Remix.run Logo
js2 a day ago

> Try figuring out the message size that the forwarding edge (icloud.com) accepts, but the receiver (the mailbox server) does not.

Is this a theory or did you test this yourself?

Anything even 1 byte less than that rejected at the edge passes through. And there's not a chain of SMTP servers either. It goes through a single SMTP server into my iCloud mailbox.

If you think this is the flaw, you're welcome to prove it. I'm skeptical and not spending more time on it.

Edit: this is with forwarding to an icloud.com address. If forwarding to a private domain and that domain's SMTP servers have more restrictive size limits, then yes, that bounce could reveal the real address. Don't use a non-icloud.com real address with HME. But the original (vague) description of the problem says nothing about whether the real address matters. In any case, I have no way to test that scenario.

winstonwinston a day ago | parent [-]

> Is this a theory or did you test this yourself?

This is just a pointer for exercise you could do if you are interested. I can’t tell what is the actual HME vulnerability they claim to exist.

js2 a day ago | parent [-]

Why don't you give it a try and report back.

winstonwinston a day ago | parent [-]

I did but where is fun in that. When I got involved in infosec community decades ago, veterans told me then, I should always investigate for myself, not just reading someones reports, they were right. That’s why I suggested it, because you seemed interested.

a day ago | parent | next [-]
[deleted]
js2 a day ago | parent | prev [-]

Were you able to unmask an HME address via SMTP or not? If so, was the real address an iCloud.com address?