RE: Relay Messaging

  • From: "Jeffrey Robillard" <jrobill@xxxxxxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Wed, 26 Jun 2002 11:01:23 -0400

yes I have seen this.. and mentioned it before on the exchange list.
sending mail from one internal user to another is not technically
relaying.   so, its possible for a person on the outside to send a
message, using any standard internet mail package, to a user inside your
network and have the from be another user inside your network.  All it
takes is for the person on the outside to know two valid internal email
For instance.
If I knew your email address.. which I can clearly see below...   and I
knew your bosses email address, then I could easily send a message to
your boss saying he is a total jackass and make it look like it came
from you.   
I wouldn't call it so much a flaw as it is just a weakness.   Wouldnt
surprise me if other email systems also had this problem because
technically its not a relay.

        -----Original Message-----
        From: Robert Abela [mailto:robert@xxxxxxx] 
        Sent: Wednesday, June 26, 2002 10:44 AM
        To: [ExchangeList]
        Subject: [exchangelist] RE: Relay Messaging
        - Re-Vamped!
        Did you check the headers of the mail to check exactly from
where this mail is coming?  The ip of the server etc?  Are you sure you
closed the relaying?  How did you close it?  Are you sure it is not
someone internally?

                -----Original Message-----
                From: Elias, Delores [mailto:DELIAS@xxxxxxxxxx]
                Sent: Wednesday, June 26, 2002 4:31 PM
                To: [ExchangeList]
                Subject: [exchangelist] Relay Messaging
       - Re-Vamped!
                Hi All
                We are having a strange problem here.  My manager has
been getting emails from an attorney in our firm that he has not sent to
her.  It's usually a spam email and when she opens it, the From and To
line both have the attorney's name.  We don't see her name anywhere.
Our consultant suggested that it may be a relay issue, but I've turned
relaying off and it's still happening.  Also, email from this attorney
has been sent to others in our firm.
                Has anyone encountered this type of problem?
                You are currently subscribed to this
Discussion List as: robert@xxxxxxx
                To unsubscribe send a blank email to


                The information supplied in this message may be legally
privileged. If you are not the intended recipient of this message, the
sender does not intend delivery to you to waive any privilege or right
pertaining to this message. If you have received this message in error,
please immediately notify the sender by return e-mail, and delete the
errant message. Thank you.

        You are currently subscribed to this Discussion
List as: jrobill@xxxxxxxxxxxxx
        To unsubscribe send a blank email to

Other related posts: