Re: Roll up of facts: FW: Exchange SMTP Hole?
From: Thor (thor_at_hammerofgod.com)
Date: 11/12/03
- Previous message: Jorge Alejandro Olivo Ramirez: "Re: FTP server security."
- In reply to: Tom Burns: "Roll up of facts: FW: Exchange SMTP Hole?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "Tom Burns" <tburns@torcausa.com>, <focus-ms@securityfocus.com> Date: Wed, 12 Nov 2003 09:01:35 -0800
>Only relay taking place is address with <"email@address.com">
>
>ISA firewall.
New item here... How is ISA configured? Are you using message screener
(thus requiring another SMTP service somewhere)? Are you using the SMTP
filter? You are using SMTP publishing?
The best thing to do here is get a packet capture-- with the number of
emails you are talking about, it should be very easy to identify if this is
indeed an AUTH issue, though you have stated it is not configured that way.
How about dump some packets and post- or at least turn on logging on the
SMTP virt server and add methods to the logs...
T
---------------------------------------------------------------------------
Network with over 10,000 of the brightest minds in information security
at the largest, most highly-anticipated industry event of the year.
Don't miss RSA Conference 2004! Choose from over 200 class sessions and
see demos from more than 250 industry vendors. If your job touches
security, you need to be here. Learn more or register at
http://www.securityfocus.com/sponsor/RSA_focus-ms_031027
and use priority code SF4.
---------------------------------------------------------------------------
- Previous message: Jorge Alejandro Olivo Ramirez: "Re: FTP server security."
- In reply to: Tom Burns: "Roll up of facts: FW: Exchange SMTP Hole?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
