Closed Bug 1475856 Opened 7 years ago Closed 7 years ago

bug de seguridad mozilla thunderbird

Categories

(Thunderbird :: Security, defect)

Product:
Thunderbird
Component:
Security
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: pedrojansters, Unassigned)

References

Details

Attachments

(2 files)

Video 15-07-2018 17-06-27.mp4
8.62 MB, video/mp4
Details
Video 15-07-2018 17-49-41.mp4
8.16 MB, video/mp4
Details
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36 Steps to reproduce: error that allows impersonation of any email address the error allows me to evade any email address without being detected as spam Actual results: Possible sending of files illegally if it is misused Expected results: should ask for an authentication when changing that address
Group: mail-core-security
In your first video, at second 26, you can see that your outgoing SMTP server is smtp.strato.com. If Strato's mail servers obviously allow spoofing email addresses (like using "ejemplo@mozilla.es") I do not know why you expect some application like Thunderbird to suddenly not allow spoofing email addresses (like using "seguridad@mozilla.com") anymore? Proposing to close this task as invalid, if I don't misunderstand something. Such logic needs to be implement by the SMTP mail server, not by a mail client like Thunderbird.
Flags: needinfo?(pedrojansters)
You might also ask for help at https://support.mozilla.org/questions/new/thunderbird
Status: UNCONFIRMED → RESOLVED
Closed: 7 years ago
Flags: needinfo?(pedrojansters)
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: