this post was submitted on 18 Dec 2023
21 points (100.0% liked)

Security Operations

562 readers
1 users here now

A place for all things Cyber Security, from questions, rants, and stories, to the latest attacks, vulnerabilities, and zero days.

founded 2 years ago
MODERATORS
 

Introducing SMTP Smuggling: A novel technique for spoofing e-mails::undefined

top 3 comments
sorted by: hot top controversial new old
[–] [email protected] 3 points 1 year ago (1 children)

Whoa, having been in IT since the dawn of time I'm impressed this relatively simple attack on smtp worked.

Prepare for a humongous inrush of spam before servers patch this one.

[–] cmeerw 3 points 1 year ago

Prepare for a humongous inrush of spam before servers patch this one.

But it's already patched by GMX and Microsoft.

As far as I understand it, it doesn't affect single mail servers, but only mail systems where you have separate inbound and outbound servers and the outbound servers trust the data they get from the inbound servers.

[–] cmeerw 2 points 1 year ago

Not sure how many get the joke in "Figure 23: Typical Austrian reaction after receiving a spoofed e-mail":

OIDA

😂