Open BuZZ-dEE opened 6 years ago
Someone reported it there but it is not confirmed. Did you confirm it? Has anyone disclosed the issue to @RainLoop? Or are you just thinking out loud?
@ervee tested it with test utility from mailsploit.com and @RainLoop is also listed in Google Docs.
Yes, I can confirm it. I also tested it with test utility from mailsploit.com.
Okay. So far as I can tell this is a GUI sort-of-bug. The "From:" header used to display the e-mail source has always been easy to manipulate. This "bug" just adds the capability to circumvent SPF/DMARC if you have it configured in your MTA in the first place.
I don't know if there is anything @RainLoop can do about this but he can try. I actually agree with Mozilla in their statement that this is to be fixed by the MTA. Not by the MUA.
Check the link; not affected anymore. Issue can be closed.
https://www.mailsploit.com/