## page was copied from DnsTemplate
##master-page:HelpTemplate

<<Navigation(children,1)>>

<<TableOfContents()>>
https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/

[[/translation]]

== whois ==
{{{
SMTP smuggling in theory
Figure 8: SMTP smuggling in theory

Now tell me, what happens if outbound and inbound SMTP servers interpret the end-of-data sequence
 (<CR><LF>.<CR><LF>) differently? 

Exactly, SMTP smuggling! 
}}}

== history ==
{{{
- Enter mail, end with "." on a line by itself 

Why would that be more promising, though? 
Well, different operating systems have a different understanding of "a line by itself". A "." on a line by itself on Windows would be separated via two carriage return line feeds (<CR><LF>.<CR><LF> or \r\n.\r\n), while a "." on a line by itself on Linux would be separated with two line feeds (<LF>.<LF> or \n.\n). 
}}}


== smuggling ==
{{{
But wait, if other domains also use the outbound SMTP server of GMX to send e-mails, can't we spoof them as well? Let's see! By analyzing the SPF record of web.de, we can see that the outbound SMTP IP address of GMX 212.227.15.15 is included as well! 
}}}

SPF 同居の脆弱性ということか。
----
CategoryDns CategoryWatch CategoryTemplate