diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2024-09-08 02:21:26 +0200 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2024-09-08 02:24:27 +0200 |
| commit | eeef279d8f4d3b7ddff5eae47e609c4e138140ce (patch) | |
| tree | a49458c345f1b28c5058f06b28d1731eb517453e /roles/MSA | |
| parent | 4977d7c1d80ac0caf94914fbf9be8471d056c906 (diff) | |
MSA: Set smtpd_forbid_bare_newline to defeat SMTP smuggling attacks.
Diffstat (limited to 'roles/MSA')
| -rw-r--r-- | roles/MSA/templates/etc/postfix/main.cf.j2 | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/roles/MSA/templates/etc/postfix/main.cf.j2 b/roles/MSA/templates/etc/postfix/main.cf.j2 index bc98d9e..6a544ac 100644 --- a/roles/MSA/templates/etc/postfix/main.cf.j2 +++ b/roles/MSA/templates/etc/postfix/main.cf.j2 @@ -121,4 +121,7 @@ smtpd_relay_restrictions = smtpd_data_restrictions = reject_unauth_pipelining +smtpd_forbid_bare_newline = normalize +smtpd_forbid_bare_newline_exclusions = $mynetworks + # vim: set filetype=pfmain : |