[exim] Re: SMTP smuggling and Exim

Top Pagina
Delete this message
Reply to this message
Auteur: Cyborg
Datum:  
Aan: exim-users
Onderwerp: [exim] Re: SMTP smuggling and Exim
Am 22.12.23 um 11:37 schrieb Bjoern Franke via Exim-users:
> Hi,
>
> I didn't see anything in the archives regarding this:
>
> https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/
>
>


Ok, i have issues seeing this as an "attack" at all, as you just can use
the "evil" FROM as the first one and  just send one mail.

This could only be an issue, if the receiver trusts the senders
mailserver to have trusted/verified senderadresses in the first place.


BTW:

Is there any exim build-in way to overwrite the mail_header_from after
the sender has used "." and the moment the email gets transported other
than a filter?

Best regards,
Marius

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/