Closed Bug 948081 Opened 11 years ago Closed 11 years ago

Email Spoofing

Categories

(Infrastructure & Operations :: Infrastructure: Mail, task)

x86_64
Windows 7
task
Not set
normal

Tracking

(Not tracked)

RESOLVED INVALID

People

(Reporter: chawla, Unassigned)

Details

Attachments

(1 file)

Attached image mozillaorg.png
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36 Steps to reproduce: Connected to mozilla.org mail server mozilla.com.s5b2.psmtp.com so able to send emails from one mozilla email to other email Actual results: Email sent Expected results: Some Ip validation or other validation should prevent from sending email
Assignee: nobody → infra
Component: General → Infrastructure: Mail
Product: Core → Infrastructure & Operations
QA Contact: limed
Version: unspecified → other
This is expected behaviour. It's not ideal, but it is something that is expected to happen. Thank you for reporting!
Status: UNCONFIRMED → RESOLVED
Closed: 11 years ago
Resolution: --- → INVALID
If this is intentional behaviour then it is good, otherwise this thing leads to spear phishing. Thats why big companies like Google,Yahoo,Facebook etc. doesn't allow to connect to mail servers or do the validation.
Group: core-security
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: