[Dshield] New Relay Exploit?
cbrenton at chrisbrenton.org
Tue Jan 6 23:11:06 GMT 2004
On Tue, 2004-01-06 at 17:27, Sue Young wrote:
> In the past few days, someone has been able to relay through my site, even
> though whenever I test it from the abuse.net website, relaying
> seems to be blocked correctly.
Based on your e-mail headers, it looks like you are running Exchange
5.5. There is a known bug with the SMTP MTA that allows people to spam
mail through your server. I believe it has to do with the guest account.
I also seem to remember its something that MS can't/will not fix so you
need to put an SMTP relay in front of the box to lock it down.
A Google search should give you more answers.
Have a nice day,
More information about the list