Re: [mailop] SMTP smuggling

Hello everyone, On 19.12.23 13:31, Mark Alley via mailop wrote: Hey all, recently saw this mail server SMTP vulnerability that popped up on a blog yesterday. Sharing here for those interested. https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/

Re: [mailop] SMTP smuggling

On 03.01.2024 at 23:15 Brandon Long wrote:  Hmm, doesn't this also depend on improper handling of pipelining? You can't pipeline past DATA, https://datatracker.ietf.org/doc/html/rfc2920#section-3.1 I guess if the sender is sending line by line, maybe the server would only have up to the DATA