mailing list archives
Re: Sender Spoofing via SMTP
From: brandon.steili () gmail com
Date: 3 Nov 2005 20:20:35 -0000
Thanks for your replies thus far, but they have helped add few more thoughts. By the way, I'm also looking for any
thoughts on how to restrict this from happening internally as well. Using the about example, I can connect to a local
exchange server and intiate the same spoofing technique to another local user -- for example I can connect to the
server via Telnet to 25 and send my cubemate an email from santa () mydomain and tell him that the north pole has been
having connectivity issues... It's junk like this I am trying to prevent internal and external people from doing
straight from a telnet session.
Quote(Andrew Chong) - Currently, two common technologies are SMIME and PGP to digitallysign/encrypt emails.
Response - This would help validate the sender to the enduser, which is a good start (and easy to teach to users). Not
really the overall solution but definetly getting there. Thanks!
Quote(Craig Wright) - Internal mail will not generally pass through SMTP
Response - Great Point, but in this scenario I am connecting to port 25 and intiating the message directly via SMTP on
the server. I think regardless of what happens to the message once it hits the queue and gets moved around by the
Information Store or another MTA the fatal problem is that I was able to connect and send send the message?
Quote (Dallas Jordan & Corey LeBleu) (sort of combining these two) - I believe you should set your email server to only
relay email coming from your domain. that would prevent people from the internet connecting to the server and sending
emails randomly. Unauthenticating Mail Relay Response - However if I setup the server so it requires authentication for
communication, would this not break the ability for other domains to send email to my users? I have validated that I
cannot spoof outbound emails from the internet based connection, so I'm not a completely open relay, but open
enough that external connections can spoof an internal email sender and get that mail delivered to a recipient.
Sorry for hitting this so hard, but I have done a bunch of searching on the net, read way too much Technet and although
I find bits and pieces, nothing really addresses the ability to spoof a sender or prevent this type of relaying without
breaking everything else.
Thanks Again for the responses!
Re: Sender Spoofing via SMTP Luis Fernandez (Nov 07)
Re: Sender Spoofing via SMTP Tomasz Nidecki (Nov 08)
RE: Sender Spoofing via SMTP Craig Wright (Nov 07)
Sender Spoofing via SMTP brandon . steili (Nov 07)
- Re: Sender Spoofing via SMTP, (continued)