mirror of
https://blitiri.com.ar/repos/chasquid
synced 2025-12-16 14:27:01 +00:00
smtpsrv: Reject HTTP commands
To help with defense-in-depth on cross-protocol attacks (e.g. https://alpaca-attack.com/), this patch makes chasquid reject HTTP commands.
This commit is contained in:
Alberto Bertogli
@@ -66,6 +66,8 @@ List of exported variables:
|
||||
count of SPF checks, by result.
|
||||
- **chasquid/smtpIn/tlsCount** (tls status -> counter)
|
||||
count of TLS statuses (plain/tls) for incoming SMTP connections.
|
||||
- **chasquid/smtpIn/wrongProtoCount** (command -> counter)
|
||||
count of commands for other protocols (e.g. HTTP commands).
|
||||
- **chasquid/smtpOut/securityLevelChecks** (result -> counter)
|
||||
count of security level checks on outgoing connections, by result.
|
||||
- **chasquid/smtpOut/sts/mode** (mode -> counter)
|
||||
|
||||
Reference in New Issue
Block a user