Am 01.01.2024 um 10:17:25 Uhr schrieb Randolf Richardson, Postmaster via mailop:
> > > On 28.12.2023 at 20:29 Marco Moock via mailop wrote: > > > > > > Am 28.12.2023 um 18:15:39 Uhr schrieb Tom Perrine via mailop: > > > > > >> Has anyone detected or seen any evidence of SMTP smuggling in the > > >> wild? > > >> > > >> I´m trying to get an independent read on how quickly the bad > > >> actors have (or haven´t) picked up on this, yet. > > > > > > According to the information I read, it affected some hosting > > > solutions at 1und1/IONOS, but that has been fixed. > > > > The vulnerability is not super critical, but it has been fixed only > > for a very small subset of affected systems. All kind of MTAs from > > Postfix to Sendmail, Exim and various proprietary systems are > > affected and the vulnerability generally remains unfixed until the > > administrators adjust the configuration of their system. I haven´t > > heard of any large scale exploitation in the past, but I imagine > > that spammers will include the technique in their toolset for the > > future. > > It is critical because it invovles the use of a system for > unauthorized purposes -- namely, sending spam, distributing viruses > and other malicious software, etc. Simply unauthenticated relaying. > This justifies classifying SMTP Smuggling as a "security" issue, > which I regard as critical. True, but it is limited to certain configurations and it is not a problem in all cases. > > To exploit the issue, an email message needs to traverse two MTAs > > that treat the EOM marker differently. The MTAs do not need to be > > in a special trust relationship or allowed to relay to each other. > > As I understand it, such techniques can be automated, which > means that spamware could be created that takes advantage of the SMTP > Smuggling exploit. That automation should be really, really easy. _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
