Introducing SMTP Smuggling: A novel technique for spoofing e-mails::undefined

  • nucleative@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    11 months ago

    Whoa, having been in IT since the dawn of time I’m impressed this relatively simple attack on smtp worked.

    Prepare for a humongous inrush of spam before servers patch this one.

    • cmeerw@programming.dev
      link
      fedilink
      English
      arrow-up
      3
      ·
      11 months ago

      Prepare for a humongous inrush of spam before servers patch this one.

      But it’s already patched by GMX and Microsoft.

      As far as I understand it, it doesn’t affect single mail servers, but only mail systems where you have separate inbound and outbound servers and the outbound servers trust the data they get from the inbound servers.

  • cmeerw@programming.dev
    link
    fedilink
    English
    arrow-up
    2
    ·
    11 months ago

    Not sure how many get the joke in “Figure 23: Typical Austrian reaction after receiving a spoofed e-mail”:

    OIDA

    😂