Email vulnerability: BSI warns of SMTP smuggling
Using smuggling, an email can be split and the fake senders bypass authentication mechanisms such as SPF, DKIM and DMARC. While large companies and email service providers Microsoft, GMX and Ionos immediately stopped smuggling, Cisco continues to consider the danger to be a great function, according to the BSI. On December 18, cybersecurity firm SEC Consult released information about a new attack technique using “Simple Mail Transfer Protocol (SMTP) Smuggling.” With SMTP smuggling, attackers take advantage of the fact that different SMTP implementations interpret the marking of the end of an email message differently. SPF, DKIM and DMARC undermined you...