[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SMTP relay problem



Someone we know who has been using zmailer has been marked as an open 
relay.  the problem is that they are allowing addresses of the form:

       "shb@microsoft.com"@theirname.com

in via SMTP.  I thought this was strange and then tried by own 
zmailer installation and found it to be the case.  Having checked 
everything I went and read the source and could not find out what was 
happening so I tried nic.funet.fi -- which is bad of me and it said:

telnet nic.funet.fi 25
Trying 193.166.0.145...
Connected to nic.funet.fi.
Escape character is '^]'.
220 nic.funet.fi ZMailer Server 2.99.53-pre2cvs #8 ESMTP+IDENT ready 
at Thu, 13 Apr 2000 13:07:53 +0300
HELO
250 nic.funet.fi expected "HELO dash.widearea.co.uk"
MAIL From: <>
250 2.1.0 Sender syntax Ok
RCPT To: <"shb@micro.com"@dash.widearea.co.uk>
550 5.7.1 This target address is not our MX service client: 
<"shb@micro.com"@dash.widearea.co.uk>
RCPT To: <"shb@micro.com"@nic.funet.fi>
250 2.1.5 Recipient address syntax Ok; rcpt=<"shb@micro.com"@nic.funet.fi>
QUIT
221 2.0.0 nic.funet.fi Out
onnection closed by foreign host.

The first one is ok to fail but the second if exercised by a 
mail-abuse.org will get you marked as an open relay.

Which brings me to the point of this mail -- help!!!

It turns out that the smtpserver will accept RCPT To's of the form:

RCPT To: <"shb@micro.com"@nic.funet.fi>
and
RCPT To: <"shb@micro.com"@[193.166.0.145]>

I think this is a problem...

Simon.