All Collections
Other Resources
How to prevent SMTP smuggling to your Cisco Secure Email solution?
How to prevent SMTP smuggling to your Cisco Secure Email solution?

Here is the recommended Setting to choose for your Listener on your Cisco Secure Email (Cloud) solution, to prevent SMTP smuggling attacks.

Ivan Kovachev avatar
Written by Ivan Kovachev
Updated over a week ago

There is a novel email spoofing method called SMTP smuggling, which essentially exploits the fact that different SMTP servers interpret the end of data sequence (<CR><LF>.<CR><LF>) differently. This creates the opportunity to send/receive spoofed emails.
โ€‹
Cisco's Secure Email solution by default uses a Setting which can make you vulnerable to the above attack. However, the good news is that this setting can be changed.
โ€‹
When creating a Listener, we recommend that you change the CR and LF Handling to "Allow", instead of the vulnerable default setting of "Clean" by editing your Listener Settings.

Did this answer your question?