SMTP Smuggling: A Novel Technique for Email Spoofing

Explore a groundbreaking technique for email spoofing in this 32-minute conference talk from the 37th Chaos Communication Congress (37C3). Dive into the world of SMTP smuggling, a novel exploitation method that breaks the interpretation of the Simple Mail Transfer Protocol in vulnerable server configurations globally. Learn how this attack allows sending emails from seemingly legitimate addresses while bypassing security measures like SPF checks. Follow the journey from the discovery of this technique to its exploitation in one of the most widely used email services. Gain insights into the intricacies of SMTP smuggling and its potential impact on email security. Venture beyond the known limits of SMTP and uncover the vulnerabilities lurking in this decades-old technology that forms the backbone of email communication.

37C3 - SMTP Smuggling – Spoofing E-Mails Worldwide