Default config: reject on too many bad RCPT

An example exploit failed against my system, because I had this sanity guard in place; it's not a real security fix since a careful attacker could find enough valid recipients to hit that problem, but it highlights that this is a useful enough pattern that we should encourage its wider use. (cherry picked from commit 2a636a39fff29b7c3da1798767a510dfed982a62) (cherry picked from commit 346f96bad326893f9c1fa772a5b8ac35b1f8f7bd)
author: Phil Pennock <phil+git@pennock-tech.com> 2020-10-29 22:14:45 -0400
committer: Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de> 2021-05-27 21:30:20 +0200
commit: 7411ebe05198d5365557b6c982b76ceb9e843894 (patch)
tree: f95119d6243cab7629c2db62a13adc6e5242d279 /doc
parent: 25cd313cfb1f29f179319daf81de63e989d442a7 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index c219275fc..d741e3532 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -256,6 +256,8 @@ HS/01 Enforce absolute PID file path name.
 
 HS/02 Handle SIGINT as we handle SIGTERM: terminate the Exim process.
 
+PP/01 Add a too-many-bad-recipients guard to the default config's RCPT ACL.
+
 
 Exim version 4.94
 -----------------
author	Phil Pennock <phil+git@pennock-tech.com>	2020-10-29 22:14:45 -0400
committer	Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de>	2021-05-27 21:30:20 +0200
commit	7411ebe05198d5365557b6c982b76ceb9e843894 (patch)
tree	f95119d6243cab7629c2db62a13adc6e5242d279 /doc
parent	25cd313cfb1f29f179319daf81de63e989d442a7 (diff)