This is a discussion on FW: Exploiting Google MX servers as Open SMTP Relays - SpamAssassin ; fyi: post in bugtraq. You may wish to look for and remove any whitelists based on google, googlegroups, or gmail accounts until google fixes this. --=20 Michael Scheidell, CTO >|SECNAP Network Security Winner 2008 Network Products Guide Hot Companies FreeBSD ...
fyi: post in bugtraq. You may wish to look for and remove any whitelists
based on google, googlegroups, or gmail accounts until google fixes this.
Michael Scheidell, CTO
>|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
FreeBSD SpamAssassin Ports maintainer
------ Forwarded Message
> Date: 7 May 2008 20:37:46 -0000
> Subject: Exploiting Google MX servers as Open SMTP Relays
> Vulnerability Report:
> As part of our recent work on the trust hierarchy that exists among email
> providers throughout the Internet, we have uncovered a serious security f=
> in Ggoogle's free email service, Gmail. This vulnerability exposes Google=
> email servers in a way that allows an attacker to use them as open spam a=
> phishing relays. This issue is related to the risk of a malicious user ab=
> Gmail's email forwarding functionality. This is possible because Gmail's =
> forwarding functionality does not impose proper security restrictions dur=
> its setup process and can be easily subverted. By exploiting this problem=
> attacker can send unlimited spam and phishing (i.e. forged) email message=
> that are delivered by Google's very own SMTP servers. Since the messages =
> delivered by Google's own servers, an attack based on this flaw is able t=
> bypass all spam filters that are based on the blacklist / whitelist conce=
> We were able to confirm that this vulnerability is indeed exploitable b
> y crafting a proof of concept attack that allowed us to send any number =
> forged email messages without restriction through Google's server
> infrastructure. We have also verified that this flaw allows attackers to
> bypass spam filters by using our method to send messages that are usually
> flagged as spam. While sending these messages directly from our network i=
> traditional way had the messages classified as spam, by sending the very =
> messages using our exploit, the messages were delivered directly to the
> victim's inbox, thus bypassing filters.
> All email providers that offer Google's SMTP servers any special level of
> trust (e.g. whitelist status) are vulnerable.
> We have contacted Google about this issue and are waiting for their posit=
> before releasing further details.
> For more information, visit our homepage:
> Pablo Ximenes, Andr=E9 dos Santos
> INSERT - Information Security Research Team
> University of PR at Mayaguez (UPRM), USA
> State University of Cear=E1 (UECE), Brazil
> firstname.lastname@example.org, email@example.com
------ End of Forwarded Message
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.spammertrap.com