SMTP Smuggling - Spoofing E-Mails Worldwide
r.sec-consult.com
Introducing a novel technique for e-mail spoofing

Introducing SMTP Smuggling: A novel technique for spoofing e-mails::undefined

  • nucleative@lemmy.worldEnglish
    3·
    11 months ago

    Whoa, having been in IT since the dawn of time I’m impressed this relatively simple attack on smtp worked.

    Prepare for a humongous inrush of spam before servers patch this one.

    • cmeerw@programming.devEnglish
      3·
      11 months ago

      Prepare for a humongous inrush of spam before servers patch this one.

      But it’s already patched by GMX and Microsoft.

      As far as I understand it, it doesn’t affect single mail servers, but only mail systems where you have separate inbound and outbound servers and the outbound servers trust the data they get from the inbound servers.

  • cmeerw@programming.devEnglish
    2·
    11 months ago

    Not sure how many get the joke in “Figure 23: Typical Austrian reaction after receiving a spoofed e-mail”:

    OIDA

    😂