Re: Relaying in MDaemon

["Tabor J. Wells" <twells () fsckit net>]

On Fri, Aug 17, 2001 at 10:49:04AM -0500,
Arvel Hathcock <arvel () altn com> is thought to have said:

> > It seems like that Mdaemon SMTP server can be used for
> > unauthorized relaying. Mail can be relayed when sent
> > "FROM or TO known user", it means that mail sent "from"
> > the account of one of served domains always can be relayed.
> > There is no problem to specify any "from" user, for
> > example, system account "mdaemon".
>
> Please read the manual.  There are ways of verifying addresses.  Also, the
> default installation does not allow mail relaying.  You have enabled it
> yourself.  There is a switch setting that prevents this sort of thing and it
> is set by default.

Perhaps you should go download your product from your website and try this
yourself rather than just claiming the original poster didn't read the
documentation. I just downloaded a trial version of 4.0.5 and it relays
out of the box. 

If the envelope from you provide matches a valid user (and MDaemon is the
default installed server user) at the local domain then you can relay.

And here I had been wondering why I was getting so much spam through
MDaemon servers that the various open relay blacklists were claiming were
secure. Slightly edited examples follow.

Tabor


A random invalid user fails:

220 example.com ESMTP MDaemon 4.0.5 UNREGISTERED; Fri, 17 Aug 2001 18:11:35 -0400
ehlo blah
250-example.com Hello blah, pleased to meet you
250-ETRN
250-AUTH LOGIN CRAM-MD5
250-8BITMIME
250 SIZE 0
mail from:<blah () example com> 
250 <blah () example com>, Sender ok
rcpt to:<twells () fsckit net>
550 <twells () fsckit net>, Recipient unknown
quit
221 See ya in cyberspace

A known valid user succeeds:

220 example.com ESMTP MDaemon 4.0.5 UNREGISTERED; Fri, 17 Aug 2001 18:11:52 -0400
ehlo blah
250-example.com Hello blah, pleased to meet you
250-ETRN
250-AUTH LOGIN CRAM-MD5
250-8BITMIME
250 SIZE 0
mail from:<MDaemon () example com>
250 <MDaemon () example com>, Sender ok
rcpt to:<twells () fsckit net>
250 <twells () fsckit net>, Recipient ok
data
354 Enter mail, end with <CRLF>.<CRLF>
From: mdaemon () example com
To: twells () fsckit net
Subject: Relay Test

Blah
.
250 Ok, message saved
quit
221 See ya in cyberspace

And the relayed message it sends:

> From mdaemon () example com Fri Aug 17 18:09:32 2001
Received: from host.example.com (fsckit.net) [IP Removed] 
        by pulse.fsckit.net with esmtp (Exim)
        for twells () fsckit net
        id 15Xro4-0002VN-00; Fri, 17 Aug 2001 18:09:32 -0400
Received: from blah [IP removed]
        by example.com [223.1.1.128]
        with SMTP (MDaemon.PRO.v4.0.5.T)
        for <twells () fsckit net>; Fri, 17 Aug 2001 18:08:55 -0400
From: mdaemon () example com
To: twells () fsckit net
Subject: Relay Test
X-MDRemoteIP: [IP removed]
X-Return-Path: mdaemon () example com
X-MDaemon-Deliver-To: twells () fsckit net
Message-Id: <E15Xro4-0002VN-00 () pulse fsckit net>
Date: Fri, 17 Aug 2001 18:09:32 -0400
Status: RO
Content-Length: 6
Lines: 2

Blah


-- 
--------------------------------------------------------------------
Tabor J. Wells                                     twells () fsckit net
Fsck It!                 Just another victim of the ambient morality