[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SMTP relay problem
On Thu, Apr 13, 2000 at 11:15:31AM +0100, Simon Brock wrote:
> Someone we know who has been using zmailer has been marked as an open
> relay. the problem is that they are allowing addresses of the form:
>
> "shb@microsoft.com"@theirname.com
>
> in via SMTP. I thought this was strange and then tried by own
> zmailer installation and found it to be the case. Having checked
> everything I went and read the source and could not find out what was
> happening so I tried nic.funet.fi -- which is bad of me and it said:
>
> 250 2.1.5 Recipient address syntax Ok; rcpt=<"shb@micro.com"@nic.funet.fi>
>
> The first one is ok to fail but the second if exercised by a
> mail-abuse.org will get you marked as an open relay.
No, it is SYNTACTICALLY perfectly valid LOCAL address.
Some router script versions have had DEQUOTEs in places which
are dangerously open, and strip away those local part quotes
in such a way which opens it to full decoding.
ZMailer will accept RCPT TO:<surely-will-bounce@nic.funet.fi>
because the smtpserver doesn't (usually) do lock-step routing
analysis to see if the address really is local, or not..
z# router '"shb@micro.com"@nic.funet.fi'
(((local '"shb@micro.com"@nic.funet.fi' '"shb@micro.com"@nic.funet.fi' default_attributes)))
If I had not had those external ticks, ZMSH would have expanded
the double-quotes away into:
z# router "shb@micro.com"@nic.funet.fi
(((smtp micro.com shb@micro.com default_attributes)))
which indeed in undesirable, but doesn't happen except at manual
address testing. (And with way older scripts at older routers.)
> Which brings me to the point of this mail -- help!!!
>
> It turns out that the smtpserver will accept RCPT To's of the form:
>
> RCPT To: <"shb@micro.com"@nic.funet.fi>
> RCPT To: <"shb@micro.com"@[193.166.0.145]>
>
> I think this is a problem...
No.
> Simon.
--
/Matti Aarnio <mea@nic.funet.fi>