Monday, January 27, 2003 you wrote: MG> If I understand right a problem can ocur if one of our clients MG> mailservers (most of them exchange servers) become a open relay because MG> the admin has changed something. If this server has set our Imail-Server MG> as smarthost and uses SMTP-Auth to deliver the messages a "percent hack" MG> can use our server to relay.
Generally, I don't think this is a valid example because your server is a smart host and it is going to relay for these servers period. So anything coming from the servers is being relayed. The case where this is a vulnerability has rather specific requirements: 1) The first server has to accept messages for a 2nd domain such as a backup mail server might do for a primary. 2) The 2nd domain mail server must relay for the first server So it is only where those 2 conditions exist that this is a vulnerability. The solution is: 1) do not allow IMAIL to relay for its backups 2) or do not allow any server that can relay to be a backup 3) use Declude and the PERCENT test As has been discussed this is fortunately not a vulnerability that is used by spammers. So the exposure is really in becoming blacklisted. Terry Fritts --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
