X-Git-Url: https://git.exim.org/exim-website.git/blobdiff_plain/23ffb224862d37e6fa8dd8e192120efaa35e5a98..8985012787adcd5c6c57f2cc19bc66da78ed8610:/templates/static/doc/security/CVE-2019-15846.txt diff --git a/templates/static/doc/security/CVE-2019-15846.txt b/templates/static/doc/security/CVE-2019-15846.txt index 3a78aa5..aabdf1d 100644 --- a/templates/static/doc/security/CVE-2019-15846.txt +++ b/templates/static/doc/security/CVE-2019-15846.txt @@ -27,6 +27,11 @@ Mitigation Do not offer TLS. (This mitigation is not recommended.) +For a attacking SNI the following ACL snippet should work: + + # to be prepended to your mail acl (acl_smtp_mail) + deny condition = ${if eq{\\}{${substr{-1}{1}{$tls_in_sni}}}} + Fix ===