Full Disclosure mailing list archives

Re: Strange from address

From: "Akos Szalkai" <szalkai () 2fkft com>
Date: Fri, 10 Oct 2003 14:27:03 +0200

Hi James,

If you insert the following string into the mail from: field #@[] it
appears to by pass the mx check and replys ok.


if you read the qmail manpages (addresses(5) specifically), you can see
that this a qmail extension: this is the envelope sender of a double
bounce.

What I fail to see however, is that how it can be a security problem.
It is not very difficult to generate envelope senders that pass your mx
check anyway.

Regards,
Akos

-- 
Akos Szalkai <szalkai () 2f hu>
IT Consultant, CISA
2F 2000 Szamitastechnikai es Szolgaltato Kft.
Tel: (+36-1)-4887700  Fax: (+36-1)-4887709  WWW: http://www.2f.hu/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

strange from address James Devine (Oct 07)
- Re: strange from address Sebastian Niehaus (Oct 07)
- <Possible follow-ups>
- Re: Strange from address Akos Szalkai (Oct 10)