The go-smtp package has released a new version, where strict CRLF check is performed to mitigate an zero-day attack against SMTP known as SMTP Smuggling. I think Maddy should probably update the dependency and (probably) release a new version with the updated dependency.
The
go-smtppackage has released a new version, where strict CRLF check is performed to mitigate an zero-day attack against SMTP known as SMTP Smuggling. I think Maddy should probably update the dependency and (probably) release a new version with the updated dependency.