On 17 October 2011 12:10, Tom Pawlowski wrote:
> Take a look at:
>
> http://hg.dovecot.org/dovecot-2.0/file/962df5d9413a/src/auth/auth-request.c
>
> on line 536. That's the auth service catching illegal characters and
> rejecting the attempt. It'll happen with or without a valid user. So,
> workin
Take a look at:
http://hg.dovecot.org/dovecot-2.0/file/962df5d9413a/src/auth/auth-request.c
on line 536. That's the auth service catching illegal characters and
rejecting the attempt. It'll happen with or without a valid user. So,
working as it should.
As for spammers trying to brute force val
Am 17.10.2011 17:51, schrieb Simon Brereton:
> On 17 October 2011 11:31, Robert Schetterer wrote:
>> Am 17.10.2011 17:16, schrieb Simon Brereton:
>>> Hi
>>>
>>> This is a new one on me - I've never seen spammers attempt to use to SASL
>>> Auth to inject spam. None of the users they are trying (n
On 17 October 2011 11:31, Robert Schetterer wrote:
> Am 17.10.2011 17:16, schrieb Simon Brereton:
>> Hi
>>
>> This is a new one on me - I've never seen spammers attempt to use to SASL
>> Auth to inject spam. None of the users they are trying (newsletter, dummy,
>> test, etc.) exist, but what wo
Am 17.10.2011 17:16, schrieb Simon Brereton:
> Hi
>
> This is a new one on me - I've never seen spammers attempt to use to SASL
> Auth to inject spam. None of the users they are trying (newsletter, dummy,
> test, etc.) exist, but what worries me is the illegal chars error - is this a
> known v
Hi
This is a new one on me - I've never seen spammers attempt to use to SASL Auth
to inject spam. None of the users they are trying (newsletter, dummy, test,
etc.) exist, but what worries me is the illegal chars error - is this a known
vulnerability in dovecot they are trying to exploit? I'm
