eric/mailpit
1
0
Fork 0
mirror of https://github.com/axllent/mailpit.git synced 2026-06-28 06:56:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Security: Set a default 50MB p/m limit to prevent DoS via unlimited SMTP DATA and /api/v1/send body sizes (GHSA-fpxj-m5q8-fphw)

Browse Source 
This is a configurable limit (in MB's) which can optionally be disabled by setting it to 0.
This commit is contained in:
Ralph Slooten
2026-05-12 17:22:00 +12:00
parent 499a543963
commit 136bdde953
5 changed files with 73 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
internal/smtpd/main.go
View File

@@ -247,6 +247,10 @@ func listenAndServe(addr string, handler MsgIDHandler, authHandler AuthHandler)
},
}
if config.MaxMessageSize > 0 {
srv.MaxSize = config.MaxMessageSize * 1024 * 1024
}
if config.Label != "" {
srv.AppName = fmt.Sprintf("Mailpit (%s)", config.Label)
}