[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] SMTP hole maybe - any ideas

Subject: RE: [cobalt-users] SMTP hole maybe - any ideas
From: "Ian" <ian@xxxxxxxxxxxxxxxxxxxx>
Date: Wed Jun 4 04:00:01 2003
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

> yes, this is correct.
> fetchmail (the program that is used to get the mail from the pop3-account)
> feeds the received mails to the local smtp mailer. To be able to deliver the
> mails the local smtp mailer needs to know how to reach the recipients. This
> pop3-polling is meant for people behind dialin lines who are not constantly
> online (a smtp server that receives mail and therefore is mentioned in a dns
> entry needs to be online 24h a day). Because your raq3 determindes that the
> recipient is "local" it doesn't need to send the mail to another server (it
> even doesn't know there is another one - at least the smtp-server). For your
> server there is noone else responsible for the local domains. the
> pop3-fetchmail is merely a hack to get around the quirks of not having a
> leased line and therefore trick the smtp server.
>
> Unless you did some nifty things with packet filters or alike your server
> will therefore be able to receive mails sent to him per smtp and honour the
> relay rules that are configured (basically: if you know either the sender or
> the recipient relay mail - sender is normally not determined by email
> address).
>
> > It seems that if a person knows of domains on a server, they could send
> > emails purporting to come from other users on the ssame server without any
> > problem what so ever.
>
> That's how it works everywhere - as long as the server determines that he is
> responsible for the recipients he will not care about the sender and the
> sender may be forged as well. You want to tell sendmail not to accept
> smtp-connections from other hosts except localhost to prevent that from
> happening (no, sorry, I don't know how to achieve this on a raq/qube - my
> raq2's run with netbsd) but this would prevent you from using your raq3 for
> sending mail from your office as well.

It seems unbelievable that this can happen to be honest. With this scenario it would
surely mean that the servers own SMTP server can be used to send spam mail to people on
that server with no method of tracing the culprits normal mail route.

i.e. they look for company that provides hosting that in some cases they list a large
number of there clients, for which that spammer then picks a domain as its sending email
address and then sends loads of spam to the other domains, in that first domains name in
effect. Surely cant be right....

Any one else got any ideas of stopping this...

Thanks

Mac

Follow-Ups:
- Re: [cobalt-users] SMTP hole maybe - any ideas
  - From: Andreas Banze

References:
- Re: [cobalt-users] SMTP hole maybe - any ideas
  - From: Andreas Banze

Prev by Date: Re: [cobalt-users] Raq4 - majordomo one-way mailing list
Next by Date: Re: [cobalt-users] SMTP hole maybe - any ideas
Previous by thread: Re: [cobalt-users] SMTP hole maybe - any ideas
Next by thread: Re: [cobalt-users] SMTP hole maybe - any ideas

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index