Exim 4.98 Patches Over 30 Bugs, Bolsters Email Server Security

The just-released Exim 4.98 MTA addresses critical SMTP vulnerabilities and includes crucial updates for DKIM handling and SMTP security.

Exim, the widely used mail transfer agent, has just rolled out a new 4.98 version, addressing a range of bugs and introducing new features to bolster the software’s robustness and efficiency.

One of the key aspects of this release is its focus on security, particularly the prevention of SMTP smuggling attacks—an exploit that attackers can use to insert malicious commands into email content.

Considering this, Exim’s developers have responded by refusing to accept certain problematic inputs unless the server operates in a specific mode, which mitigates potential attack vectors.

Moreover, numerous functional bugs have been addressed to ensure smoother operation and better error handling. These fixes cover many issues, from DNS handling errors, such as TLSA lookups, to more nuanced problems, like handling IPv6 addresses in various functions.

Exim 4.98 also improves the handling of DKIM by supporting a list of results in the dkim_status ACL condition, making it more usable. This is crucial for ensuring recipient servers do not incorrectly mark emails as spam or phishing attempts.

Furthermore, error handling has received a lot of attention. For instance, Exim now responds with a temporary rejection and wipes spool files if an error occurs when closing a spool data file during reception—a change from the previous behavior where errors were only logged but not acted upon.

Transport Layer Security (TLS) resumption has also been fixed for scenarios involving TLS-on-connect setups. This corrects previous issues where load balancer detection mechanisms hindered TLS resumption. Instead, TLS resumption will always be attempted unless explicitly overridden, enhancing the security and performance of secure email transmissions.

But there is more. Changes have been made to improve the delivery process and event logging on the operational front. This includes adjustments to how delivery errors and SMTP transaction logs are handled, ensuring administrators have clearer insights into the system’s performance and issues.

Lastly, Exim 4.98 includes a crucial fix for a memory allocation issue with the PCRE2 library, which previously led to crashes under certain conditions due to memory over-allocation.

For more information about all the changes in the new version, refer to the full changelog or visit the project’s website.

Bobby Borisov

Bobby Borisov

Bobby, an editor-in-chief at Linuxiac, is a Linux professional with over 20 years of experience. With a strong focus on Linux and open-source software, he has worked as a Senior Linux System Administrator, Software Developer, and DevOps Engineer for small and large multinational companies.

Think You're an Ubuntu Expert? Let's Find Out!

Put your knowledge to the test in our lightning-fast Ubuntu quiz!
Ten questions to challenge yourself to see if you're a Linux legend or just a penguin in the making.

1 / 10

Ubuntu is an ancient African word that means:

2 / 10

Who is the Ubuntu's founder?

3 / 10

What year was the first official Ubuntu release?

4 / 10

What does the Ubuntu logo symbolize?

5 / 10

What package format does Ubuntu use for installing software?

6 / 10

When are Ubuntu's LTS versions released?

7 / 10

What is Unity?

8 / 10

What are Ubuntu versions named after?

9 / 10

What's Ubuntu Core?

10 / 10

Which Ubuntu version is Snap introduced?

The average score is 68%