Security Basics mailing list archives
FW: (REPOST) Sendmail 8.11 configuration/security issue
From: "Keith T. Morgan" <keith.morgan () terradon com>
Date: Mon, 6 Jan 2003 16:02:04 -0500
Our moderator shot down my original post. So here's a slightly more G rated version. -----Original Message----- From: Keith T. Morgan Sent: Sunday, January 05, 2003 9:55 PM To: john65 () pobox com; security-basics () securityfocus com Subject: RE: Sendmail 8.11 configuration/security issue <snip>
(What if mary () xyz com wants to use her xyz.com return address when she's sending mail from home to joe () xyz com via her local ISP dialup -- Why would you want to block that?) What's the difference if incoming spam has one forged address or another anyway? It's still spam!
'Switching to Postfix', using a 'content security gateway,' or 'TLS' are not going to solve this problem (forging of email headers).
<snip> You are in error sir. Please check out the feature sets of eSafe Content Security Gateway, Network Associate's security gateway and others. eSafe for example does indeed check that email originates on the correct interface for local users. I found out that the network associates CSG does the exact same thing on a penetration test just last week when the customer explicitly asked me to attempt to send a false directive in email by spoofing the sender's address to an executive's address. Not only do the content security gateways address this issue, but postfix addresses it specifically. SSL/TLS would be an encryption mechanism protecting client authentication which would also defeat this problem if auth were required to send mail. The problem as I understand it: spammer masquerading as fakeuser () yourdomain com connects to mail.yourdomain.com and sends a message to any recipient. Additionally, this would be a way for an attacker to send false business directives, bogus or misleading communications etc... by pretending to be a member of your organization. (yes, I know about digital signatures and 90% of the organizations out there don't use them, nor do people look at headers as a rule). All of the listed solutions prevent "spoofing" of internal email addresses by external resources. Authentication (via SSL/TLS) solves the problem of the roadwarrior using a dialup somewhere. Postfix has a specific configuration parameter limiting *@yourdomain.com to sending from a specific network. <snipped per moderator's suggestion/requirement> Here's some FM to R. ftp://ftp.ealaddin.com/pub/manuals/esg/esg3.x/econsole_admin.pdf See page 113. The sections on "ANTI SPOOFING" and "ANTI RELAY" which talk about how to do EXACTLY what you claim it won't do. Also see: http://www.postfix.org/basic.html#mydomain
Current thread:
- FW: (REPOST) Sendmail 8.11 configuration/security issue Keith T. Morgan (Jan 06)
- Re: FW: (REPOST) Sendmail 8.11 configuration/security issue john65 (Jan 07)
- <Possible follow-ups>
- RE: FW: (REPOST) Sendmail 8.11 configuration/security issue Keith T. Morgan (Jan 21)