Security Basics mailing list archives
Sender Spoofing via SMTP
From: brandon.steili () gmail com
Date: 3 Nov 2005 15:56:23 -0000
Hi List, I know this is a common issue that does not seem to be well addressed, but I was hoping you folks could give some suggestions. (preferably for Exchange 2003) If I telnet to a system on the internet and perform the following: telnet target 25 EHLO (assuming Exchange) MAIL FROM: someone RCPT TO: someone_else () TargetDomain com DATA .... The server will happily forward my mail to the internal mailbox without validating anything. I did not have to authenticate, I did not even have to provide a real sender on the system, I could make one up. Again, I know this is a common issue, the question is how can I prevent this from happening? With the proliferation of social engineers / phishers, etc I would like to try and find a way to prevent this, not because it is a big problem but because it might become a big problem. Obviously user training can only go so far and our clients are not going to think twice if they recieve an email that appears to be from a company exec... Thanks!
Current thread:
- Sender Spoofing via SMTP brandon . steili (Nov 03)
- RE: Sender Spoofing via SMTP Andrew Chong (Nov 04)
- Re: Sender Spoofing via SMTP Thierry Zoller (Nov 07)
- Re: Sender Spoofing via SMTP Ansgar -59cobalt- Wiechers (Nov 07)
- Re: Sender Spoofing via SMTP dallas jordan (Nov 04)
- Re: Sender Spoofing via SMTP FocusHacks (Nov 04)
- RE: Sender Spoofing via SMTP Muhammad Naseer Bhatti (Nov 04)
- Re: Sender Spoofing via SMTP Gaddis, Jeremy L. (Nov 04)
- Re: Sender Spoofing via SMTP Florian Streck (Nov 04)
- Re: Sender Spoofing via SMTP Barrie Dempster (Nov 04)
- Re: Sender Spoofing via SMTP Yousef Syed (Nov 07)
(Thread continues...)
- RE: Sender Spoofing via SMTP Andrew Chong (Nov 04)