DeepSec Vienna 2007 7 Layers of Insecurity l o c o t l
o ff e r a? t o ing wil
k P hi n de e
a r W good.” H
e wor o spe f id for he s t s a
s
s tion. s t good i ' n a a
out ca that t a il he e r , ush l! ik T ing ma tha ns
k e l o Is i nt B s mmuni 2 . a a t Mai not l ll ing 6
e wor eno ide s co o
M s s r t a r g L it'
il
a e us
y a r e a e ity w t n,
e l P
m ve Ja a s “ -
' ur
p p
u c u --
e a
e me ll o
not be m s
thing
Ho h I
a i Y
S C DeepSec Vienna 2007 7 Layers of Insecurity r om .c owing n unte de ung) r t foll i r e w
mons rbe on) t i a t a unde ite c k Be om i i be if n or r e a a ec t be w l
P od ri r v s h T i i m ha st t ye M uc th a or a e f Au S nz ( n und be e Ma , ify - orbe ng t o nc n
ze d n v u o e
cr 2 z i ite e Li als nna ic 6 tia rde e r l t mo e (
e s
ht i w. d e Nut c V a
rbr e lbe us ba nd , m e e le l e a a l v
s Re nc a ww S i m
nnt we s e e ie r , te ngs r r r r zt, rc rz e na f fe bu e nig p:// i e o if r me nut t raini r f n: Ei unde
it unte n ge is T ge htt om be
e n Pfe omm d / d
i c d be t s I k e , e r
v né e 7 f ht r t work Ar 0 f c e e e r ngunge
Re us s 0 i ng an mus non v v , i h y i i ni s d t n müs l t t a re 2 or
e e a a f r ür ul g
s fk it da
f Be : v v e i hor or a ri ri n b nt fre be r K ght e y
l
De Only Nur De Aut Aut m ri
Ar y e
m Cons nde e . e
e e
v
ha p e s .T
e a o lge ou ma
gr
o o N a Di f Mic C. Y Som
©
C DeepSec Vienna 2007 7 Layers of Insecurity l o c o t P o T r M P S
-
rks r 2 6 e f isks s ewo R n t am a r r rity ten T
n l m F i o asics 7 2 a C 0 6
0 Secu B
M Spa 2 P P r
-
r
e e ti e
b da t
l n
m p
p E-Mail SMT A SMT e en
v a g
o m
h i N A
©
S C DeepSec Vienna 2007 7 Layers of Insecurity . P T ivery M el S -
D 2 6 f Mail o
n s o c ti i 7 s 0 da 0 a n 2 r u B e
o b
F P m
e
T v
he
o
M N T
©
S DeepSec Vienna 2007 7 Layers of Insecurity n y icatio d n n s er+bo mmu g II missio P b ead T din h M SC
S co ver co A - SL r
e su as ts 2
it S r 6 n o it en o P+ i l p ssag s P co e se 7-b i C t to SMT me T se 8-b r r r server-se smiss s u t u r e
d fo fo p pro 7 fo P P 0 o 0 eren P C C r
e tran 2 ff C r i P e ased mman
b
o ata may P m 587/T 465/T 25/T D C
e
T v ses d
o
ext b
M N U Messag T
©
S DeepSec Vienna 2007 7 Layers of Insecurity U) P /GN T M ian n S - o
(Deb i 2 6 fix t> s st .ne s 8A9 e TP Po 00 ample S M S
S CR> .ex .e 2 on. x@ 80 @ag r n S on e yn e E m nx que with n l e 428 e CEDSTATUSCOD b M I : m m am 0 By 0 Ok: 0 Ok 5 Ok m E e ITM d d amem v .0. .0. .1. .1. ga m Fro . T To: o IT P a e, 1 2 0 2 4 En 0 2 0 2 0-STARTTL 0-ENHAN 0-8B 0 DSN 0-PIPEL 0-SIZ 0-VRFY 0-ETRN 0 a 0-ag nx N AIL QU 22 . 25 By Ly Hi! DATA 35 RC 25 M 25 25 25 25 25 25 25 25 25 EHLO ag 25 22 © S DeepSec Vienna 2007 7 Layers of Insecurity s er ities l a le us ) i P P b T M T ction S - n M a 2 g SMTP S 6 or mo at f in E E d fu d n ( y r rt a ort o eli P fo p s an t T p pp d r d rel pip o M d an p S an 7 s su S su 0 up 0 A d mm s em 2 e /TL r e it -d MT mman co d b o y n m On SSL 8-b C e ds e v t d o x N Man A © E DeepSec Vienna 2007 7 Layers of Insecurity P T . M S er - g s 2 k 6 s i ssen R e y t e M i r u 7 t th 0 c 0 e oo 2 r h S e S b P m e T v et's o M N L © S DeepSec Vienna 2007 7 Layers of Insecurity l i s y a f ema l P o sed T e e s M mail R su c S L i lem e r - y r d u m 2 6 to e RB rob ve s in n i o l be eli r ig p ify so d o r b h cked e(s) ve t a l a g u mail p m e a 7 u relay wil i 0 s to t ran n igh 0 p are E stil 2 P U u en r w C r e eed / p t I am b s U i o / n m act: h n k: med Pu D Sp Mal e A y p e v s i n BE o m p N R I A MT U © O DeepSec Vienna 2007 7 Layers of Insecurity ” ” i i g g c c . . t t u u s! p p / / i i s A g g c c b / / c c s MT c c m . . g b b to o . . n ay a a / / B / / : : P es ed T p p li e t t t t M p p h h O stri S om i - “| “| s ap P 2 EL O O 6 is L L O E H th E H L 3 3 ect H E 4 4 ke ity also sp H r p: p: / t t n k li i m m o m O s s u ecu l l 7 o u L i 0 b b s igh r r 0 s l H g 2 … … r g - - e yo E e 7 7 o n b tin 0 0 i l P 0 0 p m r act: h k: med 2 2 e u T p ag v s i o o m m M N I Scri R Y I © S DeepSec Vienna 2007 7 Layers of Insecurity t men ce un o n nfirmed an sses e e ut P r T nc o e co d M Y b S F - ssa ad i 2 with 6 will na FY n ts re VR i n co u e ts email ou w VR r m req r u lo i tes m Y s 7 u Y F i g acc ed 0 nt F 0 e se fo R ay al 2 r )u V cli e VR b b P P m act: m k: med (A Existin e As m me T p v s i o m M N I MT R So SMT © S DeepSec Vienna 2007 7 Layers of Insecurity trolled n n e y co n y l r P atio a ht T c M itr ti tig S b - n en 2 6 o th i t be t es very easy e easily do t is ar a us au b c o en m i i t n ssag g n e f me ks can h recip 7 ffers ayin t 0 l o 0 e u er/ g 2 ttac r d ol o l r n A e a b fi oc P o m M Mai Sen e o T T v o M N Sp MI Prot © S DeepSec Vienna 2007 7 Layers of Insecurity ted ca i ms A s T i ent M critical an th → u rd P A n T T ech na M lem m S M - sswo / 2 s A 6 rob SL tay u r ticatio pa p s MT se SA en u ay es → l rt th rced e o r bile ress pp en H te-fo 7 T 0 su ru ffers au ffers 0 r mo A U for MUA l add b 2 o r fo t/ A ai e P l MT b ces op sed os t P u m L Em U e T v sefu ed o M N Mos U R ESMT © S DeepSec Vienna 2007 7 Layers of Insecurity mises ro ip p ified S sh L n o i at l SL/T e S P ever ver T ates M st r s S c o n hat u - t t r 2 t t g 6 o e ex l n hin tificate S r e yt L ssib s & certifi ave n ce er T o m / p u i L y h es ar ed m ll 7 n u S ti i ed h key all 0 es ev g t s 0 i S i d ficat i 2 su i r w M t + e T b s er P k m act: m k: med r C MI Self-s Prov e As u T p v s o i o m M N I R MT W © S DeepSec Vienna 2007 7 Layers of Insecurity e. r su Mea y t ri P T s M k S r - 2 o 6 w e m lexity as Secu lexity a r mp F o 7 C 0 m 0 a 2 r ced p e b S an m - e i h v t o n N En © A DeepSec Vienna 2007 7 Layers of Insecurity e sag e cks he mes nam c r e n i P T ure ks le e M r b s pe at ma S n - o tu si s essag g 2 d r brea 6 m na os sum f ge f si to p sig n t o eck t o ation o ana r h c ked t ti i f m n ten i s n ec d t pa j y filter ist hic ch o e 7 er wi in l n 0 0 K y d co ture li rap ent 2 a ead r l pe g ling n na ne e nt i h b nsit mo to o ep a a m r R C Mai Sig Sig e ds velo yp v m -t r d o n o N En I C A © D DeepSec Vienna 2007 7 Layers of Insecurity et n . e l : mp ity r fields exa cu . key se as … h key ; wn P o er T KIM key M . main S ffer - ead o 2 es D S o 6 kim e h ._d N d r ly as well D p y to tu a ; s= t & ap etermin ay tr s kim.key y d m e 7 ity d : y-Sign ple.ne 0 r ttacks e p 0 K ker a 2 r ku n e ecu i xam o b s e NS ttac a m lo = D A e mainK v d m NS o o o N D … PK