Inbox (1): Proper Email Authentication

Emails are sent from a source server to a destination server (sometimes through multiple hops) via the SMTP protocol. When you use a webmail client – think Gmail and Yahoo – to send an email, the web server sends emails to its bundled SMTP server and handles authentication for you. When you send an email through a desktop client, like Outlook, Thunderbird, or some mobile clients, the client connects directly to the configured SMTP server, authenticates and sends the email.

However, email is an old and arcane system designed for a less hostile world. SMTP servers are often configured to allow unauthenticated connections to send emails, allowing an attacker to spoof email addresses for phishing or spamming. In some intranet configurations, these emails could appear to be authentic with no telling signs of being sent by the legitimate account owner.

If there is an open SMTP relay on your company network, here is a quick way to make some money (and then go to jail)…

Read Full Blog

Shares

Written by:

Leave a comment