Geert Hendrickx via Postfix-users:
> On Thu, Dec 21, 2023 at 07:51:31 -0500, Wietse Venema via Postfix-users wrote:
> > * With all Postfix versions, "smtpd_data_restrictions =
> > reject_unauth_pipelining" will stop the published exploit.
>
>
> Hi
>
> I just found an unexpected side effect of this particular configuration
> (unrelated to SMTP smuggling).
>
> We have a mail relay that has DISCARD rules for specific clients, senders
> and recipients. When a discard rule is triggered in smtpd_*_restrictions
> before DATA, smtpd_data_restrictions is not evaluated, so those senders
> are "allowed" to pipeline. Or stated differently: one can now detect a
> DISCARD rule via unauthorized pipelining, it is no longer 100% equivalent
> to an "OK" from an outside POV.
>
> The same goes for eg. recipient validation when a sender triggers DISCARD.
>
> I'm not sure this really matters, just sharing an observation from testing
> the reject_unauth_pipelining restriction (on a Postfix 3.5.9 from RHEL 9
> that doesn't have the smtpd_forbid_unauth_pipelining feature yet).
I suppose that is why one is called a temporary fix (which addresses
many cases but not necessarily all) and a permanent fix (which roots
out the problem).
Wietse
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
