Hi All, I have an auditor who is telling me that allowing non-SMTP-AUTHd clients to use a valid local user in MAIL FROM: is a potential spoof, and a security vulnerability.
I just can't fathom how that is. As I understand it, MAIL FROM is only used for returning undeliverable mail. So, yes, I'm sure we've all been joe-jobbed, but he's talking about on my own server. Since I'm using tcpserver, I really have total control over what would be a 'local joe-job'. Supposedly it'll be in the pen-test report, but I haven't even been given a theoretical on how this is an issue. Can anyone else come up with one? Rick
