>I don't know if this has been noted before, Imail 7.03 appears to have a
>vulnerability allowing anyone to relay through a backup MX host. This
>happens with the syntax: [EMAIL PROTECTED] where munged.com is
>a local domain, and external.com is a domain we should not be relaying
>for.
FYI, we have just added a test to Declude that will check for this. If
enabled, the test will catch any E-mail with a '%' sign in it. Such E-mail
can be quarantined or deleted, blocking the hole, and preventing listing in
ORBZ et al.
-Scott
---
Declude: Anti-virus, Anti-spam and Anti-hijacking solutions for
IMail. http://www.declude.com
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
