Mirror sponsored by Four Dots
The Postfix Home Page
All programmers are optimists -- Frederick P. Brooks, Jr.
First of all, thank you for your interest in the Postfix project.
Postfix attempts to be fast, easy to administer, and secure. The outside has a definite Sendmail-ish flavor, but the inside is completely different.
A recent twitter post reveals the existence of an exploit for Postfix, in a collection of what appear to be NSA break-in tools.https://twitter.com/JulianAssange/status/850870683831648256
This is an exploit for Postfix 2.0 - 2.2, for a bug that was fixed 11 years ago in Postfix 2.2.11 and later.
There was a memory corruption bug in a Postfix workaround for a Sendmail bug (CERT advisory CA-2003-07, remote buffer overflow in Sendmail when message headers contain lots of comment text before or after an email address).
Technical details: the Postfix strip_address() function, which removes large comments from a mail header, called the printable() function on a string that wasn't null-terminated. This caused the printable() function to scribble past the end of malloc()ed memory, corrupting the memory heap.
Running the exploit against Postfix versions less than 11 years old results in odd-looking email messages in the super-user's mailbox, and warning messages in the maillog file (warning: stripping too many comments from address: <long character string>).
About this website
This website has information about the Postfix source code distribution. Built from source code, Postfix can run on UNIX-like systems including AIX, BSD, HP-UX, Linux, MacOS X, Solaris, and more.
Postfix is also distributed as ready-to-run code by operating system vendors, appliance vendors, and other providers. Their versions may have small differences with the software that is described on this website.