| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <C44B2194.56C04%scheidell@secnap.net> Date: Sat, 10 May 2008 09:55:32 -0400 From: Michael Scheidell <scheidell@...nap.net> To: <pablo.ximenes@....edu>, <bugtraq@...urityfocus.com> Subject: Re: Exploiting Google MX servers as Open SMTP Relays > From: <pablo.ximenes@....edu> > Date: 7 May 2008 20:37:46 -0000 > To: <bugtraq@...urityfocus.com> > Subject: Exploiting Google MX servers as Open SMTP Relays > > > Vulnerability Report: > > As part of our recent work on the trust hierarchy that exists among email > providers throughout the Internet, we have uncovered a serious security flaw > in Ggoogle's free email service, Gmail. > > Disclosure: > We have contacted Google about this issue and are waiting for their position > before releasing further details. > Don't hold our breath.. I have tried to get them to close this very hole for maybe a year now. (see/'google' for posts in bugtraq and spamassassin users group showing headers from unrelated domains sending spam through google mail servers.. They ignore the emails to abuse@...gle.com) -- Michael Scheidell, CTO >|SECNAP Network Security Winner 2008 Network Products Guide Hot Companies FreeBSD SpamAssassin Ports maintainer _________________________________________________________________________ This email has been scanned and certified safe by SpammerTrap(r). For Information please see http://www.spammertrap.com _________________________________________________________________________
Powered by blists - more mailing lists