Re: [PEN-TEST] Testing MS Exchange

[Robert Schwartz <Robert () mrsquirrel com>]

This is a very misunderstood subject and I see many misconfigured servers a
lot.  This is due to poor documentation IMHO.  However, there is an
excellent doc available on the TechNet CD (not sure about the Internet
site).  There is no qbase number.  You need to query for: "Is Your Exchange
Server Relay Secure".  As it turns out, you need to implement some
counterintuitive configuration options.  I found it very useful.  Hope this
helps.


-----Original Message-----
From: Penetration Testers [mailto:PEN-TEST () SECURITYFOCUS COM]On Behalf
Of Stephen Quigg
Sent: Wednesday, October 11, 2000 7:40 AM
To: PEN-TEST () SECURITYFOCUS COM
Subject: [PEN-TEST] Testing MS Exchange


I am currently looking at some work involving Microsoft Exchange and Open
Relays, most notably stopping many installed versions of Exchange acting as
one!

Does anyone have any knowledge in this area to share, and things I should be
looking out for. This will include configurable options within exchange
other than the generic ones to stop it being used as an Open Relay.

I'm perfectly happy doing a network/IDS/Firewall/Server level vulnerability
scan & risk analysis, but am anxious to gain the list's experience in this
area.

regards,
Stephen

Stephen Quigg
PA Consulting Group
+44 (0)141 241 6445
+44 (0)788 754 0020

DISCLAIMER: This e-mail contains proprietary information some or all of
which may be legally privileged.  It is for the intended recipient only.
If an addressing or transmission error has misdirected this e-mail,
please notify the author by replying to this e-mail.  If you are not the
intended recipient you must not use, disclose, distribute, copy, print,
or rely on this e-mail.