The Mailsploit vulnerability stems from how email servers\/clients interpret email addresses containing encoded words. Incorrectly handling those, could allow an attacker to spoof email identities.<\/p>\n
Recent specs (RFC-2822<\/a> and RFC-5322<\/a>) don’t allow using encoded-words for email addresses (addr-spec):<\/p>\n \n3.4. Address Specification: Here are the unit test that show how Mail.dll behaves when such malicious emails are parsed. Please note that encoded-words are not decoded when part of email address.<\/p>\n Mail.dll allows anything in the name part of the address headers:<\/p>\n Specification allow using encoded-words in the name (RFC2047 – 5. Use of encoded-words in message headers. (3) ) RFC2047 imposes no restrictions what characters can be encoded, which means that zero byte (\\0) and new lines (\\r\\n) are valid characters.<\/p>\n Client applications must ensure <\/strong> that such special charters don’t ‘push’ the actual email address (“”test@example.com”) outside of control, in such way, that it becomes not visible. The Mailsploit vulnerability stems from how email servers\/clients interpret email addresses containing encoded words. Incorrectly handling those, could allow an attacker to spoof email identities. Recent specs (RFC-2822 and RFC-5322) don’t allow using encoded-words for email addresses (addr-spec): 3.4. Address Specification: address = mailbox \/ group mailbox = name-addr \/ addr-spec name-addr = [display-name] angle-addr […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[113,33],"class_list":["post-5382","post","type-post","status-publish","format-standard","hentry","category-mail-dll","tag-email","tag-email-component"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/posts\/5382"}],"collection":[{"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/comments?post=5382"}],"version-history":[{"count":28,"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/posts\/5382\/revisions"}],"predecessor-version":[{"id":5411,"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/posts\/5382\/revisions\/5411"}],"wp:attachment":[{"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/media?parent=5382"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/categories?post=5382"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/tags?post=5382"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\naddress = mailbox \/ group
\nmailbox = name-addr \/ addr-spec
\nname-addr = [display-name] angle-addr
\nangle-addr = [CFWS] “<\" addr-spec \">” [CFWS] \/ obs-angle-addr
\ndisplay-name = phrase\n<\/p><\/blockquote>\n\r\n[Test]\r\npublic void Test1()\r\n{\r\n string eml = @"From: =?utf-8?b?cG90dXNAd2hpdGVob3VzZS5nb3Y=?=@example.com\r\n\r\nBody";\r\n\r\n IMail mail = new MailBuilder().CreateFromEmlASCII(eml);\r\n\r\n Assert.AreEqual(\r\n "=?utf-8?b?cG90dXNAd2hpdGVob3VzZS5nb3Y=?=@example.com", \r\n mail.Headers["From"]);\r\n\r\n Assert.AreEqual(\r\n "=?utf-8?b?cG90dXNAd2hpdGVob3VzZS5nb3Y=?=@example.com", \r\n mail.From[0].Address); \/\/ Correct\r\n\r\n Assert.AreEqual(\r\n null, \r\n mail.From[0].Name); \/\/ Correct\r\n}\r\n<\/pre>\n\r\n[Test]\r\npublic void Test2()\r\n{\r\n string eml = @"From: =?utf-8?b?cG90dXNAd2hpdGVob3VzZS5nb3Y=?=\r\n\r\nBody";\r\n\r\n IMail mail = new MailBuilder().CreateFromEmlASCII(eml);\r\n\r\n Assert.AreEqual(\r\n "=?utf-8?b?cG90dXNAd2hpdGVob3VzZS5nb3Y=?=", \r\n mail.Headers["From"]);\r\n\r\n Assert.AreEqual(\r\n null, \r\n mail.From[0].Address); \/\/ Correct\r\n\r\n Assert.AreEqual(\r\n "potus@whitehouse.gov", \r\n mail.From[0].Name); \/\/ Correct - this is correct behavior, \r\n \/\/ sender can put anything in the name field.\r\n}\r\n<\/pre>\n\r\n[Test]\r\npublic void Test3()\r\n{\r\n string eml = @"From: =?utf-8?b?cG90dXNAd2hpdGVob3VzZS5nb3Y=?=" \r\n + @"=?utf-8?Q?=00?=" \r\n + @"=?utf-8?b?cG90dXNAd2hpdGVob3VzZS5nb3Y=?=@example.com\r\n\r\nBody";\r\n\r\n IMail mail = new MailBuilder().CreateFromEmlASCII(eml);\r\n\r\n Assert.AreEqual(\r\n @"=?utf-8?b?cG90dXNAd2hpdGVob3VzZS5nb3Y=?=" \r\n + @"=?utf-8?Q?=00?=" \r\n + @"=?utf-8?b?cG90dXNAd2hpdGVob3VzZS5nb3Y=?=@example.com", \r\n mail.Headers["From"]);\r\n\r\n Assert.AreEqual(\r\n @"=?utf-8?b?cG90dXNAd2hpdGVob3VzZS5nb3Y=?=" \r\n + @"=?utf-8?Q?=00?=" \r\n + @"=?utf-8?b?cG90dXNAd2hpdGVob3VzZS5nb3Y=?=@example.com", \r\n mail.From[0].Address); \/\/ Correct\r\n\r\n Assert.AreEqual(\r\n null, \r\n mail.From[0].Name); \/\/ Correct\r\n}\r\n\r\n<\/pre>\n\r\n[Test]\r\n\r\npublic void Test4()\r\n{\r\n string eml = @"From: =?utf-8?Q?=42=45=47=49=4E=20=2F"\r\n + @"=20=20=2F=20=00=20=50=41=53=53=45=44" \r\n + @"=20=4E=55=4C=4C=20=42=59=54=45=20=2F=20=0D=0A" \r\n + @"=20=50=41=53=53=45=44=20=43=52" \r\n + @"=4C=46=20=2F=20=45=4E=44?= <test@example.com>\r\n\r\nBody";\r\n\r\n IMail mail = new MailBuilder().CreateFromEmlASCII(eml);\r\n\r\n Assert.AreEqual(\r\n "test@example.com", \r\n mail.From[0].Address);\r\n\r\n Assert.AreEqual(\r\n "BEGIN \/ \/ \0 PASSED NULL BYTE \/ \\r\\n PASSED CRLF \/ END", \r\n mail.From[0].Name); \r\n\r\n \/\/ Note the \\r\\n (new line) and \0 (null) characters\r\n}\r\n<\/pre>\n
\nEncoded words are used to encode non-ASCII characters, for example national characters like umlauts (\u00e4, \u00f6, \u00fc).<\/p>\n
\nIt is crucial for them to display the email address (test@example.com) no matter what is in the name field.<\/p>\n","protected":false},"excerpt":{"rendered":"