Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos network security services platform







Bugtraq: Re: Exploiting Google MX servers as Open SMTP Relays

Re: Exploiting Google MX servers as Open SMTP Relays

From: Michael Scheidell <scheidell_at_secnap.net>
Date: Sat, 10 May 2008 09:55:32 -0400

> From: <pablo.ximenes_at_upr.edu>
> Date: 7 May 2008 20:37:46 -0000
> To: <bugtraq_at_securityfocus.com>
> Subject: Exploiting Google MX servers as Open SMTP Relays
>
>
> Vulnerability Report:
>
> As part of our recent work on the trust hierarchy that exists among email
> providers throughout the Internet, we have uncovered a serious security flaw
> in Ggoogle's free email service, Gmail.
>
> Disclosure:
> We have contacted Google about this issue and are waiting for their position
> before releasing further details.
>

Don't hold our breath.. I have tried to get them to close this very hole for
maybe a year now.

(see/'google' for posts in bugtraq and spamassassin users group showing
headers from unrelated domains sending spam through google mail servers..
They ignore the emails to abuse_at_google.com) 

-- 
Michael Scheidell, CTO
>|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
FreeBSD SpamAssassin Ports maintainer
_________________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r). 
For Information please see http://www.spammertrap.com
_________________________________________________________________________
Received on May 10 2008
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]