Mailsploit

General E.F.A. discussion
Post Reply
wieb
Posts: 6
Joined: 19 Jul 2017 22:05

Mailsploit

Post by wieb » 06 Dec 2017 20:55

Not sure how long this is around, but it was in the news lately.

It's certaintly not my site, but it has 30 tests on it related to exploits that still are in alot of mailclients.
see:
https://www.mailsploit.com/index#demo

for details. Is there any way EFA could counter this?

User avatar
BOOZy
Posts: 9
Joined: 04 Oct 2017 13:17

Re: Mailsploit

Post by BOOZy » 07 Dec 2017 09:54

I reckon it shouldn't be too hard to mitigate this:

1 - Check if the From header contains more than one @
2 - Check if the domains match if there is
3 - Up the spam score if they don't

The logic would be pretty easy, programming the scripts and adding GUI elements is most of the work I gather.

wieb
Posts: 6
Joined: 19 Jul 2017 22:05

Re: Mailsploit

Post by wieb » 10 Dec 2017 21:47

That would be to easy fix i think, there is also stuff like \0 and utf8 and utf16 stuff in there. Code execution stuff and more.
I've tried the test tool with efa and exchange 2016 and all gets trough
some discussion is here too: https://www.mail-archive.com/users@spam ... 00478.html

Post Reply