[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] SMTP hole maybe - any ideas

Subject: RE: [cobalt-users] SMTP hole maybe - any ideas
From: "Dan Kriwitsky" <list1@xxxxxxxxxxxxxxxxxxxx>
Date: Wed Jun 4 06:01:01 2003
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

> Sorry guys allow me to try and explain a bit clearer, cos I 
> cant see that this is meant to be happening.
> 
> Lets say that I do not actually have anything to do with the 
> raq3 server. I do not have an account or any access rights on 
> the server.
> 
> I find out what domains are located on the server and then I 
> create an email account within my local copy of say outlook, 
> guessing what the smtp server for one of the domains might 
> be, not hard really, could be mail., smtp. or www. or I just 
> check the MX records for the domain to get it quicker.
> 
> I set my email address as anyname@xxxxxxxxxxxxxxxx for sender 
> and return address.
> 
> I then send an email using the raq3's smtp server ability to 
> 50 other domains on the same server, purporting to being the 
> company behind the domainonraq3.com.
> 
> The relaying of this email to 50 others on the same server is 
> not prevented, even though POP b4 SMTP is enabled. Admittedly 
> it will not allow the relaying to domains that are not on the 
> server, but will happily send on this email to the 50 or so 
> domains on the same server.

That's how email works. What they're using for a domain in their email
client is irrelevant. It will work the same if they set their reply to
bill@xxxxxxxxxxxxx, (unless you blocked that due to a recent worm).

> 
> Then, we have 50 very unhappy teddies who have supposably 
> received an email from someone we host, but no infact, it 
> came from someone know one knows masquarading as 
> domainonraq3.com, as they have managed to send an email 
> through the same server as the company hosts on.

It wouldn't matter who they masquerade as. Your server will still
deliver the email.


> 
> Surely this can not be right and the POP b4 SMTP should stop 
> this sort of thing from happening.

Then you wouldn't get email. How is your server supposed to tell the
difference between someone and someone's SMTP server sending mail?

> 
> Could really do with knowing how the rest of you overcome 
> this, cos surely it cant be left open like this...
> 

It's not open.
-- 
C2003 Dan Kriwitsky

Please reply to the list only. Off list replies are not read.

References:
- RE: [cobalt-users] SMTP hole maybe - any ideas
  - From: Ian

Prev by Date: RE: [cobalt-users] SMTP hole maybe - any ideas
Next by Date: RE: [cobalt-users] Raq4 - majordomo one-way mailing list
Previous by thread: Re: [cobalt-users] SMTP hole maybe - any ideas
Next by thread: Re: [cobalt-users] SMTP hole maybe - any ideas

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index