nanog mailing list archives
MSRFCs versus RFCs?
From: joej () Rocknyou com
Date: Thu, 28 Nov 2002 01:53:06 -0500
Happy Thanksgiving all! While I don't think I'll get a response to this question over the holidays, I thought I'd at least present it for response post Thanksgiving. I have a site that (along with others) has decided to use MSExchange as their SMTP hub. One of the problems I am seeing with this is that the current configuration allows for any inbound domain traffic. In otherwords, the exchange server seems to allow emails destin for any domain, then sends a None Delivery Report to the "Mail From" party. My argument is that there lies an exploit with this senario. In otherwords (and those of you that probably know where I am going with this just skip ahead) If I send an email to JoeSmo () domain com and spoof the Mail From as Victim () innocentdomain com to an Exchange Server setup in this manor, the Exchange server will bounce an email to the Victim () innoccentdomain com. While this is all fine and dandy, if a person(s) decides to use this as a mailbomb method and exploit this, its rather simple to do. So, in short I am aguing that 1> Mail destine for a domain not handled should be 550 Denied. 2> None Delivery Reports should only be sent for Domains Handled. 3> That a Firewall should not be doing Domain checking for SMTP What I am at a loss for is RFCs that explicitly state this, that is NDR for other domains, and accepting for other domains. Perhaps I missed something or one of them. Anyone have to deal with this situation? Any suggestions on how to argue this? Am I perhaps missing something? Does Bill Gates feel that "Monopoly is just a game, I want the world!" Just kidding. Thanks in advance, and again Happy Thanksgiving! -Joe
Current thread:
- MSRFCs versus RFCs? joej (Nov 27)