SpamFilter ISP Creats OPEN RELAY????!!! |
Post Reply 
|
| Author | |
chinabee 
Groupie 
Joined: 07 February 2005 Status: Offline Points: 50 |
 Post Options
 Thanks(0)
 Quote Reply
 Topic: SpamFilter ISP Creats OPEN RELAY????!!!Posted: 08 September 2003 at 12:04pm |
|
Just found this out. Anybody can use the SpamFilter ISP as a reply to send emails to anybody in my domain. Of course, I did this from outside of my network. I didn't have to fake FROM address. I can use abc@yahoo.com and send emails to anybody in my domain. Of course, I can't really send email to anybody outside of my domain. HELP!!! OPEN RELAY TEST Connecting to 61.46.23.174 for anonymous test ... <<< 220 mail.mycompany.com Welcome to LogSat's Software ESMTP Server v1.2.0.178>>> HELO http://www.abuse.net Relay test 1>>> RSET |
|
 |
|
|
LogSat
Admin Group 
Joined: 25 January 2005 Location: United States Status: Offline Points: 4104 |
Post Options
Thanks(0)
Quote Reply
Posted: 08 September 2003 at 1:13pm |
|
SpamFilter is supposed to allow anyone on the outside send emails to your internal users. If it weren't like that, nobody would ever be able to send you email... The problem would be if external users were able to use your server to then bounce (send) email to servers other than yours. That would mean you are an open relay. But if they are simply sending email to your users, that is absolutely not being an open relay, it is simply how email works. Roberto F. ==== Just found this out. Anybody can use the SpamFilter ISP as a reply to send emails to anybody in my domain. Of course, I did this from outside of my network. I didn't have to fake FROM address. I can use abc@yahoo.com and send emails to anybody in my domain. > Of course, I can't really send email to anybody outside of my domain. HELP!!! |
|
|
|
|
chinabee
Groupie
Joined: 07 February 2005 Status: Offline Points: 50 |
Post Options
Thanks(0)
Quote Reply
Posted: 08 September 2003 at 1:20pm |
|
That means anybody can use my IP as their outgoing SMTP server and send emails to me?
|
|
|
|
|
LogSat
Admin Group
Joined: 25 January 2005 Location: United States Status: Offline Points: 4104 |
Post Options
Thanks(0)
Quote Reply
Posted: 08 September 2003 at 1:36pm |
|
Absoutely. If it weren't so, the other SMTP servers would never be able to send you emails... Email clients and SMTP servers "talk" the same way to your incoming SMTP server (the one you MX record points to). If they were not able to send your users emails then you would never receive anything... Roberto F. ========= |
|
|
|
|
chinabee
Groupie
Joined: 07 February 2005 Status: Offline Points: 50 |
Post Options
Thanks(0)
Quote Reply
Posted: 08 September 2003 at 2:24pm |
|
I kind of understand this now. How can I prevent others from SPAM me then? Can people just use my SMTP server as their Outgoing SMTP server and start spamming me? |
|
|
|
|
BillStewart
Newbie 
Joined: 28 January 2005 Status: Offline Points: 29 |
Post Options
Thanks(0)
Quote Reply
Posted: 08 September 2003 at 3:35pm |
|
|
|
|
|
George
Guest Group 
|
Post Options
Thanks(0)
Quote Reply
Posted: 08 September 2003 at 10:30pm |
|
First off your outgoing smtp server should have the ability to allow and block senders using a local black/white list ie "allowed relays/ blocked senders". If you only allow ip's that you want to relay through you then that will prevent unwanted users from using your smtp server as an open relay. Secondly, SpamFilter ISP should only be used to accept all incomming email. It will then forward all filtered emails to your pop/smtp server. People should not be able to use the SpamFilter ISP server as an outgoing smtp server.
George |
|
|
|
|
LogSat
Admin Group
Joined: 25 January 2005 Location: United States Status: Offline Points: 4104 |
Post Options
Thanks(0)
Quote Reply
Posted: 08 September 2003 at 11:19pm |
|
Just as the name implies, that's what SpamFilter for ISP is used for! Roberto F.
|
|
|
|
|
eric
Guest Group
|
Post Options
Thanks(0)
Quote Reply
Posted: 14 September 2003 at 12:11pm |
|
ROTFL... we had a security officer stating the same... telnet to any isp, rcpt to: postmaster@RDNSNAME.FQDN and guess what, they accept mail, isn`t it wonderfull ? it is smtp ! -eric- // kind people say ehlo first before flaming in the forum.. // |
|
|
|
Topic Options|
Post Reply
|
|
Tweet
|
| Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |
This page was generated in 0.336 seconds.