Mailing List Archive

[Bug 3063] "SMTP Smuggling" attack

--- Comment #17 from Simon Arlott <> ---
This is already creating interoperability problems in conjunction with the
default strict line length limits, because a message body containing bare LFs
which get converted to spaces can make the lines longer:

"< znx> after a recent upgrade .. we have noted that newlines seem to be
getting stripped from a message body. still testing to determine exactly what
is going on. but the message is accepted (passing a linelength check) and then
rejected when it tries to router (failing a linelength check). messages which
don't fail the linelength check .. get through but have their newlines stripped
and replaced by spaces. content is HTML.
< jgh> I bet you're feeding bare CR's in
< znx> possibly, I think it is from Oracle directly, not sure how it handles
< znx> the newlines are in the message body"

This unexplained change should be reverted. As long as Exim understands the
message correctly it can normalise the line endings when storing it.

You are receiving this mail because:
You are on the CC list for the bug.

## subscription configuration (requires account):
## unsubscribe (doesn't require an account):
## Exim details at
## Please use the Wiki with this list -