Bugtraq mailing list archives

Relaying in MDAEMON.

From: "buggzy" <alienhard () mail ru>
Date: Fri, 17 Aug 2001 11:42:24 +0600

It seems like that Mdaemon SMTP server can be used for unauthorized
relaying. Mail can be relayed when sent "FROM or TO known user", it means
that mail
sent "from" the account of one of served domains always can be relayed.
There is no problem to specify any "from" user, for example, system account
"mdaemon".

220 bepe ESMTP MDaemon 4.0.5 UNREGISTERED; Thu, 16 Aug 2001 11:38:54 +0600

helo somedomain

250 bepe Hello somedomain, pleased to meet you

mail from: mdaemon@bepe

250 <mdaemon@bepe>, Sender ok

rcpt to: alienhard () mail ru

250 <alienhard () mail ru>, Recipient ok

The message was successfully sent. Additionally, you can specify "Reply-To"
field in message header, and mail client will reply to correct address.

I can't find any configuration which will disallow it. It looks like design
error - poor criteria. Maybe expert mdaemon users shows is it right or
wrong.

Tested: Mdaemon Pro 4.0.5

buggzy () nerf ru, Nerf Security Group
http://www.nerf.ru

Current thread:

Re: Relaying in MDAEMON. buggzy (Aug 17)
- Re: Relaying in MDAEMON. Alun Jones (Aug 17)
- <Possible follow-ups>
- Relaying in MDAEMON. buggzy (Aug 17)