
Split Tunnel SMTP Exploit Explained - campuscodi
https://blog.securolytics.io/2017/05/split-tunnel-smtp-exploit-explained/
======
Bino
I'm trying to understand if there is something more to it, because here is
where I'm at, he found that some organizations has mistakenly or not configure
their encryption gateways (MTAs) to accept mail from any host hence by
connecting to them directly lets you bypass the anti-spam/virus filtering
either directly to the mail server or by using the "trust" of the encryption
gateway's IP?

He found some by spending time searching for them and gave the attach a name
"the split Tunnel SMTP exploit".

~~~
CaliforniaKarl
I think that the gateways in question are configured such that, if no
encrypted message is found, the email is passed through.

IMO, you can have a publicly-IPed encryption gateway, under one condition: If
inbound email is received that does not properly decrypt & verify, that
message is either bounced or dropped.

~~~
i336_
That makes a lot of sense. Yet another case of insane defaults :(

Servers are like castles of old. They need to be properly defended!

------
CaliforniaKarl
Cached page:
[http://webcache.googleusercontent.com/search?q=cache:https:/...](http://webcache.googleusercontent.com/search?q=cache:https://blog.securolytics.io/2017/05/split-
tunnel-smtp-exploit-explained/)

