Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20200423191032.zjab7ydsiw6ibotf@yuggoth.org>
Date: Thu, 23 Apr 2020 19:10:32 +0000
From: Jeremy Stanley <fungi@...goth.org>
To: oss-security@...ts.openwall.com
Subject: Re: spoofing of local email sender via a homoglyph
 attack

On 2020-04-23 20:12:34 +0200 (+0200), Solar Designer wrote:
[...]
> What you reported originally, where you bypass something that just
> happens that way in some configurations and wasn't meant to
> provide any security against sender address spoofing, looks like
> even less of an issue to me.
[...]

Indeed, if the local attacker is already capable of opening a socket
to the MTA, then it seems like it would be even easier instead to
just open an outbound socket to the target's MTA directly from that
server and bypass the restrictions applied by the local relaying MTA
entirely (unless the local MTA process has privileged access to
something like a DKIM key or durable TLS client key which the
attacker can't access due to filesystem ACLs). Then they wouldn't
need to lean on lack of homoglyph differentiation at the recipient's
end at all.
-- 
Jeremy Stanley

Download attachment "signature.asc" of type "application/pgp-signature" (964 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.