Wietse Venema via Postfix-users:
> Viktor Dukhovni via Postfix-users:
> [<LF>.<CR><LF> in BDAT payload]
> > > If my suspicion is correct, a dwnstream server may receive the
> > > normal and suggled content as two separate messages.
> >
> > I don't see why. It shouldn't matter how Microsoft's MTA ends up
> > with a message containing "<LF>.<CRLF>" or (<LF>.<LF>), so long as
> > they refuse to send the violating sequence to a non-BDAT peer. The
>
> But that is the problem. Even BDAT payloads MUST have <CR><LF> line
> endings, unless the client sends BINARYMIME content. Postfix does
> not announce BINARYMIME, and as of today's fix will hang up if
> <LF>.<CR><LF> or other malforms appear in BDAT payload.
It depends on how the receiving MTA processes the <LF>.<CR><LF>.
If the receiving MTA does not recognize the stray <LF> as a line
boundary, then such content can result in message smuggling when
the MTA forwards the message with the SMTP DATA command to an MTA
that does recognize the stray <LF> as a line boundary.
But that is not how today's fix works. The Postfix 3.9 SMTP server
declares a violation of RFC 5321 and hangs up. The plan is to let
this fix bake for a few days and then make it available in the
stable Postfix releases (3.5 .. 3.8).
Wietse
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
