to one address) on MSA
to check, that users use only allowed address, to prevent
spoofing. I do that test(s) after syntax verifying, but now i
see that it is not reliable, just because MUA (expected) &
exim can do it wrong...
I did expensive testing of that checks, but the case of
invalid syntax which pass syntax verifying was not
included...
regards
--
Slavko
https://www.slavino.sk/
--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscr...@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
