Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

FW: Mail relay question

from [Nick Vaernhoej] Network Security [Permanent Link]
Subject: FW: Mail relay question
Date: Fri, 22 Feb 2008 12:26:44 -0600 
Good day,

So I am somewhat green when it comes to how mail gateways manage email.

After finding that my own mail setup at home has caught almost 5000 spam mails 
in less than a month I have finally thrown my hands in the air and wanted to 
hopefully get some understanding from this list.

The amount alone is huge I think when I am only hosting my wife and myself (as 
well as the usual abuse etc. contacts).
I am worried that my home is an open relay in a manner I have not found.

Then I learn that via telnet I can send email from mydomain.com to mydomain.com 
and have it delivered even when the telnet session is from a public IP.

So, I am a little fuzzy on what it is I am trying to learn here, but:
1. Would you think 5000 emails a month with maybe 200 valid emails is normal in 
a home/family type setup?

2. Is mail always accepted and relayed when the sender and recipient domain is 
the same? (This is without sender authentication configured or capability).
        a. If yes, what is to stop an angry neighbor on his vacation to China 
from sending a nasty email from me to my wife? (In this unsecure setup).
        b. My gateway at home (Smoothwall using DSPAM/SEMF? mod) only accepts 
the initial HELO if followed by connecting domain name (HELO domain.com) So how 
come I can connect from domainx.com and send email from domainy.com to 
domainy.com?
        c. What can I do to remove this risk?

3. Any recommendations on a free mail gateway solution?  SpamAssassin? ClamAV? 
My goal is to migrate away from Exchange 2003. I have been wanting to try 
Zimbra for mail server but would like a good mail gateway in the DMZ instead of 
hosted by the firewall.

Thank you and I will follow up with answers to questions for clarification.

Nick Vaernhoej
"Quidquid latine dictum sit, altum sonatur."

This electronic transmission is intended for the addressee (s) named above. It 
contains information that is privileged, confidential, or otherwise protected 
from use and disclosure. If you are not the intended recipient you are hereby 
notified that any review, disclosure, copy, or dissemination of this 
transmission or the taking of any action in reliance on its contents, or other 
use is strictly prohibited. If you have received this transmission in error, 
please notify the sender that this message was received in error and then 
delete this message.
Thank you.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  CobiT / ISO 20000 / ITIL / ISO 27001, rafael . almeida
Next by Date:  Re: AW: nix based ftp server suggestions, krymson
Previous by Thread:  CobiT / ISO 20000 / ITIL / ISO 27001, rafael . almeida
Next by Thread:  Re: Mail relay question, 0x90
Indexes:  [Date] [Thread] [Top] [All Lists]