[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Re: Strange from address

To: full-disclosure@lists.netsys.com
Subject: [Full-Disclosure] Re: Strange from address
From: "Akos Szalkai" <szalkai@2fkft.com>
Date: Fri, 10 Oct 2003 14:27:03 +0200

Hi James,

> If you insert the following string into the mail from: field #@[] it
> appears to by pass the mx check and replys ok.

if you read the qmail manpages (addresses(5) specifically), you can see
that this a qmail extension: this is the envelope sender of a double
bounce.

What I fail to see however, is that how it can be a security problem.
It is not very difficult to generate envelope senders that pass your mx
check anyway.

Regards,
Akos

-- 
Akos Szalkai <szalkai@2f.hu>
IT Consultant, CISA
2F 2000 Szamitastechnikai es Szolgaltato Kft.
Tel: (+36-1)-4887700  Fax: (+36-1)-4887709  WWW: http://www.2f.hu/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: [Full-Disclosure] Opera/Netscape/Mozilla: Floppy access from untrusted java applet
Next by Date: [Full-Disclosure] "Mirror" attacks on windows clients
Previous by thread: [Full-Disclosure] Opera/Netscape/Mozilla: Floppy access from untrusted java applet
Next by thread: [Full-Disclosure] "Mirror" attacks on windows clients
Index(es):
- Date
- Thread