Bugtraq mailing list archives
MailSweeper for SMTP Security Problem
From: Russ Hayward <bug () EUNOS DEMON CO UK>
Date: Tue, 27 Mar 2001 07:14:45 +0100
There appears to be vulnerability with Mail Sweeper for SMTP email by Content Technologies. (Tested on Version 4.19, others may be vulnerable) My test system is - Windows NT 4 Service Pack 5 MailSweeper for SMTP version 4.1.9 I have two separate incoming and outgoing policies scenarios, I trust (!) my users and allow all internal users to send what they like (no restrictions) but restrict incoming emails with virus checks, text analysis, exe file checks etc.. etc.. The Incoming scenario applies to this address list *@* --> *@mydomain.com and the Outgoing Scenario applies to *@mydomain.com --> *@* The SMTP relay restrictions ensure that only mail destined for the local domain are forwarded. The problem occurs when an attacker spoofs an email so the sender appears to be a user within my domain i.e. JoeBloggs () mydomain com and the recipient is the intended victim i.e. user () mydomain com MailSweeper will apply the OUTGOING scenario (i.e. nothing) and forwards the mail internally to the intended victim. This email could contain any content. I notified Content Technologies on the 03/03/2001 and have received no response. Regards Russ Hayward
Current thread:
- MailSweeper for SMTP Security Problem Russ Hayward (Mar 27)
- Re: MailSweeper for SMTP Security Problem Hugo van der Kooij (Mar 27)
- <Possible follow-ups>
- Re: MailSweeper for SMTP Security Problem Martin O'Neal (Mar 27)
- Re: MailSweeper for SMTP Security Problem Gordon, Paul (Mar 28)