Bugtraq mailing list archives
RE: Is predictable spam filtering a vulnerability?
From: "Hamlesh Motah" <admin () hamlesh com>
Date: Thu, 17 Jun 2004 09:26:31 +0100
Interesting insight that, in most cases I'd think B and C are likely to be on the same network, possibly protected by the same spam filtering, meaning that A's email wouldn't reach B. I know this isn't always the case, just my thoughts on it. The above would help reduce the probability of finding a scenario where this would work, that said securing against social engineering attacks is a tad challenging :) Again all of the above just my two cents. Kind regards. Hamlesh Motah. IT Consultant. tel: +44 (0)709 212 0732 fax: +44 (0)709 212 0732 ema: admin () hamlesh com web: www.hamlesh.com Hamlesh Consultants - IT Consultancy - Total Solutions Provider. The Information contained in this E-Mail and any subsequent correspondence is private and is intended solely for the intended recipient(s). For those other than the recipient any disclosure, copying, distribution, or any action taken or omitted to be taken in reliance on such information is prohibited and may be unlawful. : -----Original Message----- : From: R Armiento [mailto:rar_bt () armiento se] : Sent: 16 June 2004 11:26 : To: bugtraq () securityfocus com : Subject: Is predictable spam filtering a vulnerability? : : : : During a recent email conversation with several participants, : we discovered that the email service of one participant : silently dropped legitimate emails that happened to contain : certain combinations of words common in spam. I believe this : sort of filter is common practice, and in fact even in place : for some of my own email addresses. : : However, this experience made me think: isn't predictable : spam filtering in general a vulnerability that could be used : as a hoax device? Since most users reply to an email citing : the complete source email, including filter-offending words, : it should be possible to keep a reply, forward, or even a : whole thread, under the radar of specific recipients. If used : in combination with forged replies from addresses predictably : dropping emails, I think this may be a dangerous tool for : social engineering. : : For example: attacker 'A' sends 'B' a social engineering : request for "the secret plans" and says "if you are unsure, : forward my request to your boss and ask if this is okay". 'B' : forwards the email to his boss 'C' and asks "Is this okay?". : However, 'C':s spam filter silently drops the email. 'A' : forges a reply from 'C' saying: "Sure, no problem, go ahead." : : Regards, : R. Armiento :
Current thread:
- Is predictable spam filtering a vulnerability? R Armiento (Jun 16)
- Re: Is predictable spam filtering a vulnerability? Joel Eriksson (Jun 18)
- Re: Is predictable spam filtering a vulnerability? Jason Coombs (Jun 19)
- Re: Is predictable spam filtering a vulnerability? Bill Burge (Jun 19)
- Re: Is predictable spam filtering a vulnerability? Sean Straw / PSE (Jun 19)
- RE: Is predictable spam filtering a vulnerability? Aaron Cake (Jun 18)
- Re: Is predictable spam filtering a vulnerability? Chris Brown (Jun 21)
- RE: Is predictable spam filtering a vulnerability? Hamlesh Motah (Jun 18)
- Re: Is predictable spam filtering a vulnerability? David F. Skoll (Jun 18)
- Re: Is predictable spam filtering a vulnerability? Jon Fiedler (Jun 19)
- Re: Is predictable spam filtering a vulnerability? David F. Skoll (Jun 19)
- Re: Is predictable spam filtering a vulnerability? Kyle Wheeler (Jun 21)
- Re: Is predictable spam filtering a vulnerability? (silently dropping messages) Martin Mačok (Jun 22)
- Re: Is predictable spam filtering a vulnerability? (silently dropping messages) David F. Skoll (Jun 23)
- Re: Is predictable spam filtering a vulnerability? (silently dropping messages) der Mouse (Jun 24)
- Re: Is predictable spam filtering a vulnerability? (silently dropping messages) Valdis . Kletnieks (Jun 24)
- Re: Is predictable spam filtering a vulnerability? Jon Fiedler (Jun 19)
- Re: Is predictable spam filtering a vulnerability? Luca Berra (Jun 22)
- Re: Is predictable spam filtering a vulnerability? Sean Straw / PSE (Jun 24)
- Re: Is predictable spam filtering a vulnerability? Joel Eriksson (Jun 18)