Of Randal, Phil
Sent: Friday, December 19, 2003 2:14 AM
To: Exchange Discussions
Subject: RE: Open Relay/Spamcop
strong passwords = post-it(tm) notes on monitors = weak passwords ;-)
Merry Christmas everyone,
Phil
-
Phil Randal
Network Engineer
Subject: RE: Open Relay/Spamcop
And...
Rest assured that this topic has been discussed by us vendor whores.
Ed Crowley MCSE+Internet MVP
Freelance E-Mail Philosopher
Protecting the world from PSTs and Bricked Backups!T
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL
] Behalf Of Ed Crowley
[MVP]
Sent: 18 December 2003 21:32
To: Exchange Discussions
Subject: RE: Open Relay/Spamcop
Strong passwords mean much more than forced changes.
Ed Crowley MCSE+Internet MVP
Freelance E-Mail Philosopher
Protecting the world from PSTs and Bricked Backups!T
The Exchange 2000 server is behind a NAT and I have looked into the
possibility of this. I have been out on the spamcop site and for the
life of me cannot find a way to make them check the server again to see
if it is closed relay like ORDB does.
Any ideas or comments
http://www.sbsfaq.com/
Hello All and Happy Holidays!
I have a colleague whos Exchange 2000 server is being reported as Open
Relay by spamcop for the past month. I have tested his relay by setting
up a POP account in Outlook, putting the server that is being reported
as Open relay as my Outgoing SMTP server.
When I
December 2003 15:59
To: Exchange Discussions
Subject: Open Relay/Spamcop
Hello All and Happy Holidays!
I have a colleague whos Exchange 2000 server is being reported as Open
Relay by spamcop for the past month. I have tested his relay
by setting
up a POP account in Outlook, putting
]
Sent: Thursday, December 18, 2003 11:17 AM
To: Exchange Discussions
Subject: Re: Open Relay/Spamcop
This may or may not be the problem, but I have seen spammers able to
relay off an Exchange server if the following configuration applies:
1. If Anonymous access is turned on. SMTP Virtual Server
computers which successfully
authenticate to relay, regardless of the list above. and that stopped
it ...
Mike
-Original Message-
From: Greg Deckler [mailto:[EMAIL PROTECTED]
Sent: Thursday, December 18, 2003 11:17 AM
To: Exchange Discussions
Subject: Re: Open Relay/Spamcop
[mailto:[EMAIL PROTECTED]
Posted At: Thursday, December 18, 2003 11:23 AM
Posted To: Exchange (Swynk)
Conversation: Open Relay/Spamcop
Subject: RE: Open Relay/Spamcop
I concur with greg ... our server had those settings and we were being
used as a relay ... turned off Allow all computers which
Network Engineer
Gardner White
(317) 581-1580 ext 418
-Original Message-
From: Greg Deckler [mailto:[EMAIL PROTECTED]
Posted At: Thursday, December 18, 2003 11:37 AM
Posted To: Exchange (Swynk)
Conversation: Open Relay/Spamcop
Subject: RE: Open Relay/Spamcop
Hey, thanks
Winzenz
Network Engineer
Gardner White
(317) 581-1580 ext 418
-Original Message-
From: Ben Winzenz
Posted At: Thursday, December 18, 2003 11:48 AM
Posted To: Exchange (Swynk)
Conversation: Open Relay/Spamcop
Subject: RE: Open Relay/Spamcop
I still think you are smoking crack
:[EMAIL PROTECTED]
Sent: Thursday, December 18, 2003 10:48 AM
To: Exchange Discussions
Subject: RE: Open Relay/Spamcop
I still think you are smoking crack on this, Greg. I have never seen a
properly configured Exchange 2000 server relay UNLESS a user account was
compromised, or the guest account
What do you get when you telnet into the server and try to send mail to a
bogus address?
Hello All and Happy Holidays!
=20
I have a colleague whos Exchange 2000 server is being reported as
Open
Relay by spamcop for the past month. I have tested his relay by=20
setting up a
/Spamcop
Subject: RE: Open Relay/Spamcop
I still think you are smoking crack on this, Greg. I have never seen a
properly configured Exchange 2000 server relay UNLESS a user account was
compromised, or the guest account was enabled. I've tested it and
tested again, and never found Exchange
under the user ID backup?
Dictionary password attack. Spammers have lots of patience.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Greg Deckler
Sent: Thursday, December 18, 2003 12:11 PM
To: Exchange Discussions
Subject: RE: Open Relay/Spamcop
This may
in.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ben Winzenz
Sent: Thursday, December 18, 2003 11:51 AM
To: Exchange Discussions
Subject: RE: Open Relay/Spamcop
However, I would welcome any information that proves me otherwise. i.e.
configure these settings
a complex password in 3 tries :-)
Ben Winzenz
Network Engineer
Gardner White
(317) 581-1580 ext 418
-Original Message-
From: Ken Cornetet [mailto:[EMAIL PROTECTED]
Posted At: Thursday, December 18, 2003 12:18 PM
Posted To: Exchange (Swynk)
Conversation: Open Relay/Spamcop
Subject: RE
(Swynk)
Conversation: Open Relay/Spamcop
Subject: RE: Open Relay/Spamcop
I seem to recall that there was a bug (fixed in sp3 maybe?) where if an
SMTP packet had a forged source address of 127.0.0.1, SMTP would relay
it regardless of relay settings.
I may be misremembering the details.
Also, no even
.
