HADES Attack: Understanding and Evaluating Manipulation Risks of Email Blocklists
Ruixuan Li
Network and Distributed System Security (NDSS) Symposium 2025 · Day 2 · Email Security
In the realm of cybersecurity, email remains a critical communication channel, and its integrity is constantly under threat from spam and malicious actors. To combat this, **DNS-based Blocklists (DNSBLs)** serve as a cornerstone defense mechanism, aggregating intelligence on abusive email servers and domains. However, the talk "HADES Attack: Understanding and Evaluating Manipulation Risks of Email Blocklists" by Ruixuan Li from Siha University unveils a significant vulnerability in this system. The presentation introduces the **Hades attack**, a novel method by which attackers can maliciously inject legitimate email servers and domains into these blocklists, severely disrupting email deliverability and potentially leading to the deletion of victim domains by registries.
AI review
Solid, original systems-security research that attacks a component of email infrastructure almost nobody thinks to attack — the defenders' own sensors. The threat model is realistic, the methodology is rigorous, and the domain-deletion consequence elevates this well above a standard spam-filter paper.