Merge pull request #305 from aartoni/master

Short-term workaround to prevent SMTP smuggling
author: Luke Smith <luke@lukesmith.xyz> 2024-02-10 19:04:23 +0000
committer: GitHub <noreply@github.com> 2024-02-10 19:04:23 +0000
commit: 48383e082937d05461850886c4eafe9852d27431 (patch)
tree: bdf3afd4a656522d726961292c9505b5bd486362 /emailwiz.sh
parent: 42993e8ba80bc4b067a086b8b741cf511d806175 (diff)
parent: 1d3d7e7ba954b702aff79886d4286d0130723ab0 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/emailwiz.sh b/emailwiz.sh
index b525e59..0fd800e 100644
--- a/emailwiz.sh
+++ b/emailwiz.sh
@@ -314,6 +314,10 @@ postconf -e 'smtpd_milters = inet:localhost:12301'
 postconf -e 'non_smtpd_milters = inet:localhost:12301'
 postconf -e 'mailbox_command = /usr/lib/dovecot/deliver'
 
+# Long-term fix to prevent SMTP smuggling
+postconf -e 'smtpd_forbid_bare_newline = normalize'
+postconf -e 'smtpd_forbid_bare_newline_exclusions = $mynetworks'
+
 # A fix for "Opendkim won't start: can't open PID file?", as specified here: https://serverfault.com/a/847442
 /lib/opendkim/opendkim.service.generate
 systemctl daemon-reload
author	Luke Smith <luke@lukesmith.xyz>	2024-02-10 19:04:23 +0000
committer	GitHub <noreply@github.com>	2024-02-10 19:04:23 +0000
commit	48383e082937d05461850886c4eafe9852d27431 (patch)
tree	bdf3afd4a656522d726961292c9505b5bd486362 /emailwiz.sh
parent	42993e8ba80bc4b067a086b8b741cf511d806175 (diff)
parent	1d3d7e7ba954b702aff79886d4286d0130723ab0 (diff)