At 11:10 -0400 10 May 2020, Remco Rijnders <re...@webconquest.com> wrote:
Well, the problem might originate in msmtp, but I think opensmtpd also
has an issue here in that it breaks / locks up / hangs when presented
with this unexpected input, with possible security implications.

I'd disagree. Rather than being locked up, I suspect that opensmtpd is just (correctly by the standards) waiting for the client (msmtp) to indicate it's finished the SMTP DATA phase by sending CRLF+dot+CRLF. A malicious client could get the same behavior by just not sending that end-of-data indicator in any way rather than by sending it with bare LFs in place of CRLFs.

I'd suspect that opensmtpd already has handling for clients that never finish the SMTP DATA phase whether from malicious intent or error, just not on the time scale that the original reporter is wanting to wait.

Attachment: signature.asc
Description: PGP signature

Reply via email to