email spoofing
Scott Silva
ssilva at sgvwater.com
Wed Jun 13 23:02:45 IST 2007
Ivan Arteaga spake the following on 6/13/2007 2:43 PM:
> Hello list,
>
>
>
> This is not exactly a MS related issue but mta related, anyway I’ll post
> it here and u guys let me know what to do..
>
> When I telnet port 25 in some sendmail servers (all I tried) also
> postfix and even ms exchange I can send mails with no authentication
> (using smtp commands), all the cases internal mails but also can relay
> to external accounts. In both cases I can send mails via mail client
> (outlook, Eudora etc.) just defining the account and leaving blank the
> password field, even if I have to authenticate the users in order to
> send email.
>
> Had anyone else see this kinda behavior? It is the default normal
> behavior or it is a bug? I will appreciate your comments.
>
are you trying this from an ip address on your network, or from outside?
Internal addresses on your subnet usually will bypass auth (at least in sendmail).
--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!
More information about the MailScanner
mailing list