Re: MailSweeper for SMTP Security Problem

["Martin O'Neal" <BugTraq () CORSAIRE COM>]

Hiya Russ,

> MailSweeper will apply the OUTGOING scenario (i.e. nothing) and forwards
> the mail internally to the intended victim. This email could contain any
> content.

If you take a look at the routing section in the MMC help for the
MAILsweeper product, there is a whole page that describes the way that an
address is evaluated in the context of wild cards. My reading of this is
that it is evaluated left-to-right, and scores a more explicit address
(*@domain.com) higher than a full wild card (*@*). The result being that
your send address triggers the scenario hierarchy in preference to the
receive address.

This might not be what you actually want [wink...] but you can always work
around this by building an explicit domain->domain scenario to cover this
situation, or restrict the relaying so this isn't an issue.

Regards,
Martin O'Neal



----------------------------------------------------------------------
CONFIDENTIALITY: This e-mail and any files transmitted with it are
confidential and intended solely for the use of the recipient(s) only.
Any review, retransmission, dissemination or other use of, or taking
any action in reliance upon this information by persons or entities
other than the intended recipient(s) is prohibited. If you have
received this e-mail in error please notify the sender immediately
and destroy the material whether stored on a computer or otherwise.
----------------------------------------------------------------------
DISCLAIMER: Any views or opinions presented within this e-mail are
solely those of the author and do not necessarily represent those
of Corsaire Limited, unless otherwise specifically stated.
----------------------------------------------------------------------

Corsaire Limited, 3 Tannery House, Tannery Lane, Send, Surrey GU23 7EF
Telephone:+44(0)1483-226000 Email:info () corsaire com