If you're not using the newest (patched) version of Postfix smtpd, a short-term workaround for the SMTP Smuggling problem was announced today (2023-Dec-26) that "will stop many forms of the published attack" from succeeding:
Postfix :: SMTP Smuggling :: Short-term workarounds https://www.postfix.org/smtp-smuggling.html#short The long-term fix is also covered in the same document. At least this short-term fix can be helpful for those who are still using older versions of Postfix, and/or haven't applied the anti-SMTP-Smuggling security patches. Hopefully this will be helpful to mail systems administrators who need it and provide at least some relief over the holiday season. *** A special note of appreciation goes to the Postfix developers, and the entire team of people who work on Postfix and contribute to the project, for working on this over the holiday season -- your efforts are important and tremendously helpful. Thank you. *** -- Postmaster - postmas...@inter-corporate.com Randolf Richardson - rand...@inter-corporate.com Inter-Corporate Computer & Network Services, Inc. Vancouver, British Columbia, Canada https://www.inter-corporate.com/ _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop