TURN requires the server and clinet reverse their roles. not only this may
introduce
some security problems (though this depends on the implementation), but this
is
somewhat an "overengineering". This command is really unneeded. It suffices
to close th connection
and start another one (now, from the was-server to the was-client). this is
still more "optimal"
than a widely used protocol such HTTP (I agree this is a stupid protocol,
but heh, standards are standards.
you only have the choice to suffer...).
EHLO is simply the ESMTP version of HELO. when a client ses EHLO, the server
switches to ESMTP
if it is supported. so there is no problem with EHLO itself.
there may be some consideratios regarding some SMTP extensions:
- SIZE allows a client to "prevent" the server of the size of the message.
The server then
will check if it acceppts that size. since generally, this depends on the
free disk space, some
people refuse to give the information, and the y thus don't like the "size"
command.
however, an attacker could just send huge messages. he won'tbe able to know
your state, but he
doesn't need (just kep sending...)
- DSN requires that a delvery status notification be sent back to the
originator. the problem with
this is that an outbound message (which is generally ok) is a result of an
inbound action (which is
generally suspected). however, what DSN adds is "positive notification".
negative notification (message
not delivered) are already implemented in the old SMTP. so, an attacker can
generate those error messages
by sending mails to inexistent addresses. he can even use a false sender
address, and if some stupid
software is around, then you can end up flooding the network because of
errors to errors to errors...
- There's no problem with 8BITMIME (unless your mail user agent has a
related bug).
- AUTH is used for authentication and is not a problem in itself. note that
netscape
implementation is stupidly proprietary and does not follow SMTP extensions
guideline (what were they smoking?).
unless they corrected it....
anyway, AUTH is the kind of extension that failed to "excite" people (much
like the APOP ommand in POP).
once again, authentication is a complex framework, and things get worst with
relayed protocols such as SMTP.
....
regards,
mouss
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of
> [EMAIL PROTECTED]
> Sent: Tuesday, May 09, 2000 9:34 AM
> To: [EMAIL PROTECTED]
> Subject: SMTP Vulnerabilities
>
>
>
> Hi,
>
> Anyone can help in Email_Ehlo and Email_Turn possible vulnerabilities?
>
> Thanks,
> Alan Cho
>
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
