Bug#699591: exim4 upload to stable (dovecot stability / and optionally spf quoting)
Andreas Metzler
ametzler at bebt.de
Sun Jul 13 12:00:40 UTC 2014
On 2014-07-08 "Adam D. Barratt" <adam at adam-barratt.org.uk> wrote:
> On Sun, 2013-02-24 at 14:58 +0100, Andreas Metzler wrote:
>> On 2013-02-17 "Adam D. Barratt" <adam at adam-barratt.org.uk> wrote:
[...]
>> I have just setup a test system in my squeeze chroot, using dovecot
>> with passdb passwd-file as authentication source. It worked for me. I
>> have tried AUTH PLAIN, CRAM-MD5 and DIGEST-MD5.
>> However I do not know whether any systematic testing was done.
>>>> On top of this I would like to discuss whether it is acceptable to fix
>>>> http://bugs.debian.org/697057 in stable, too. [ I definitily want o
>>>> get the fix into testing - #697444.] The Debian configuration
>>>> optionally allows to use spfquery to run SPF-checks on incoming mail.
>>>> Due to insufficient quoting it is possible to pass on arbitrary
>>>> arguments to spfquery and therefore bypass SPF checks. The fix is not
>>>> invasive, but it changes dpkg conffiles.
> We're now within a few days of closing uploads for the final point
> release of squeeze. Is this still something you'd like to fix there?
Yes, I would still like to upload this.
cu Andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
More information about the Pkg-exim4-maintainers
mailing list