diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6237ca0b..5b2d5333 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,8 +1,13 @@
 CHANGELOG
 =========
 
-In Development
---------------
+Version 67 (December 22, 2023)
+------------------------------
+
+* Guard against a newly published vulnerability called SMTP Smuggling. See https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/.
+
+Version 66 (December 17, 2023)
+------------------------------
 
 Version 66 (December 17, 2023)
 ------------------------------
diff --git a/setup/bootstrap.sh b/setup/bootstrap.sh
new file mode 100644
index 00000000..e69de29b
diff --git a/setup/mail-postfix.sh b/setup/mail-postfix.sh
index 6eaa8860..8cd15696 100755
--- a/setup/mail-postfix.sh
+++ b/setup/mail-postfix.sh
@@ -69,6 +69,11 @@ tools/editconf.py /etc/postfix/main.cf \
 	maximal_queue_lifetime=2d \
 	bounce_queue_lifetime=1d
 
+# Guard against SMTP smuggling
+# This short-term workaround is recommended at https://www.postfix.org/smtp-smuggling.html
+tools/editconf.py /etc/postfix/main.cf \
+	smtpd_data_restrictions=reject_unauth_pipelining
+
 # ### Outgoing Mail
 
 # Enable the 'submission' ports 465 and 587 and tweak their settings.