Rspamd 4.1.0: Security Fixes, a Reworked MX Check, and a Breaking Symbol Rename
Rspamd 4.1.0 dropped on June 5 — a major release tagged “recommended upgrade for all users” by the development team. There’s enough in it that’s immediately relevant to anyone running a mail server to warrant reading the changelog before blindly upgrading. The security fixes This release addresses several memory-safety issues that can be triggered by crafted incoming mail. S/MIME DoS via recursive PKCS7: A deeply nested application/pkcs7-mime message re-entered the parser without incrementing the nesting counter. In practice this means a malicious sender could craft a message that exhausts your rspamd worker’s stack. The fix gates S/MIME re-entry against the existing max_nested limit. ...