@christo There is a an exploit … it’s hinted at in this discussion - to be exploited using a stand-alone script or an exploitation framework or a combination of those.
If you have problems to send to payload … use the ‘normal client’ a user would use. (Saying this as I did not get it to work typing SMTP commands … ).
What I found was that sometimes the payload indeed did not ‘explode’ though I always followed the same process… and sometimes the shell was very stable and came back to me for days. It helped to start over with the same method but using a different file name.