Re: [cobalt-users] SMTP hole maybe - any ideas

[David Lucas <david@xxxxxxxxxxxxxxxx>]

At 09:32 AM 6/5/2003, you wrote:
> Ian wrote:
>
> > Came across what seems like a weird exploit, which I am not sure is 
> across all, or just
> > generic to us.
>
> I guess I'm a bit myopic, so far what you've explained doesn't sound
> like an exploit.
>
> > If we send an email to an email address that is located on our raq3 and 
> send it from
> > another email address that is also on the same raq3, then it is relayed 
> without any
> > prevention what so ever and without any POP3 account being polled as 
> per the pop b4 smtp
> > system.
>
> I'm not sure what you mean.  You say you're using the server to send to
> an email address on the same server?  That's not relaying; that's local
> delivery.

this means like ip address 127.0.0.1 (local host)

> > It seems that if a person knows of domains on a server, they could send 
> emails purporting
> > to come from other users on the ssame server without any problem what 
> so ever.
>
> Anyone can connect to your mail server to send mail to accounts on your
> server.  If they couldn't then your server couldn't receive email from
> anyone.

This means like an ip address other than 127.0.0.1

> Jeff
> --
> Jeff Lasman, nobaloney.net, P. O. Box 52672, Riverside, CA  92517 US
> Internet & Unix/Linux/Sun/Cobalt Consulting +1 909 778-9980
> Our jblists address used on lists is for list email only
> To contact us offlist: "http://www.nobaloney.net/contactus.html";
>
> _____________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To subscribe/unsubscribe, or to SEARCH THE ARCHIVES, go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.



--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.