1. Home
  2. Knowledge Base
  3. Management
  4. SMTP Injection issue (crlf line termination)
  1. Home
  2. Knowledge Base
  3. Security
  4. SMTP Injection issue (crlf line termination)

SMTP Injection issue (crlf line termination)

Case VU#302671: SMTP Smuggling

This issue relates to "End of data sequence handling" or SMTP Injection.

Traditionally SMTP servers have been 'flexible' with line termination, however, it was recently (2024) discovered that this leads to a possible injection exploit whereby users could possibly send messages with forged content/origin by exploiting the fact that some servers will see the end of message and others wont.

To fix this problem UPGRADE TO 7.8

If a legacy client/fax system is sending LF characters, you need to whitelist them individually like this:

 g_lf_fix_list ""

Legacy devices that rely on this behaviour should be exceedingly rare, and should normally be patched rather than relying on this exception setting.

This is a relatively low level security risk (so don't panic) but do upgrade at your earliest convenience.

Other references: CVE-2023-51764 postfix, CVE-2023-51765 sendmail, CVE-2023-51766 exim

Was this article helpful?

Related Articles

Need Support?

Can't find the answer you're looking for?
Contact Support