info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Reject mails with multiple From headers
12 views
Skip to first unread message
Michel Le Bihan
Oct 17, 2020, 2:51:32 PM10/17/20
to
Hello,
I found out about a new vulnerability where if several from headers are present in a message, the header that is displayed in the client can be different from the one that is validated.
4a in https://i.blackhat.com/USA-20/Thursday/us-20-Chen-You-Have-No-Idea-Who-Sent-That-Email-18-Attacks-On-Email-Sender-Authentication.pdf
5.1 in https://www.usenix.org/system/files/sec20fall_chen-jianjun_prepub_0.pdf
Such messages seem non compliant with RFC 5322 3.6.2 (https://tools.ietf.org/html/rfc5322#section-3.6.2) that says only about one from field ("The from field")
Is it possible to configure Postfix to reject mails with multiple From headers?
I found out about a new vulnerability where if several from headers are present in a message, the header that is displayed in the client can be different from the one that is validated.
4a in https://i.blackhat.com/USA-20/Thursday/us-20-Chen-You-Have-No-Idea-Who-Sent-That-Email-18-Attacks-On-Email-Sender-Authentication.pdf
5.1 in https://www.usenix.org/system/files/sec20fall_chen-jianjun_prepub_0.pdf
Such messages seem non compliant with RFC 5322 3.6.2 (https://tools.ietf.org/html/rfc5322#section-3.6.2) that says only about one from field ("The from field")
Is it possible to configure Postfix to reject mails with multiple From headers?
0 new messages