On Wed, Dec 20, 2023 at 09:12:47PM +0100, John D'Orazio via Postfix-devel wrote: > Please excuse me if this has been asked before, but I haven't found any > information in the archives or on the postfix github repo. I recently > encountered on a server of my own a case of SMTP smuggling. I was befuddled > by the fact that I received a message which appeared to be coming from my > own email address, even though from the headers I could see that the true > actor was sending from an IP address from another country. And yet the > email passed SPF and DKIM! > > I'm now seeing a lot of articles popping up on the web about SMTP > smuggling, and this seems to be exactly what happened in this case. > > See for example: > https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/ > I won't post all the links because a simple Google search will bring up > many results from one day ago or a few hours ago, it seems to be a hot > topic now. It seems that Exchange servers have fixed the vulnerability in > October 2023, from what I'm reading online. However some articles I have > read are saying that Postfix is vulnerable to these kinds of attacks. > > Does anyone have any information on how to mitigate these attacks? Is a > patch to Postfix feasible to protect against this vulnerability? Has a > patch already been put in place?
https://www.mail-archive.com/postfix-users@postfix.org/msg100858.html https://www.mail-archive.com/postfix-users@postfix.org/msg100901.html -- Herbert _______________________________________________ Postfix-devel mailing list -- postfix-devel@postfix.org To unsubscribe send an email to postfix-devel-le...@postfix.org
