1. Forum
  2. Usenet
  3. COMP.MAIL.SENDMAIL

  • SMTP smuggling with NUL char - m4 option to reject them

    From Marco Moock@21:1/5 to All on Sat May 4 15:00:13 2024
    Hello!

    There has been discussion about SMTP smuggling via NUL characters. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070190

    It seems that sendmail includes an FFR option to reject such mails, but
    no m4 option yet.

    Is such a thing planned in near future?

    --
    kind regards
    Marco

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Claus =?iso-8859-1?Q?A=DFmann?= @21:1/5 to Marco Moock on Sat May 4 12:25:02 2024
    Marco Moock wrote:

    It seems that sendmail includes an FFR option to reject such mails, but
    no m4 option yet.

    What's the problem?

    LOCAL_CONFIG
    O RejectNUL=true


    --
    Note: please read the netiquette before posting. I will almost never
    reply to top-postings which include a full copy of the previous
    article(s) at the end because it's annoying, shows that the poster
    is too lazy to trim his article, and it's wasting the time of all readers.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Marco Moock@21:1/5 to All on Fri May 17 14:23:27 2024
    On 17.05.2024 um 11:19 Uhr Stacey Marshall wrote:

    cf/README does mention it, but it looks so different to most of
    the other settings in sendmail.mc.

    The .mc file is being processed by the macro processor m4.
    To make configuration easy, most mc config lines are m4 commands.

    The real configuration then resides in the .cf files and doesn't use m4 commands, so looks different. :-)
    The m4 command will result in the cf configuration lines after
    processing.

    For rejecting the NUL char, no m4 config exists in the current version.
    That's why I asked because it is also an FFR compile time option that
    might change, be removed or is simply not intended to be used in
    productive systems.

    --
    kind regards
    Marco

    Send spam to 1715937569muell@cartoonies.org

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)