From mboxrd@z Thu Jan  1 00:00:00 1970
From: Adolf Belka <adolf.belka@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] postfix: Update to version 3.8.4 + prevent smtp smuggling
Date: Tue, 26 Dec 2023 14:10:34 +0100
Message-ID: <20231226131036.3260423-3-adolf.belka@ipfire.org>
In-Reply-To: <20231226131036.3260423-1-adolf.belka@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============2182629495604922943=="
List-Id: <development.lists.ipfire.org>

--===============2182629495604922943==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

- Update from version 3.8.3 to 3.8.4
- Update of rootfile not required
- Permanent fix for smtp smuggling will be in version 3.9. However the fix ha=
s been
   backported into version 3.8.4 but with the default for the parameter of "n=
o".
- This patch sets the defaults for all the main.cf parameters highlighted by =
Wietse
   Venema in http://www.postfix.org/smtp-smuggling.html
- Additionally the implementation of smtpd_forbid_bare_newline =3D yes has be=
en added to
   the install.sh pak for postfix so that it will be included into any main.c=
f file being
   restored from backup. This parameter is available for the first time in 3.=
8.4 so will
   not be in any backup prior to this release and can therefore be safely app=
lied to
   restored versions of main.cf.
- This fix in install.sh will be able to be removed when version 3.9 is relea=
sed early
   in 2024 as the default for that parameter in that version onwards will the=
n be "yes"
- Changelog
    3.8.4
	Security: with "smtpd_forbid_bare_newline =3D yes" (default
	 "no" for Postfix < 3.9), reply with "Error: bare <LF>
	 received" and disconnect when an SMTP client sends a line
	 ending in <LF>, violating the RFC 5321 requirement that
	 lines must end in <CR><LF>. This prevents SMTP smuggling
	 attacks that target a recipient at a Postfix server. For
	 backwards compatibility, local clients are excluded by
	 default with "smtpd_forbid_bare_newline_exclusions =3D
	 $mynetworks". Files: mantools/postlink, proto/postconf.proto,
	 global/mail_params.h, global/smtp_stream.c, global/smtp_stream.h,
	 smtpd/smtpd.c.

Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
 lfs/postfix                 | 15 +++++++++++----
 src/paks/postfix/install.sh |  5 +++++
 2 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/lfs/postfix b/lfs/postfix
index aab683f4c..7f2625a4e 100644
--- a/lfs/postfix
+++ b/lfs/postfix
@@ -26,7 +26,7 @@ include Config
=20
 SUMMARY    =3D A fast, secure, and flexible mailer
=20
-VER        =3D 3.8.3
+VER        =3D 3.8.4
=20
 THISAPP    =3D postfix-$(VER)
 DL_FILE    =3D $(THISAPP).tar.gz
@@ -34,7 +34,7 @@ DL_FROM    =3D $(URL_IPFIRE)
 DIR_APP    =3D $(DIR_SRC)/$(THISAPP)
 TARGET     =3D $(DIR_INFO)/$(THISAPP)
 PROG       =3D postfix
-PAK_VER    =3D 43
+PAK_VER    =3D 44
=20
 DEPS       =3D
=20
@@ -70,7 +70,7 @@ objects =3D $(DL_FILE)
=20
 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE)
=20
-$(DL_FILE)_BLAKE2 =3D a656606c2a46671548cb954a65d769ba5bf68a5c8f0ccdc0e753b0=
3386956eef3e264b696a306c586f1df1b06fb173e5f3db74c6a9e4d3686c86b8f53be585ed
+$(DL_FILE)_BLAKE2 =3D 200ce3d72444da05e42fc8627002d53d68c1b3d78b7f74b0130ac9=
58c23d16454783ef4849a8c9a4e3cba8ae36646e921f7e94ac4fb819b597e1a5ab1a875272
=20
 install : $(TARGET)
=20
@@ -110,13 +110,20 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	cd $(DIR_APP) && sh postfix-install -non-interactive
 	## Install configuration
 	rm -vf /etc/postfix/main.cf.default
+=09
+	# update main.cf parameters to prevent smtp smuggling attack
+	postconf -e 'smtpd_forbid_bare_newline =3D yes'
+	postconf -e 'smtpd_forbid_unauth_pipelining =3D yes'
+	postconf -e 'smtpd_data_restrictions =3D reject_unauth_pipelining'
+	postconf -e 'smtpd_discard_ehlo_keywords =3D chunking'
+=09
 	mkdir -p /var/lib/postfix
 	chown postfix.root /var/lib/postfix
=20
 	install -v -m 644 $(DIR_SRC)/config/backup/includes/postfix \
 			 /var/ipfire/backup/addons/includes/postfix
 	mv /usr/sbin/sendmail /usr/sbin/sendmail.postfix
-
+=09
 	#install initscripts
 	$(call INSTALL_INITSCRIPTS,$(SERVICES))
=20
diff --git a/src/paks/postfix/install.sh b/src/paks/postfix/install.sh
index 1629d21c1..2e04e74a8 100644
--- a/src/paks/postfix/install.sh
+++ b/src/paks/postfix/install.sh
@@ -24,6 +24,11 @@
 . /opt/pakfire/lib/functions.sh
 extract_files
 restore_backup ${NAME}
+
+# change main.cf parameter from default value to prevent smtp smuggling atta=
ck
+# will not be required once postfix-3.9.x is released as default will then b=
e yes
+postconf -e 'smtpd_forbid_bare_newline =3D yes'
+
 postalias /etc/aliases
 # Set postfix's hostname
 postconf -e "myhostname=3D$(hostname -f)"
--=20
2.43.0


--===============2182629495604922943==--