email spoofing

Alex Neuman alex at nkpanama.com
Thu Jun 14 15:10:08 IST 2007



Rob Sterenborg wrote:
>>> When I telnet port 25 in some sendmail servers (all  I tried) also
>>> postfix and even ms exchange I can send mails with no authentication
>>> (using smtp commands), all the cases internal mails but also can
>>> relay to external accounts. In both cases I can send mails via mail
>>> client (outlook, Eudora etc.) just defining the account and leaving
>>> blank the password field, even if I have to authenticate the users
>>> in order to send email. 
>>>       
>
> As said, internal IP's indeed usually bypass smtp-auth. In fact, you
> shouldn't even need to specify a user/pass to send email via the MTA.
>
>   
Indeed usually because admins set it up that way. Sendmail, for example, 
only whitelists localhost and 127.0.0.1 by default.
> External IP's should use smtp-auth with a valid user/pass (although res
> thinks it's not worth it: well, maybe in his case it isn't). If you can
> relay email from an external IP with only a valid user and no pass, then
> I think your MTA is misconfigured and you should look at it's
> configuration.
>
>
> --
> Rob
>   


More information about the MailScanner mailing list