SMTP smuggling exploits the fact that emails can be split into multiple emails by the receiving server using certain encodings. If the newly created emails are not independently verified on the receiving server, effective authentication mechanisms such as SPM, DKIM or DMARC cannot be applied. This allows targeted phishing attacks to reach mailboxes that are supposed to be protected.
IKARUS mail.security is not and has never been vulnerable to SMTP smuggling.
The vulnerability, disclosed in December 2023, allows attackers to exploit some SMTP implementations to “smuggle” emails with forged sender information. The method relies on the fact that the end of message (RFC) encoding is interpreted differently by different implementations.
A prepared email with non-RFC compliant encoding can be split into multiple emails by the receiving server. Attackers can add any header they like to the newly created emails – for example, the sender or recipient address – to spoof trusted domains. If these spoofed emails are not scanned and authenticated again, they become deceptively genuine phishing emails.
If IKARUS mail.security receives an email with a non-RFC compliant tag, it is not automatically accepted. All content is subjected to all the usual scans – from various authentication checks and malware checks to content and link analyses. Emails with forged sender data are blocked by IKARUS mail.security.
To protect their own identity, IKARUS mail.security users can also issue S/MIME certificates for their mailboxes. A missing or invalid certificate indicates to the recipient that the incoming message may not be authentic.
Major companies such as GMX and Microsoft have already patched the vulnerability in their services. Cisco Secure Email users will need to update their settings manually.
As the vulnerability has only recently been discovered and has not yet been fully researched, researchers cannot rule out other vulnerabilities related to SMTP smuggling. Traditional warnings to never blindly trust emails therefore remain valid, even with protective measures in place.
IKARUS will continue to monitor developments and respond immediately to any new vulnerabilities.
https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/
https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2023/2023-292569-1032.html
https://www.ikarussecurity.com/wp-content/uploads/2024/04/benutzerkonten.jpg
400
600
IKARUS
https://www.ikarussecurity.com/wp-content/uploads/2023/09/IKARUS-Security-Software-1.png
IKARUS2024-04-10 14:11:292024-04-10 14:11:30Account management: The underestimated risk of forgotten user accounts
https://www.ikarussecurity.com/wp-content/uploads/2024/03/threat.png
353
600
IKARUS
https://www.ikarussecurity.com/wp-content/uploads/2023/09/IKARUS-Security-Software-1.png
IKARUS2024-03-27 12:40:022024-03-27 12:40:03Threat Modelling: Guidelines for creating practical threat models
https://www.ikarussecurity.com/wp-content/uploads/2024/03/Laptop-Alert.jpg
392
600
IKARUS
https://www.ikarussecurity.com/wp-content/uploads/2023/09/IKARUS-Security-Software-1.png
IKARUS2024-03-06 14:32:022024-03-06 14:32:48IoC and IoA: definition, examples, benefits
https://www.ikarussecurity.com/wp-content/uploads/2024/02/menschenmenge.jpg
400
600
IKARUS
https://www.ikarussecurity.com/wp-content/uploads/2023/09/IKARUS-Security-Software-1.png
IKARUS2024-02-12 12:02:112024-02-12 12:09:31Living off Trusted Sites: cyber attackers abuse legal services
https://www.ikarussecurity.com/wp-content/uploads/2024/01/Threat-Intelligence-.jpg
400
600
IKARUS
https://www.ikarussecurity.com/wp-content/uploads/2023/09/IKARUS-Security-Software-1.png
IKARUS2024-01-18 10:50:032024-01-18 10:55:07Effective integration of threat intelligence with cyber defence
https://www.ikarussecurity.com/wp-content/uploads/2024/01/sql-injection.png
404
600
IKARUS
https://www.ikarussecurity.com/wp-content/uploads/2023/09/IKARUS-Security-Software-1.png
IKARUS2024-01-12 10:50:412024-01-12 10:53:09SQL Injection: Attacks by malicious code in website requests
https://www.ikarussecurity.com/wp-content/uploads/2023/12/christmas-hack.jpg
401
600
IKARUS
https://www.ikarussecurity.com/wp-content/uploads/2023/09/IKARUS-Security-Software-1.png
IKARUS2023-12-20 13:36:182023-12-20 13:38:32Cyber risks in the holiday season
https://www.ikarussecurity.com/wp-content/uploads/2023/12/passkey.jpg
400
600
IKARUS
https://www.ikarussecurity.com/wp-content/uploads/2023/09/IKARUS-Security-Software-1.png
IKARUS2023-12-11 13:18:532023-12-11 13:18:54Passkeys as a secure alternative to passwords
https://www.ikarussecurity.com/wp-content/uploads/2023/11/dynamische-cybersicherheit.jpg
400
600
IKARUS
https://www.ikarussecurity.com/wp-content/uploads/2023/09/IKARUS-Security-Software-1.png
IKARUS2023-11-27 11:30:282023-11-27 11:30:285 top IT security strategies for dynamic cyber security
https://www.ikarussecurity.com/wp-content/uploads/2023/11/nis2-eu-like.png
400
600
IKARUS
https://www.ikarussecurity.com/wp-content/uploads/2023/09/IKARUS-Security-Software-1.png
IKARUS2023-11-21 14:49:082023-11-21 14:49:09NIS2 Directive successfully implemented
https://www.ikarussecurity.com/wp-content/uploads/2023/11/Harmony-Mobile-300.png
87
300
IKARUS
https://www.ikarussecurity.com/wp-content/uploads/2023/09/IKARUS-Security-Software-1.png
IKARUS2023-11-15 10:01:252023-11-15 10:07:24Harmony Mobile new in the IKARUS portfolio
https://www.ikarussecurity.com/wp-content/uploads/2023/11/EU-Machinery-Regulation.jpg
407
600
IKARUS
https://www.ikarussecurity.com/wp-content/uploads/2023/09/IKARUS-Security-Software-1.png
IKARUS2023-11-07 12:53:382023-11-07 12:56:49EU Machinery Regulation 2023
https://www.ikarussecurity.com/wp-content/uploads/2023/10/Sergejs_preview.png
274
312
IKARUS
https://www.ikarussecurity.com/wp-content/uploads/2023/09/IKARUS-Security-Software-1.png
IKARUS2023-10-25 09:43:582023-10-25 13:34:04Plugin IdaClu accelerates malware analysis
https://www.ikarussecurity.com/wp-content/uploads/2023/10/nis2-600.png
400
600
IKARUS
https://www.ikarussecurity.com/wp-content/uploads/2023/09/IKARUS-Security-Software-1.png
IKARUS2023-10-18 15:24:042023-10-18 16:11:40Cyber Security Schecks 2023: Funding for NIS2-affected SMEs
https://www.ikarussecurity.com/wp-content/uploads/2023/10/infostealer.png
522
540
IKARUS
https://www.ikarussecurity.com/wp-content/uploads/2023/09/IKARUS-Security-Software-1.png
IKARUS2023-10-12 13:04:482023-10-12 13:12:31Recognise, understand and defend against info stealers
https://www.ikarussecurity.com/wp-content/uploads/2023/10/cybercrime.jpg
337
600
IKARUS
https://www.ikarussecurity.com/wp-content/uploads/2023/09/IKARUS-Security-Software-1.png
IKARUS2023-10-04 13:10:562023-10-04 13:15:07Europol report on cybercrime trends
SQL Injection: Attacks by malicious code in website requests
Scroll to top