Technical Incursion Countermeasures writes:
> basically find two sites whose FW is conf'd to accept all mail and forward
> it to the real mailserver. If this mailserver bounces invalid addresses
> then you're on your way...
>
> spoof a mail from an invalid address on one end to an invalid address on
> the other. and sit back..
Sit back and watch absolutely nothing happen, unless both mailers are
misconfigured. Even the venerable RFC821
(http://www.faqs.org/rfcs/std/std10.html) notes that:
Of course, server-SMTPs should not send notification
messages about problems with notification messages.
> the first site will accept the mail (this is the fault - it should reject
> if it is to comply with the IETF standard)
This cannot be the fault -- otherwise any pair of SMTP servers who
happen to send mail to each other by way of a relay (an ordinary MX
relay) would be vulnerable to such a spoofing attack.
Best,
daniel dulitz
