On Fri, 2023-12-22 at 15:11 -0500, Wietse Venema via Postfix-users wrote: > [An on-line version of this announcement will be available at > https://www.postfix.org/announcements/postfix-3.5.23.html] > > Fixed with Postfix 3.5.23: > > * Security: this release adds support to defend > against an email spoofing attack (SMTP smuggling) on > recipients at a Postfix server. For background, see > https://www.postfix.org/smtp-smuggling.html. > > Sites concerned about SMTP smuggling attacks should enable this > feature on Internet-facing Postfix servers. For compatibility > with non-standard clients, Postfix by default excludes clients in > mynetworks from this countermeasure. > > The recommended settings are: > > # Optionally disconnect remote SMTP clients that send bare > newlines, > # but allow local clients with non-standard SMTP > implementations > # such as netcat, fax machines, or load balancer health > checks. > # > smtpd_forbid_bare_newline = yes > smtpd_forbid_bare_newline_exclusions = $mynetworks > > The smtpd_forbid_bare_newline feature is disabled by default. > > You can find the updated Postfix source code at the mirrors listed at > https://www.postfix.org/. >
Thanks Wietse and Scott(Debian maintainer), happy new year^^^ Sincerely, Byung-Hee -- ^고맙습니다 _布德天下_ 감사합니다_^))// _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
