[OT] Sendmail open relay problem
Miguel Koren O'Brien de Lacy
miguelk at KONSULTEX.COM.BR
Tue Aug 10 15:20:37 IST 2004
<x-flowed>
Ugo;
Security Space gives good (meaning relatively good timing) email
warnings about Open WebMail. The last problem I had heard about, I
believe related to cross site scripting, was several months ago and I
upgraded our installation. I went in to check the Open WebMail site now
and there seems to be no new problem appart from normal bugs.
I would like to thank everybody for the time and ideas. I still don't
know what happened but with some tweaks I made I hope it doesn't happen
again. My suspect is pop-before-smtp which I hope to replace as soon as
possible.
Miguel
Ugo Bellavance wrote:
> Miguel Koren O'Brien de Lacy wrote:
>
>> James;
>>
>> What they had in common is that they said they were coming from my ip as
>> the relay. They were not from a null sender though and there was
>> variety, which made me think of a virus infected machine having gained
>> pop access.
>>
>> I use Openwebmail on this server. Would it be a valid theory that some
>> program in that package gets used to spam?
>>
> Did you check Openwebmail's web site for security advisory.
>
> -------------------------- MailScanner list ----------------------
> To leave, send leave mailscanner to jiscmail at jiscmail.ac.uk
> Before posting, please see the Most Asked Questions at
> http://www.mailscanner.biz/maq/ and the archives at
> http://www.jiscmail.ac.uk/lists/mailscanner.html
>
-------------------------- MailScanner list ----------------------
To leave, send leave mailscanner to jiscmail at jiscmail.ac.uk
Before posting, please see the Most Asked Questions at
http://www.mailscanner.biz/maq/ and the archives at
http://www.jiscmail.ac.uk/lists/mailscanner.html
</x-flowed>
More information about the MailScanner
mailing list