MailSweeper for SMTP Security Problem

[Russ Hayward <bug () EUNOS DEMON CO UK>]

There appears to be vulnerability with Mail Sweeper for SMTP email by
Content Technologies.
(Tested on Version 4.19, others may be vulnerable)

My test system is -

    Windows NT 4 Service Pack 5
    MailSweeper for SMTP version 4.1.9

I have two separate incoming and outgoing policies scenarios, I trust (!) my
users and allow all
internal users to send what they like (no restrictions) but restrict
incoming emails with
virus checks, text analysis, exe file checks etc.. etc..

The Incoming scenario applies to this address list *@* --> *@mydomain.com
and the Outgoing Scenario applies to *@mydomain.com --> *@*

The SMTP relay restrictions ensure that only mail destined for the local
domain are forwarded.

The problem occurs when an attacker spoofs an email so the sender appears to
be a user within my
domain i.e. JoeBloggs () mydomain com and the recipient is the intended victim
i.e. user () mydomain com

MailSweeper will apply the OUTGOING scenario (i.e. nothing) and forwards the
mail internally to the
intended victim. This email could contain any content.

I notified Content Technologies on the 03/03/2001 and have received no
response.

Regards

Russ Hayward