oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: spoofing of local email sender via a homoglyph attack

From: Jeremy Stanley <fungi () yuggoth org>
Date: Thu, 23 Apr 2020 19:10:32 +0000
On 2020-04-23 20:12:34 +0200 (+0200), Solar Designer wrote:
[...]

What you reported originally, where you bypass something that just
happens that way in some configurations and wasn't meant to
provide any security against sender address spoofing, looks like
even less of an issue to me.

[...]

Indeed, if the local attacker is already capable of opening a socket
to the MTA, then it seems like it would be even easier instead to
just open an outbound socket to the target's MTA directly from that
server and bypass the restrictions applied by the local relaying MTA
entirely (unless the local MTA process has privileged access to
something like a DKIM key or durable TLS client key which the
attacker can't access due to filesystem ACLs). Then they wouldn't
need to lean on lack of homoglyph differentiation at the recipient's
end at all.
-- 
Jeremy Stanley

Attachment: signature.asc
Description:

Previous By Date Next
Previous By Thread Next

Current thread: