a.x61.sh

Attack against postfix allows sending of spoofed mail (www.postfix.org)
from johnassel@discuss.tchncs.de to cybersecurity@infosec.pub on 24 Dec 2023 21:58
https://discuss.tchncs.de/post/8262753

FYI: Postfix has currently an unpatched vulnerability which allows sending of spoofed mail: www.postfix.org/smtp-smuggling.html

A fix is currently not available but to have peaceful holidays one should have these lines in the configuration as a workaround:

main.cf:
    smtpd_data_restrictions = reject_unauth_pipelining
    smtpd_discard_ehlo_keywords = chunking

#cybersecurity

threaded - newest

azron@lemmy.ml on 25 Dec 2023 00:16 collapse

The “smuggled” SMTP MAIL/RCPT/DATA commands and header plus body text can be used to spoof an email message from any MAIL FROM address whose domain is hosted at email service A, to any RCPT TO address whose domain is hosted at email service B.

If I understand this correctly someone can use Microsoft/other commercial services to email a domain running postfix and make it comes from anyone on the initial service to anyone on the postfix domain. Nice. Good for targeted attacks and probably not bad to get some spam out.

Merry Christmas postfix.

Mailcow tracking bug, they claim the fix in the parent may cause the blocking of legimate traffic from incorrectly implemented smtp servers.