Network Security: Detailed info on Mail Transport System Professional--Open Relay Hole

Subject:	Mail Transport System Professional--Open Relay Hole
Date:	Sat, 25 Feb 2006 17:06:19 -0500

Subject:

Mail Transport System Professional--Open Relay Hole

Date:

Sat, 25 Feb 2006 17:06:19 -0500

What: Mail Transport System Professional is a RFC compliant mail server for Windows.

Who: http://www.mtsprofessional.com/

Problem: Open relay hole when forwarding all outgoing mail through an ISP.

When configured to forward all outgoing mail through an ISP MTS Pro will accept and forward all messages that are claimed to be from a local domain as specified in the MAIL FROM:<.....> verb of the SMTP conversation regardless of point of origin.

All versions to date are affected.

Fix: MTS Pro is a pay for play solution, please contact the vendor for an upgrade. The issue has been resolved.

--
Craig Morrison
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
http://pse.2cah.com
  Controlling pseudoephedrine purchases.

http://www.mtsprofessional.com/
  A Win32 email server that works for You.

<Prev in Thread]	Current Thread	[Next in Thread>
Mail Transport System Professional--Open Relay Hole, Craig Morrison <=

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	2 SQL Injection in Fantastic News, S3ude
Next by Date:	CGI Calendar XSS Vulnerability, revnic
Previous by Thread:	2 SQL Injection in Fantastic News, S3ude
Next by Thread:	CGI Calendar XSS Vulnerability, revnic
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

2 SQL Injection in Fantastic News, S3ude

Next by Date:

CGI Calendar XSS Vulnerability, revnic

Previous by Thread:

2 SQL Injection in Fantastic News, S3ude

Next by Thread:

CGI Calendar XSS Vulnerability, revnic

Indexes:

[Date] [Thread] [Top] [All Lists]