About filiadata

filiadata · 12-20-2023

Full read: https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/ I short, the end-of-data command in SMTP is specified as a dot surrounded by carriage return and line feed: <CR><LF>.<CR><LF>. However the Cisco Secure Email Ga...

filiadata · 01-05-2024

The only setting which is vulnerable to the SMTP smuggling attack is "Clean messages of bare CR and LF characters", which is the default setting. With this setting, the Cisco Cisco Secure Email (Cloud) Gateway will "repair" broken line endings with C...

filiadata · 09-29-2023

I wonder why anyone would name their server spamrelay. Did you try the tlsverify command? You can start a packet capture to the IP addresses of the MX servers of the domain of the recipient and then send another test message. The capture will show yo...

filiadata · 09-29-2023

You can test with tlsverify from the command line. To record all exchanged SMTP messages in full details, Log subcriptions > Add log subscription > Type: Domain Debug Logs can be used: https://www.cisco.com/c/en/us/support/docs/security/email-securit...

filiadata · 09-29-2023

This was a global outage of all Cisco Secure Email Gateways which have graymail scanning enabled since 2023-09-29 07:00 UTC. Probaly caused by a malformed update of the engine, Cisco is working on the problem. See also https://urgentnotices.statuspag...

filiadata · 02-13-2017

We created a TAC case for this. The answer is that this bug is currently fixed in versions that include the filter "Duplicate MIME boundaries". This includes 10.0.1. However the possibility to circumvent attachment based filters is NOT automatically ...

Member Since	‎08-19-2005 12:05 AM
Date Last Visited	‎06-20-2024 06:42 AM
Posts	7
Total Helpful Votes Received	9

User Statistics

User Activity

Cisco Cisco Secure Email (Cloud) Gateway vulnerable to SMTP smuggling

Re: Cisco Cisco Secure Email (Cloud) Gateway vulnerable to SMTP smuggl

Re: Verbose message tracking

Re: Verbose message tracking

Re: High workqueue issue - Due to Graymail restart.

We created a TAC case for