Am 28.12.2023 um 18:15:39 Uhr schrieb Tom Perrine via mailop: > Has anyone detected or seen any evidence of SMTP smuggling in the > wild? > > I’m trying to get an independent read on how quickly the bad actors > have (or haven’t) picked up on this, yet.
According to the information I read, it affected some hosting solutions at 1und1/IONOS, but that has been fixed. Although, it needs to have certain circumstances, so the sending server (for example a submission server for the customer) must accept it as one message and the receiving server (e.g. the outgoing relay) must interpret it as 2 messages and the 1. server need to be allowed to relay through the second one for the really bad attacks (unauthenticated relaying). _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