D © D DeepSec Vienna 2007 7 Layers of Insecurity g ) F s n S el P ardin i S) g S w ev r ( ri DN n o k fo st l r P e (SR e en T o ail tt M gu S em le t tru w l - icies i icies em b email wri e l i 2 d e s o 6 ialo fau m ss p Sch d e ali e r a v d r P b reak ed po T e e F b h iting st r s y li am am SM king c mu n n ew i n l ub e R 7 letely loc o 0 s i p 0 b k er P 2 r mp r y d r on e mains mains b e co o o wo m d Sen Messag Earl D D e v n ased o e N SPF SPF B © S DeepSec Vienna 2007 7 Layers of Insecurity s st eters n ) ly l on L aram ca B p cess li tatio i t u mm P R ts ac ( T s am M li s rep g S trary yn s co i - n n n 2 remen i o 6 t S i urce e d s N ed o i ed l tso easu ang k as u ave arb as m b c b o by D a ch y L n l e l ay h elp o B i B h 7 R m 0 s ar ut e s 0 y g L c ib 2 n m r B res can i i tr e an R b s st are simp T i i t m l Metri Sco L D e v a sing BL o e N U Mos R © R DeepSec Vienna 2007 7 Layers of Insecurity re. ly safe. l o ctu c seless. o ssari t P o e u T r r ece . M frastru a n P S t n - o in ' r 2 ti . BL S 6 e y f ll N R tec s n LS isn n D a /T r s pro T s carefu l ies o i l L eed 7 SSL 2 e a 0 6 0 r + servers on n y M 2 P P P P r r ar e e e b t l m p p SMT Pick RB SMT SMT SMT e mm v a . . . . . o m h i N Su © S C DeepSec Vienna 2007 7 Layers of Insecurity P T M S - 2 6 7 u 0 s? 0 o n 2 r Y o e b ti k m n e es v a o h N Qu © T DeepSec Conference © November 2007 Chapter 62 Simple Mail Transfer Protocol You've got Mail! D 7 eep L “President Bush said for ayers o security reasons, he's sworn off Sec all e-mail communication. He will not be using email at the White Vien House at all. Is that a good idea? f I I mean, it's not like that speaking n secu thing was working out so good.” n a 2007 rity -- Jay Leno © November 2007 62 - SMTP 1 99 - Things in Life 1 DeepSec Conference © November 2007 Copyright Information Some rights reserved / Einige Rechte vorbehalten Michael Kafka, René Pfeiffer, Sebastian Mayer C.a.T. Consulting and Trainings, Vienna, Austria You may freely use, distribute and modify this work under following D agreement: 7 eep Diese Arbeit darf frei genutzt, verbreitet und bearbeitet werden unter L folgenden Bedingungen: ayers o Sec Authors must be referenced (also for modification) Autoren müssen genannt werden (auch bei Bearbeitung) Vien Only for non commercial use f I Nur für nichtkommerzielle Nutzung n secu Derivative work under same licence n Derivative Arbeit unter selber Lizenz a 2007 http://www.creativecommons.com rity © November 2007 62 - SMTP 2 This presentation is published under the CreativeCommons License which can be viewed in detail on their hompage: http://creativecommons.org/licenses/by-nc-sa/2.0/at/ Read more on http://www.creativecommons.com You are free: to Share — to copy, distribute and transmit the work to Remix — to adapt the work Under the following conditions: Attribution. You must attribute the work in the manner specified by the author or licensor (but not in any way that suggests that they endorse you or your use of the work). Noncommercial. You may not use this work for commercial purposes. Share Alike. If you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one. ● For any reuse or distribution, you must make clear to others the license terms of this work. The best way to do this is with a link to this web page. ● Any of the above conditions can be waived if you get permission from the copyright holder. ● Nothing in this license impairs or restricts the author's moral rights. 