Care needed when combining Exim and Dovecot
From http://h-online.com/-1856664
Quote:
|
A commonly used method of coupling the Exim and Dovecot mail server programs results in a serious security hole that allows attackers to inject and execute code. Penetration testers at RedTeam Pentesting came across the issue when performing tests for customers and established that it is caused by an officially recommended, but problematic configuration.
|
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|