RE: Exchange SMTP Hole?

From: Gary Everekyan (geverekyan_at_univision.net)
Date: 11/13/03

  • Next message: Michael D. Lowe: "RE: AD structure for a school environment"
    Date: Thu, 13 Nov 2003 14:39:43 -0500
    To: <tburns@torcausa.com>
    
    

    I had good experience with MXTreme and Trend to protect Exchange from
    outside.
    Either way you will get better logging and control if you do decide to
    insert a non MS product for SMTP security.
    You will also get some spam control from these units.

    Regards,
     
    Gary Everekyan
    CISSP, CISM, MCSE, MCT
    Information Security Manager
    Security and Audit
     

    -----Original Message-----
    From: Tom Burns [mailto:tburns@torcausa.com]
    Sent: Tuesday, November 11, 2003 3:00 PM
    To: focus-ms@securityfocus.com
    Subject: Exchange SMTP Hole?

    Good morning all,

    I have an exchange server that's been running for quite some time (over
    a year) and had it locked down to prevent relay (spam). It is patched
    all the way up to 3a.

    I checked my queues yesterday and got slammed by spam relaying.

    Is there a security hole that MS does not know about yet in SMTP?????

    The only way I resolved this was to block connection from 219.x.x.x,
    218.x.x.x, 211.x.x.x, etc.

    This server has been testing aginst ORDB.ORG and shown to NOT be an open
    relay.

    If anyone has any suggestions, please let me know.

    Thomas A. Burns
    System Administrator
    Torca Products Inc.
    Auburn Hills, MI 48326
    248-373-8300 x186

    The information contained in this e-mail and any attached documents
    may be privileged, confidential and protected from disclosure. If you
    are not the intended recipient you may not read, copy, distribute or
    use this information. If you have received this communication in
    error, please notify the sender immediately by replying to this
    message and then delete it from your system.

    ---------------------------------------------------------------------------
    Network with over 10,000 of the brightest minds in information security
    at the largest, most highly-anticipated industry event of the year.
    Don't miss RSA Conference 2004! Choose from over 200 class sessions and
    see demos from more than 250 industry vendors. If your job touches
    security, you need to be here. Learn more or register at
    http://www.securityfocus.com/sponsor/RSA_focus-ms_031027
    and use priority code SF4.
    ---------------------------------------------------------------------------


  • Next message: Michael D. Lowe: "RE: AD structure for a school environment"

    Relevant Pages

    • Re: No Wonder Kodak Went Broke ...
      ... Many emotions in general ... Many activities are without risk. ... security "experts" didn't supports my contention that the security experts ... I don't allow emotion to control my behavior. ...
      (rec.photo.digital)
    • [NEWS] HelixPlayer Based Players Format String
      ... Get your security news from a reliable source. ... media player for Linux, Solaris (versions for other operating systems are ... between 0x0822** - 0x082f** and with control of one pointer at a time ... $ An open security advisory #13 - RealPlayer and Helix Player Remote ...
      (Securiteam)
    • Re: why microsoft choose mfc rather than wtl?
      ... to lower security settings, etc. ... For a client to get ... the particular AX control is never accessed, shown, or downloaded. ... unethical to deliver an automobile to customers because it is possible ...
      (microsoft.public.vc.mfc)
    • A Way to Attack Nuclear Plants
      ... Industrial computer systems are typically far less secure than they ... officials in Iran confirmed that Stuxnet ... PLCs connect to, and control, devices ... security experts say. ...
      (sci.military.naval)
    • Re: Linux security
      ... that is in Windows NT-based systems out of the box. ... Why do you want that fine level of control? ... level of control over security?" ... a file system is a different beast altogether. ...
      (Ubuntu)