escription: By exploiting interpretation differences of the SMTP protocol, it is possible to smuggle/send spoofed e-mails - hence SMTP smuggling - while still passing SPF alignment checks. During this research, two types of SMTP smuggling, outbound and inbound, were discovered. These allowed sending spoofed e-mails from millions of domains (e.g., admin[@]outlook.com) to millions of receiving SMTP servers (e.g., Amazon, PayPal, eBay). Identified vulnerabilities in Microsoft and GMX were quickly fixed, however, SEC Consult urges companies using the also affected Cisco Secure Email product to manually update their vulnerable default configuration. References: https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/
Created sendmail tracking bugs for this issue: Affects: fedora-all [bug 2255870]
The Sendmail vulnerability allowing SMTP smuggling is deemed moderate due to its impact on SPF protection mechanisms and specific conditions for successful exploitation. SMTP smuggling involves manipulating the communication between mail servers to inject unauthorized messages. Exploiting this flaw involves a technique where remote attackers inject email messages with a spoofed MAIL FROM address. This manipulation allows them to bypass SPF protections because Sendmail supports the <LF>.<CR><LF> sequence, which some other popular email servers do not. CVSSv3: 5.3/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N