SMTP, or Simple Mail Transfer Protocol, was first developed in 1982, and at that time, it had very few security features. Though at that time there were not many concerns, later it became a major security concern. For example, an attacker can perpetrate DNS hijacking or TLS downgrade attacks while transporting emails. SMTP STS or SMTP Strict Transport Security is a policy that is developed to address the security concerns of SMTP.
What are the security concerns of SMTP?
As discussed above, SMTP has very few security features and that results in some major security concerns. TLS downgrade attacks and DNS hijacking are two major security concerns that make email transport quite vulnerable. Let’s discuss in brief how these two attacks make email transport so vulnerable.
The TLS Downgrade Attack
When a source mail server wants to send an email to a destination mail server, the communication is not encrypted by default. A STARTTLS command is sent first. When both the mail servers agree on the STARTTLS command, they go ahead and establish a TLS connection between them to transfer the email. Otherwise, the email is sent in cleartext format.
In the TLS downgrade attack, the attacker first perpetrates a Man-In-The-Middle (MITM) attack and changes the STARTTLS command transferred between the mail servers. As a result, both the mail servers are tricked into believing that the other one does not support TLS. The email is transferred in cleartext format, following which the attacker can steal sensitive data transferred over the email communication.
Interested readers can find more information on how TLS downgrade attacks are perpetrated while transporting emails here: How can attackers steal sensitive data of emails using the TLS downgrade attack?
DNS Hijacking
The source mail server needs to know the IP address corresponding to the destination mail server before transferring the email. For that purpose, the source mail server makes a query to the DNS servers and fetches the MX record containing the said IP address.
However, attackers can perpetrate the DNS hijacking attack at that time and trick the source mail server to obtain a fraudulent MX record containing the IP address of the attacker-controlled mail server. As a result, the source mail server ends up sending the sensitive email to the attacker’s mail server. As a result, the attacker can steal sensitive data from the email and transfer the email back to the actual …
0 Comments