CVE-2003-0540

Name of the Vulnerable Software and Affected Versions: Postfix versions 1.1.12 and earlier

Description: The issue allows remote attackers to cause a denial of service (lock) via a malformed envelope address or a valid MAIL FROM with a RCPT TO containing a ".!" string. This can cause either the nqmgr to lock up when generating a bounce or an instance of the SMTP listener to lock up.

Recommendations: For Postfix versions 1.1.12 and earlier, consider updating to a newer version to resolve the issue. As a temporary workaround, restrict the use of the ".!" string in the MAIL FROM or Errors-To headers and RCPT TO to minimize the risk of exploitation.