Page 1 of 1

Mailsploit

Posted: 06 Dec 2017 20:55
by wieb
Not sure how long this is around, but it was in the news lately.

It's certaintly not my site, but it has 30 tests on it related to exploits that still are in alot of mailclients.
see:
https://www.mailsploit.com/index#demo

for details. Is there any way EFA could counter this?

Re: Mailsploit

Posted: 07 Dec 2017 09:54
by BOOZy
I reckon it shouldn't be too hard to mitigate this:

1 - Check if the From header contains more than one @
2 - Check if the domains match if there is
3 - Up the spam score if they don't

The logic would be pretty easy, programming the scripts and adding GUI elements is most of the work I gather.

Re: Mailsploit

Posted: 10 Dec 2017 21:47
by wieb
That would be to easy fix i think, there is also stuff like \0 and utf8 and utf16 stuff in there. Code execution stuff and more.
I've tried the test tool with efa and exchange 2016 and all gets trough
some discussion is here too: https://www.mail-archive.com/users@spam ... 00478.html