Am 01.01.2024 um 17:58:47 Uhr schrieb Gellner, Oliver via mailop: > To exploit the issue, an email message needs to traverse two MTAs > that treat the EOM marker differently. The MTAs do not need to be in > a special trust relationship or allowed to relay to each other.
Sorry for the second reply, but how does this work? Assumption: 2nd MTA doesn't allow MX to relay through it. If the MX ignores LF and a second intra-site MTA acknowledges it, it would reply with "Relying denied" if the recipient address of the second mail is not local (Cw) or is allowed to be relayed through that MTA in any other way (e.g. access db To:j...@example.org RELAY). Please explain me how unauthenticated relaying works here. I am aware that this creates a bounce an can be used for backscatter (without checking DKIM nor SPF because MX sees only one message). _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
