Introducing a novel technique for e-mail spoofing.\n\nSMTP, the Simple Mail Transfer Protocol, allows e-mailing since 1982. This easily makes it one of the oldest technologies amongst the Internet. However, even though it seems to have stood the test of time, there was still a trivial but novel exploitation technique just waiting to be discovered \u2013 SMTP smuggling!\nIn this talk, we\u2019ll explore how SMTP smuggling breaks the interpretation of the SMTP protocol in vulnerable server constellations worldwide, allowing some more than unwanted behavior. Sending e-mails as admin@microsoft.com to fortune 500 companies \u2013 while still passing SPF checks \u2013 will be the least of our problems!\nFrom identifying this novel technique to exploiting it in one of the most used e-mail services on the Internet, we\u2019ll dive into all the little details this attack has to offer. Therefore, in this talk, we\u2019ll embark on an expedition beyond the known limits of SMTP, and venture into the uncharted territories of SMTP smuggling!\nabout this event: https://events.ccc.de/congress/2023/hub/event/smtp_smuggling_spoofing_e-mails_worldwide/