diff options
| author | Luke Smith <luke@lukesmith.xyz> | 2024-02-10 19:04:23 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-02-10 19:04:23 +0000 |
| commit | 48383e082937d05461850886c4eafe9852d27431 (patch) | |
| tree | bdf3afd4a656522d726961292c9505b5bd486362 | |
| parent | 42993e8ba80bc4b067a086b8b741cf511d806175 (diff) | |
| parent | 1d3d7e7ba954b702aff79886d4286d0130723ab0 (diff) | |
Merge pull request #305 from aartoni/master
Short-term workaround to prevent SMTP smuggling
| -rw-r--r-- | emailwiz.sh | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/emailwiz.sh b/emailwiz.sh index b525e59..0fd800e 100644 --- a/emailwiz.sh +++ b/emailwiz.sh @@ -314,6 +314,10 @@ postconf -e 'smtpd_milters = inet:localhost:12301' postconf -e 'non_smtpd_milters = inet:localhost:12301' postconf -e 'mailbox_command = /usr/lib/dovecot/deliver' +# Long-term fix to prevent SMTP smuggling +postconf -e 'smtpd_forbid_bare_newline = normalize' +postconf -e 'smtpd_forbid_bare_newline_exclusions = $mynetworks' + # A fix for "Opendkim won't start: can't open PID file?", as specified here: https://serverfault.com/a/847442 /lib/opendkim/opendkim.service.generate systemctl daemon-reload |