Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Mail Server problem / query

from [Joe_Wulf] Network Security [Permanent Link]
Subject: RE: Mail Server problem / query
Date: Thu, 14 Apr 2005 09:58:45 -0400 
Depends on the type you are doing.  Check out 'qmail' and 'exim'.
They definately have configurable options to allow/prevent, thus
manage exactly what you are talking about.  You didn't mention
the type of mail server you are testing---that might have helped.
 
R,
-Joe Wulf, CISSP
 ProSync Technology Group, LLC
 www.prosync.com
 Senior IA Engineer

-----Original Message-----
From: Marc Davison [mailto:m_davison@talk21.com] 
Sent: Wednesday, April 13, 2005 17:45
To: pen-test@securityfocus.com
Subject: Mail Server problem / query 

Hi all, I hope you can help with this. I have been testing a server for
open-relay and found that I could connect from an external machine and send
mails using a MAIL FROM (the local domain) and a RCPT TO (the local domain) -
now this may seem fine as internal users will need to send mail to other
internal users but my query is whether there are mail servers which can be
configured to recognise that the connection was an external address and
therefore that the MAIL FROM address was invalid. eg I can send a mail from the
CEO of the company to his own secretary asking her to copy his hotmail address
on all future mails and to the secretary, this mail seems perfectly valid yet me
(prospective attacker) outside the comapany may now receive loads of sensitive
mails (assuming the secretary is the type who doesn't like to query things and
ask questions) - thanks in advance.

Send instant messages to your online friends http://uk.messenger.yahoo.com
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Fingerprinting Firewall, David L Rice
Next by Date:  Re: Any way to automatically change arbitrary headers of IP packets on-the-fly?, DJ Ether
Previous by Thread:  Mail Server problem / query, Marc Davison
Next by Thread:  Re: Mail Server problem / query, Prashant Gawade
Indexes:  [Date] [Thread] [Top] [All Lists]