After reading about the current SMTP Smuggling issue, I was very curious, if qpsmtpd is also vulnerable.
So I tried to exploit this issue using smtpsmug.
Result:qpsmtpd correctly handled all my exploit probes and returns 421 See http://smtpd.develooper.com/barelf.html or 451 Incomplete DATA.
However there is one case that may have room for improvement:
qpsmtpd currently also accepts \n.\r\n as end-of-data command, instead of \r\n.\r\n as specified in the RFC.
After reading about the current SMTP Smuggling issue, I was very curious, if
qpsmtpd
is also vulnerable. So I tried to exploit this issue usingsmtpsmug
.Result:
qpsmtpd
correctly handled all my exploit probes and returns421 See http://smtpd.develooper.com/barelf.html
or451 Incomplete DATA
.However there is one case that may have room for improvement:
qpsmtpd
currently also accepts\n.\r\n
as end-of-data command, instead of\r\n.\r\n
as specified in the RFC.References: