From: Joe_Wulf (Joe_Wulf@yahoo.com)
Date: Thu Apr 14 2005 - 09:58:45 EDT
Depends on the type you are doing. Check out 'qmail' and 'exim'.
They definately have configurable options to allow/prevent, thus
manage exactly what you are talking about. You didn't mention
the type of mail server you are testing---that might have helped.
R,
-Joe Wulf, CISSP
ProSync Technology Group, LLC
www.prosync.com
Senior IA Engineer
-----Original Message-----
From: Marc Davison [mailto:m_davison@talk21.com]
Sent: Wednesday, April 13, 2005 17:45
To: pen-test@securityfocus.com
Subject: Mail Server problem / query
Hi all, I hope you can help with this. I have been testing a server for
open-relay and found that I could connect from an external machine and send
mails using a MAIL FROM (the local domain) and a RCPT TO (the local domain) -
now this may seem fine as internal users will need to send mail to other
internal users but my query is whether there are mail servers which can be
configured to recognise that the connection was an external address and
therefore that the MAIL FROM address was invalid. eg I can send a mail from the
CEO of the company to his own secretary asking her to copy his hotmail address
on all future mails and to the secretary, this mail seems perfectly valid yet me
(prospective attacker) outside the comapany may now receive loads of sensitive
mails (assuming the secretary is the type who doesn't like to query things and
ask questions) - thanks in advance.
Send instant messages to your online friends http://uk.messenger.yahoo.com
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:19 EDT