posted by Rianne Schestowitz on Jul 11, 2024



Quoting: Exim 4.98 Patches Over 30 Bugs, Bolsters Email Server Security —

Exim, the widely used mail transfer agent, has just rolled out a new 4.98 version, addressing a range of bugs and introducing new features to bolster the software’s robustness and efficiency.

One of the key aspects of this release is its focus on security, particularly the prevention of SMTP smuggling attacks—an exploit that attackers can use to insert malicious commands into email content.

Considering this, Exim’s developers have responded by refusing to accept certain problematic inputs unless the server operates in a specific mode, which mitigates potential attack vectors.

Moreover, numerous functional bugs have been addressed to ensure smoother operation and better error handling. These fixes cover many issues, from DNS handling errors, such as TLSA lookups, to more nuanced problems, like handling IPv6 addresses in various functions.