RE: Using SMTP Engine from outside the network

  • From: "Carl Houseman" <c.houseman@xxxxxxxxx>
  • To: "'[ExchangeList]'" <exchangelist@xxxxxxxxxxxxx>
  • Date: Sun, 15 Jan 2006 22:07:01 -0500

So your outside IP address is authorized to relay.

And you're concerned that you can originate e-mail with anyone's name in the
From: field without authentication?

That's not news.  Anyone can impersonate anyone in E-mail.  Even when the
mail is relayed through your mail servers using the identity of someone in
your organization.

Still not clear?  Here it is another way:
There is NO provision for authentication in the SMTP mail protocol to insure
the sender is who the sender claims to be.
 

-----Original Message-----
From: MJ [mailto:mjtech@xxxxxxxxx] 
Sent: Sunday, January 15, 2006 9:39 PM
To: [ExchangeList]
Subject: [exchangelist] RE: Using SMTP Engine from outside the network

the SMTP Relay is locked down to specific IP Addresses, but my situation is
that I was able to use a valid email addresses witin the organization from
outside the firewall without having to provide a user name and a password.

Thanks

-----Original Message-----
From: Carl Houseman [mailto:c.houseman@xxxxxxxxx]
Sent: Sunday, January 15, 2006 9:34 PM
To: [ExchangeList]
Subject: [exchangelist] RE: Using SMTP Engine from outside the network

It may or may not be "normal" (i.e. "default") depending on your version of
Exchange.  The feature you have left enabled (Exchange 5.5) or accidentally
enabled (Exchange 200x) is called "relay".

Information on turning it off:
http://www.google.com/search?hl=en&q=exchange+relay

If the above isn't sufficient, then identify your version of Exchange for
more specific instruction.

You might also check to see if your mail system's outside IP address has
been blacklisted.  If so, it means your mail system has been used for
sending spam.
http://www.dnsstuff.com/  Use "Spam database lookup"

Even permitting relay just to authorized users is hazardous and can leave
your mail system open to abuse from unauthorized parties, unless you ensure
that authorized relayers have very strong passwords.

-----Original Message-----
From: Bryan [mailto:mjtech@xxxxxxxxx]
Sent: Sunday, January 15, 2006 9:10 PM
To: [ExchangeList]
Subject: [exchangelist] Using SMTP Engine from outside the network

Hi all,

I was working on a batch file to make it run ipconfig /all create a text
file with the result and email it to me.
While working on it I discovered that I was able to use our SMTP engine
from outside without any authentication, like this:

commail.exe -host=ServerName.DomainName.com -from=MyEmail1@xxxxxxxxxxxxxxx
-to=MyEmail2@xxxxxxxxxxxxxxx

Is this normal?

How can I secure it so it would only be used by authorized personels.

Thanks



Other related posts: