Bugtraq mailing list archives
Re: Exploiting Google MX servers as Open SMTP Relays
From: Michael Scheidell <scheidell () secnap net>
Date: Sat, 10 May 2008 09:55:32 -0400
From: <pablo.ximenes () upr edu> Date: 7 May 2008 20:37:46 -0000 To: <bugtraq () securityfocus com> Subject: Exploiting Google MX servers as Open SMTP Relays Vulnerability Report: As part of our recent work on the trust hierarchy that exists among email providers throughout the Internet, we have uncovered a serious security flaw in Ggoogle's free email service, Gmail. Disclosure: We have contacted Google about this issue and are waiting for their position before releasing further details.
Don't hold our breath.. I have tried to get them to close this very hole for maybe a year now. (see/'google' for posts in bugtraq and spamassassin users group showing headers from unrelated domains sending spam through google mail servers.. They ignore the emails to abuse () google com) -- Michael Scheidell, CTO
|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies FreeBSD SpamAssassin Ports maintainer _________________________________________________________________________ This email has been scanned and certified safe by SpammerTrap(r). For Information please see http://www.spammertrap.com _________________________________________________________________________
Current thread:
- Exploiting Google MX servers as Open SMTP Relays pablo . ximenes (May 07)
- Re: Exploiting Google MX servers as Open SMTP Relays Michael Scheidell (May 10)
- Re: Exploiting Google MX servers as Open SMTP Relays Todd T. Fries (May 10)
- Re: Exploiting Google MX servers as Open SMTP Relays Todd T. Fries (May 10)
- Re: Exploiting Google MX servers as Open SMTP Relays Lamont Granquist (May 12)
- Re: Exploiting Google MX servers as Open SMTP Relays Clifton Royston (May 12)
- Re: Exploiting Google MX servers as Open SMTP Relays Bojan Zdrnja (May 12)
- Re: Exploiting Google MX servers as Open SMTP Relays Todd T. Fries (May 10)
- Re: Exploiting Google MX servers as Open SMTP Relays Michael Scheidell (May 10)
- Re: Exploiting Google MX servers as Open SMTP Relays Gadi Evron (May 10)
- <Possible follow-ups>
- Re: Re: Exploiting Google MX servers as Open SMTP Relays pablo . ximenes (May 12)
- Re: Re: Re: Exploiting Google MX servers as Open SMTP Relays pablo . ximenes (May 21)