email spoofing
Rob Sterenborg
R.Sterenborg at netsourcing.nl
Thu Jun 14 06:43:40 IST 2007
>> When I telnet port 25 in some sendmail servers (all I tried) also
>> postfix and even ms exchange I can send mails with no authentication
>> (using smtp commands), all the cases internal mails but also can
>> relay to external accounts. In both cases I can send mails via mail
>> client (outlook, Eudora etc.) just defining the account and leaving
>> blank the password field, even if I have to authenticate the users
>> in order to send email.
As said, internal IP's indeed usually bypass smtp-auth. In fact, you
shouldn't even need to specify a user/pass to send email via the MTA.
External IP's should use smtp-auth with a valid user/pass (although res
thinks it's not worth it: well, maybe in his case it isn't). If you can
relay email from an external IP with only a valid user and no pass, then
I think your MTA is misconfigured and you should look at it's
configuration.
--
Rob
More information about the MailScanner
mailing list