Re: Sender Spoofing via SMTP

[dallas jordan <dallas.jordan () gmail com>]

Brandon,
I believe you should set your email server to only relay email coming
from your domain.  that would prevent people from the internet
connecting to the server and sending emails randomly.  do some
searching on email relaying.

On 3 Nov 2005 15:56:23 -0000, brandon.steili () gmail com
<brandon.steili () gmail com> wrote:
> Hi List,
>
> I know this is a common issue that does not seem to be well addressed, but I was hoping you folks could give some 
> suggestions. (preferably for Exchange 2003)
>
> If I telnet to a system on the internet and perform the following:
>
> telnet target 25
> EHLO (assuming Exchange)
> MAIL FROM: someone
> RCPT TO: someone_else () TargetDomain com
> DATA ....
>
> The server will happily forward my mail to the internal mailbox without validating anything. I did not have to 
> authenticate, I did not even have to provide a real sender on the system, I could make one up. Again, I know this is 
> a common issue, the question is how can I prevent this from happening?
>
> With the proliferation of social engineers / phishers, etc I would like to try and find a way to prevent this, not 
> because it is a big problem but because it might become a big problem.
>
> Obviously user training can only go so far and our clients are not going to think twice if they recieve an email that 
> appears to be from a company exec...
>
> Thanks!


--
Dallas Jordan CCNA, CISSP