After reading about the current SMTP Smuggling issue, I was very curious, if qpsmtpd is also vulnerable.
So I tried to exploit this issue using smtpsmug.
Result:qpsmtpd correctly handled all my exploit probes and returns 421 See http://smtpd.develooper.com/barelf.html or 451 Incomplete DATA.
However there is one case that may have room for improvement:
qpsmtpd currently also accepts \n.\r\n as end-of-data command, instead of \r\n.\r\n as specified in the RFC.
After reading about the current SMTP Smuggling issue, I was very curious, if
qpsmtpdis also vulnerable. So I tried to exploit this issue usingsmtpsmug.Result:
qpsmtpdcorrectly handled all my exploit probes and returns421 See http://smtpd.develooper.com/barelf.htmlor451 Incomplete DATA.However there is one case that may have room for improvement:
qpsmtpdcurrently also accepts\n.\r\nas end-of-data command, instead of\r\n.\r\nas specified in the RFC.References: