Or rather
filter exploit_check phase mail-from match mail-from regex { '.*\;.*\;.*’ }
disconnect "550 no exploiting, kthx”
to be more specific on the semicolons as delimiter of the command?
(sorry, as I said. regex is my nemesis :))
Best regards
Andreas
> On 29. Jan 2020, at 12:19, Andreas Broecking <[email protected]> wrote:
>
> Hi all,
>
> first of all, thanks Gilles for the heads-up and a fix on short notice.
>
> For people like me who relay on the portable version and for systems which
> relay on built packages as they lack the local development tools, a filter
> should help to mitigate the problem until a package could be built on another
> system.
>
> Shouldn’t something like
>
> filter exploit_check phase mail-from match mail-from regex { '<*\;*' } \
> disconnect "550 no exploiting, kthx”
>
> listen on $interface filter exploit_check
>
> sufficiently mitigate the problem?
> I am not fluent in regex’ing so maybe I am missing an edge case. It does
> prevent the example exploit and any others I’ve seen in the last hours.
>
> Best regards
> Andreas
