Block PUT, DELETE, CONNECT, OPTIONS, PATCH, and TRACE as well.
modified: Listener.pas
if (Length(Cmd) = 0) or (not ReadSucceeded) or UnexpectedFail then { Nothing. }
- else if (Cmd = 'GET') or (Cmd = 'HEAD') or (Cmd = 'POST') then begin
+ else if (Cmd = 'GET') or (Cmd = 'HEAD') or (Cmd = 'PUT') or (Cmd = 'POST')
+ or (Cmd = 'DELETE') or (Cmd = 'CONNECT') or (Cmd = 'OPTIONS')
+ or (Cmd = 'PATCH') or (Cmd = 'TRACE') then begin
SendAndLogResponse(SMTP_R_SERVICE_NA, 'Please learn to speak SMTP for I won''t speak HTTP. Stop abusing my service!');
UnexpectedFail:= true;
end
projects / mgsmtp.git / commitdiff