99 - Things in Life 2 DeepSec Conference © November 2007 Chapter 62 Simple Mail Transfer Protocol Agenda SMTP Basics SMTP Security Risks D 7 eep Anti-Spam Frameworks L ayers o E-Mail Content Sec Vien f I n secu n a 2007 rity © November 2007 62 - SMTP 3 99 - Things in Life 3 DeepSec Conference © November 2007 SMTP Basics The Foundation of Mail Delivery. D 7 eep L ayers o Sec Vien f I n secu n a 2007 rity © November 2007 62 - SMTP 4 99 - Things in Life 4 DeepSec Conference © November 2007 SMTP Properties Text based protocol Commands use 7-bit ASCII Data may use 8-bit encodings D 7 eep Message transmission as header+body L ayers o Uses different TCP ports Sec 25/TCP for server-server communication Vien 465/TCP for SMTP+SSL f I n secu 587/TCP for message submission n a 2007 rity © November 2007 62 - SMTP 5 SMTP/ESMTP transactions distinguish between three roles of the endpoint. • Mail Submission Agent (MSA) receives email from a MUA and relays it to other MTAs. • Mail Transport Agent (MTA) is the classical “mail server” that transports email messages to other MTAs. • Mail User Agent (MUA) is the classical “mail software” that enables users to read, write and send email. MTAs speak ESMTP/SMTP with each other on port 25/TCP. MUAs submit their messages either via ESMTP/SMTP to a MTA on port 25/TCP or to a MSA on port 587/TCP. Submission by using MSA supports mobile users and offers authentication along with correction of the submitted messages (adding missing header fields for example). In practice most MUAs use a local MTA or submission via 25/TCP. ESMTP/SMTP is proposed in RFC 821, 822, 2821, 2822 among others. Message submission via 587/TCP is proposed in RFC 2476. 99 - Things in Life 5 DeepSec Conference © November 2007 Sample SMTP Session 220 agamemnon.example.net ESMTP Postfix (Debian/GNU) EHLO agamemnon.example.net 250-agamemnon.example.net 250-PIPELINING 250-SIZE 52428800 250-VRFY D 250-ETRN 7 250-STARTTLS eep 250-ENHANCEDSTATUSCODES L 250-8BITMIME ayers o 250 DSN MAIL From: 250 2.1.5 Ok Vien DATA f I 354 End data with Hi! secu n Bye, a 2007 Lynx. . rity 250 2.0.0 Ok: queued as 2CB7C24008A9 QUIT 221 2.0.0 Bye © November 2007 62 - SMTP 6 99 - Things in Life 6 DeepSec Conference © November 2007 Extended SMTP (ESMTP) Adds commands and functionalities Command pipelining SSL/TLS support D 7 eep 8-bit support for data L ayers o On-demand relay for mobile users Sec Many MTAs support ESMTP Vien f I n secu n a 2007 rity © November 2007 62 - SMTP 7 99 - Things in Life 7 DeepSec Conference © November 2007 SMTP Security Risks Let's Shoot the Messenger. D 7 eep L ayers o Sec Vien f I n secu n a 2007 rity © November 2007 62 - SMTP 8 99 - Things in Life 8 DeepSec Conference © November 2007 Open / Unauthorised Relays UBE/UCE still a big problem Malware packed into email Spam D 7 eep MTA needs to verify source of email L ayers o Any open relay will be misused Sec Disrupt email delivery Vien Put IP range(s) on RBLs f I n secu Risk: medium n a 2007 Impact: high rity © November 2007 62 - SMTP 9 Most MTAs are equipped with anti-spam and anti-virus filters. This is no safeguard against open relaying of malware or email messages. A lot of servers have satellite MTAs installed that act only as a collector for locally generated email. Usually the central mail hub gets all messages and delivers them. The mail filters are not equally strong and so a satellite MTA may inject malformed messages, thus discrediting the central MTA when the emails leave the network. ISPs often suffer from this effect, because they have to relay mail from their customers. The same can happen to a LAN where the outbound MTA trusts every client. DMZs usually have their share of web servers that might act as HTTP-to-SMTP gateway and also feed the central MTA with malware or spam emails. Mitigation: • Tightly configure access rules for all of your MTAs. • Inspect internal email as you would inspect external email messages. • Use multiple outbound relays and use them for specific classes of email. 99 - Things in Life 9 DeepSec Conference © November 2007 SMTP EHLO/HELO Pipe Bombs Imagine you inspect HELO strings Your logs look like this someday 2007-…rblsmtp: 43 EHLO “|http://a.b.cc/cgi/put.cgi” D 7 eep 2007-…rblsmtp: 43 HELO “|http://a.b.cc/cgi/put.cgi” L ayers o Scripting security also applies to MTAs! Sec Risk: medium Vien Impact: high f I n secu n a 2007 rity © November 2007 62 - SMTP 10 Mitigation: • Be careful with MTA functionality augmented by plugins. • Limit MTA software on server (access controls, privileges). • Do security checks with all your filtering systems (collections of malformed email can be generated and are available). 99 - Things in Life 10 DeepSec Conference © November 2007 SMTP VRFY SMTP VRFY tests email addresses Existing accounts will be confirmed (Ab)use for reconnaissance D 7 eep Some clients require VRFY L ayers o MTAs may allow VRFY without announcement Sec Risk: medium Vien Impact: medium f I n secu n a 2007 rity © November 2007 62 - SMTP 11 Account/address enumeration is a tool routinely used by attackers. SMTP is one way of getting hold of verified information, harvesting LDAP trees is another. Mitigation: • Disable VRFY if possible. • Disable the EXPN command (allows listing of mailing list subscribers). • Limit SMTP connection and disconnect after n invalid commands or errors. • Deploy SMTP greylisting and rate limiting at your border MTAs. 99 - Things in Life 11 DeepSec Conference © November 2007 SMTP Authentication Protocol offers no authentication Sender/recipient is arbitrary Mail relaying must be tightly controlled D 7 eep MITM attacks can be easily done L ayers o Spoofing of messages very easy Sec Vien f I n secu n a 2007 rity © November 2007 62 - SMTP 12 99 - Things in Life 12 DeepSec Conference © November 2007 SMTP AUTH ESMTP offers authentication Used for MUA→MTA / MTA→MTA Email addresses stay unauthenticated D 7 eep Reduces open relay problem L ayers o Lost/brute-forced password critical Sec Useful for mobile users Vien Most MTA support SASL mechanisms f I n secu n a 2007 rity © November 2007 62 - SMTP 13 99 - Things in Life 13 DeepSec Conference © November 2007 SMTP + SSL/TLS Works with keys & certificates Provides everything that SSL/TLS promises