--
Roger D. Seielstad - MTS MCSE MS-MVP
Sr. Systems Administrator
Inovis Inc.
-Original Message-
From: Bridges, Samantha [mailto:[EMAIL PROTECTED]
Sent: Thursday, December 18, 2003 10:59 AM
To: Exchange Discussions
Subject: Open Relay/Spamcop
Hello All and Happy Holidays
Seielstad
Sent: 18 December 2003 17:50
To: Exchange Discussions
Subject: RE: Open Relay/Spamcop
One of the reasons I like SpamCop (and actually use it
myself) is because
you can look up the actual reason a box is on the list:
http://www.spamcop.net/bl.shtml
Put the IP address
: Randal, Phil [mailto:[EMAIL PROTECTED]
Sent: Thursday, December 18, 2003 12:52 PM
To: Exchange Discussions
Subject: RE: Open Relay/Spamcop
Looking at http://openrbl.org/#dodgy ip address is also
very revealing.
Cheers,
Phil
-
Phil
Uhm A ham sandwich?
Maybe a limp fish?
-Original Message-
From: Candee Vaglica [mailto:[EMAIL PROTECTED]
Sent: Thursday, December 18, 2003 11:59 AM
To: Exchange Discussions
Subject: RE: Open Relay/Spamcop
What do you get when you telnet into the server and try to send mail
PROTECTED]
Sent: Thursday, December 18, 2003 12:18 PM
To: Exchange Discussions
Subject: RE: Open Relay/Spamcop
Exchange WILL relay for authenticated users (by default), and it doesn't
have to be the guest account (though that is a common attack).
Have you left your Administrator account named
from outside our closed user
group; but they must use their ISP's SMTP relay for sending mail or use
OWA ...
Mike
-Original Message-
From: Ken Cornetet [mailto:[EMAIL PROTECTED]
Sent: Thursday, December 18, 2003 12:18 PM
To: Exchange Discussions
Subject: RE: Open Relay/Spamcop
Me thinks thou dost protest t much!!! :-)
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Greg Deckler
Posted At: Thursday, December 18, 2003 1:19 PM
Posted To: Exchange Discussion
Conversation: Open Relay/Spamcop
Subject: RE: Open Relay/Spamcop
[mailto:[EMAIL PROTECTED]
Sent: Thursday, December 18, 2003 11:23 AM
To: Exchange Discussions
Subject: RE: Open Relay/Spamcop
I concur with greg ... our server had those settings and we were being
used as a relay ... turned off Allow all computers which successfully
authenticate to relay, regardless
, 2003 11:49 AM
To: Exchange Discussions
Subject: RE: Open Relay/Spamcop
I agree with Ben. My Exchange 2000 box at my last company was setup to
allow realaying after sucessfuly authentication because I had POP3
clients
at other offices that had no other SMTP gateway. Disabling the Guest
account
: Open Relay/Spamcop
I'm right there with you on this one. Since I do not know for an absolute
FACT one way or the other it may indeed be the case that a guest account was
used or that an account was compromised.
And God forbid that I even merely hint or suggest that this is a problem
with Microsoft's
Anonymous Access, expect to never receive any mail
from the Internet.
-Original Message-
From: Greg Deckler [mailto:[EMAIL PROTECTED]
Sent: Thursday, December 18, 2003 2:19 PM
To: Exchange Discussions
Subject: RE: Open Relay/Spamcop
I'm right there with you on this one. Since I do not know
] On Behalf Of Greg Deckler
Sent: Thursday, December 18, 2003 8:37 AM
To: Exchange Discussions
Subject: RE: Open Relay/Spamcop
Hey, thanks for the confirmation. People have told me that I am smoking
crack and that the Exchange servers were horribly misconfigured. It's nice
to know that I am
, 2003 8:49 AM
To: Exchange Discussions
Subject: RE: Open Relay/Spamcop
I agree with Ben. My Exchange 2000 box at my last company was setup to
allow realaying after sucessfuly authentication because I had POP3 clients
at other offices that had no other SMTP gateway. Disabling the Guest
account
Subject: RE: Open Relay/Spamcop
However, I would welcome any information that proves me otherwise. i.e.
configure these settings, with the guest account disabled, and prove that it
actually will relay - not authenticated relay, that doesn't count. If it is
authenticated relay, it is because
: Thursday, December 18, 2003 11:19 AM
To: Exchange Discussions
Subject: RE: Open Relay/Spamcop
I'm right there with you on this one. Since I do not know for an absolute
FACT one way or the other it may indeed be the case that a guest account was
used or that an account was compromised.
And God forbid
Discussions
Subject: RE: Open Relay/Spamcop
Rest assured that this topic has been discussed by us vendor whores.
Ed Crowley MCSE+Internet MVP
Freelance E-Mail Philosopher
Protecting the world from PSTs and Bricked Backups!T
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED
PM
To: Exchange Discussions
Subject: RE: Open Relay/Spamcop
talking dirty like that just gets me pumped up for the weekend ... yum ...
thanks for all the input (all puns intended that relate to vendor
whores)
Mike
-Original Message-
From: Ed Crowley [MVP] [mailto:[EMAIL PROTECTED
Deckler
Sent: Thursday, December 18, 2003 11:19 AM
To: Exchange Discussions
Subject: RE: Open Relay/Spamcop
_
List posting FAQ: http://www.swinc.com/resource/exch_faq.htm
Web Interface:
http://intm-dl.sparklist.com/cgi-bin
36 matches
Mail list logo
