[原文]Clearswift MAILsweeper for SMTP before 4.3.20 and MAILsweeper for Exchange before 4.3.20 allows remote attackers to cause a denial of service via (1) non-ASCII characters in a reverse DNS lookup result from a Received header, which leads to a Receiver service stop, and (2) unspecified vectors involving malformed messages, which causes "unpredictable behavior" that prevents the Security service from processing more messages.
MAILsweeper for SMTP/Exchange Malformed Reverse DNS Data DoS
Remote / Network Access
Denial of Service
Loss of Availability
MAILsweeper for SMTP/Exchange contains a flaw that may allow a remote denial of service. The issue is triggered when handling reverse DNS lookups when the 'Received' header in a message includes non-ASCII characters, and will result in loss of availability for the service.
Upgrade to version 4.3.20 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.