<http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-1251> sa-exim 4.2.1 fixes Configuration as packaged in Extras doesn't appear to be vulnerable?
Correct.