|
|
BugTraq
Is predictable spam filtering a vulnerability? Jun 16 2004 11:26AM R Armiento (rar_bt armiento se) (7 replies) Re: Is predictable spam filtering a vulnerability? Jun 17 2004 05:27PM Joel Eriksson (je-secfocus bitnux com) (3 replies) Re: Is predictable spam filtering a vulnerability? Jun 18 2004 08:57PM Jason Coombs (jasonc science org) Re: Is predictable spam filtering a vulnerability? Jun 18 2004 06:52PM PSE-L mail professional org (Sean Straw / PSE) RE: Is predictable spam filtering a vulnerability? Jun 17 2004 02:18PM Aaron Cake (aaron vltpm com) (1 replies) Re: Is predictable spam filtering a vulnerability? Jun 21 2004 01:23PM Chris Brown (chris wavetex com) Re: Is predictable spam filtering a vulnerability? Jun 17 2004 11:28AM David F. Skoll (dfs roaringpenguin com) (4 replies) Re: Is predictable spam filtering a vulnerability? (silently dropping messages) Jun 22 2004 02:20PM Martin Maèok (martin macok underground cz) (2 replies) Re: Is predictable spam filtering a vulnerability? (silently dropping messages) Jun 24 2004 07:15AM Valdis Kletnieks vt edu Re: Is predictable spam filtering a vulnerability? (silently dropping messages) Jun 23 2004 12:53AM David F. Skoll (dfs roaringpenguin com) (2 replies) Re: Is predictable spam filtering a vulnerability? (silently dropping messages) Jun 23 2004 10:46PM der Mouse (mouse Rodents Montreal QC CA) Re: Is predictable spam filtering a vulnerability? (silently dropping messages) Jun 23 2004 09:48PM PSE-L mail professional org (Sean Straw / PSE) (2 replies) Re: Is predictable spam filtering a vulnerability? (silently dropping messages) Jun 25 2004 07:49PM der Mouse (mouse Rodents Montreal QC CA) Re: Is predictable spam filtering a vulnerability? (silently dropping messages) Jun 25 2004 05:35PM Seth Breidbart (sethb panix com) Re: Is predictable spam filtering a vulnerability? Jun 20 2004 01:52PM Luca Berra (bluca comedia it) (3 replies) Re: Is predictable spam filtering a vulnerability? Jun 24 2004 08:32PM Michael A. Dickerson (mikey singingtree com) Re: Is predictable spam filtering a vulnerability? Jun 23 2004 05:07PM PSE-L mail professional org (Sean Straw / PSE) (2 replies) Re: Is predictable spam filtering a vulnerability? Jun 24 2004 07:42PM The Fungi (fungi yuggoth org) Re: Is predictable spam filtering a vulnerability? Jun 24 2004 05:44PM John Fitzgibbon (bugtraq jfitz com) (1 replies) Re: Is predictable spam filtering a vulnerability? Jun 25 2004 05:08AM PSE-L mail professional org (Sean Straw / PSE) Re: Is predictable spam filtering a vulnerability? Jun 19 2004 02:56PM Kyle Wheeler (kyle-bugtraq memoryhole net) Re: Is predictable spam filtering a vulnerability? Jun 19 2004 12:49AM Jon Fiedler (jmf9 cwru edu) (1 replies) Re: Is predictable spam filtering a vulnerability? Jun 19 2004 01:29AM David F. Skoll (dfs roaringpenguin com) Re: Is predictable spam filtering a vulnerability? Jun 17 2004 08:21AM Ilya Sher (ilya79 actcom net il) |
|
Privacy Statement |
on the same network, possibly protected by the same spam filtering, meaning
that A's email wouldn't reach B. I know this isn't always the case, just my
thoughts on it.
The above would help reduce the probability of finding a scenario where this
would work, that said securing against social engineering attacks is a tad
challenging :)
Again all of the above just my two cents.
Kind regards.
Hamlesh Motah.
IT Consultant.
tel: +44 (0)709 212 0732
fax: +44 (0)709 212 0732
ema: admin (at) hamlesh (dot) com [email concealed]
web: www.hamlesh.com
Hamlesh Consultants - IT Consultancy - Total Solutions Provider.
The Information contained in this E-Mail and any subsequent correspondence
is private and is intended solely for the intended recipient(s). For those
other than the recipient any disclosure, copying, distribution, or any
action taken or omitted to be taken in reliance on such information is
prohibited and may be unlawful.
: -----Original Message-----
: From: R Armiento [mailto:rar_bt (at) armiento (dot) se [email concealed]]
: Sent: 16 June 2004 11:26
: To: bugtraq (at) securityfocus (dot) com [email concealed]
: Subject: Is predictable spam filtering a vulnerability?
:
:
:
: During a recent email conversation with several participants,
: we discovered that the email service of one participant
: silently dropped legitimate emails that happened to contain
: certain combinations of words common in spam. I believe this
: sort of filter is common practice, and in fact even in place
: for some of my own email addresses.
:
: However, this experience made me think: isn't predictable
: spam filtering in general a vulnerability that could be used
: as a hoax device? Since most users reply to an email citing
: the complete source email, including filter-offending words,
: it should be possible to keep a reply, forward, or even a
: whole thread, under the radar of specific recipients. If used
: in combination with forged replies from addresses predictably
: dropping emails, I think this may be a dangerous tool for
: social engineering.
:
: For example: attacker 'A' sends 'B' a social engineering
: request for "the secret plans" and says "if you are unsure,
: forward my request to your boss and ask if this is okay". 'B'
: forwards the email to his boss 'C' and asks "Is this okay?".
: However, 'C':s spam filter silently drops the email. 'A'
: forges a reply from 'C' saying: "Sure, no problem, go ahead."
:
: Regards,
: R. Armiento
:
[ reply ]