MTAs usually have no trust relationship D 7 eep Self-signed certificates L ayers o Certificates are next to never verified Sec MITM still possible Vien Risk: medium f I n secu Impact: medium n a 2007 rity © November 2007 62 - SMTP 14 Most MTAs can be configured to deny unencrypted SMTP sessions. However this breaks the SMTP specification and thus can only used for clients and networks under your control. Mitigation: • Use certificate verification on a dedicated TLS-only MTA for roaming users. • Use VPN technology to bring roaming users to your MTA. 99 - Things in Life 14 DeepSec Conference © November 2007 Anti-Spam Frameworks Enhanced Complexity as Security Measure. D 7 eep L ayers o Sec Vien f I n secu n a 2007 rity © November 2007 62 - SMTP 15 99 - Things in Life 15 DeepSec Conference © November 2007 Domain Keys Adds header with signature Signed content of message Signature linked to domain name D 7 eep Cryptographic checksums per message L ayers o In-transit modification breaks checks Sec Mailing list managers Vien Content filter f I n secu Envelope not part of signature n a 2007 Replay injection possible rity © November 2007 62 - SMTP 16 Domain Keys should always be used as a component in a layered security design. Use it in combination with VPN technologies, SSL/TLS, authentication and verified configurations of MUAs/MTAs. The DomainKeys Identified Mail (DKIM) web site has more information on implementation and deployment. 99 - Things in Life 16 DeepSec Conference © November 2007 Domain Keys & DNS DomainKey-Signature header has fields: …d=example.net; s=dkim.key;… PK lookup: dkim.key._domainkey.example.net D 7 eep DNS security determines DKIM security L ayers o DNS attacks apply as well Sec Attacker may try to offer own key Vien f I n secu n a 2007 rity © November 2007 62 - SMTP 17 99 - Things in Life 17 DeepSec Conference © November 2007 Sender Policy Framework (SPF) Based on published policies in DNS Domains name valid email origins Domains name default trust level D 7 eep SPF works in SMTP dialogue L ayers o Early blocking possible Sec SPF completely breaks email forwarding Vien Message must be rewritten f I n secu Sender Rewriting Scheme (SRS) n a 2007 rity © November 2007 62 - SMTP 18 The details of implementation and protocol specifics can be found on the OpenSPF web site. 99 - Things in Life 18 DeepSec Conference © November 2007 Real Time Blacklisting (RBL) RBL are simply based on lists Distribution by DNS is common Listing may have arbitrary parameters D 7 eep Most RBLs are based on reputation L ayers o Metrics help measurement Sec Scores can change dynamically Vien Using any RBL outsources access lists f I n secu n a 2007 rity © November 2007 62 - SMTP 19 99 - Things in Life 19 DeepSec Conference © November 2007 Chapter 62 Simple Mail Transfer Protocol Summary . SMTP needs protection. . SMTP relies on DNS infrastructure. D 7 eep . SMTP + SSL/TLS isn't necessarily safe. L ayers o . SMTP servers on RBL are useless. Sec . Pick RBLs carefully. Vien f I n secu n a 2007 rity © November 2007 62 - SMTP 20 99 - Things in Life 20 DeepSec Conference © November 2007 Thank You Questions? D 7 eep L ayers o Sec Vien f I n secu n a 2007 rity © November 2007 62 - SMTP 21 99 - Things in Life 21