HPE Community
Operating System - Linux
1823369 Members
2780 Online
109654 Solutions
New Discussion юеВ

SMTP Open Mail Relay vulnerability

 
Joel Pavon
Advisor

тАО05-18-2007 02:14 AM

тАО05-18-2007 02:14 AM

SMTP Open Mail Relay vulnerability

Hi!

I'm looking how can I fix the security issue abour "SMTP Open Mail Relay" on the reports whit tool called Foundstone i have the vulnerability CVE-1999-0512, the report don't explain how solve the problen.

Any body can help me??
0 Kudos
Reply
7 REPLIES 7
Leandro Daniel Costa
Occasional Advisor

тАО05-18-2007 02:27 AM

тАО05-18-2007 02:27 AM

Re: SMTP Open Mail Relay vulnerability

Well, the SMTP Open Mail Relay vulnerability, is basically telling you that someone else, from another network is able to send mail using your SMTP server, so outsiders are able to for example, send spam through your server. To solve this problem, you should check your SMTP server's documentation, and for us to give a helping hand to you, we should at least know the product you're running [stmp server] and version.

Regards,
Leandro Daniel Costa
0 Kudos
Reply
Joel Pavon
Advisor

тАО05-18-2007 02:43 AM

тАО05-18-2007 02:43 AM

Re: SMTP Open Mail Relay vulnerability

Sorry, but how can I know the version of SMTP??


Tnks.
0 Kudos
Reply
Joel Pavon
Advisor

тАО05-18-2007 02:45 AM

тАО05-18-2007 02:45 AM

Re: SMTP Open Mail Relay vulnerability

I was run the command snmpd and this is the output of the command;

#snmpd
Start SNMP Master Network Management daemon
SNMP Research SNMP Agent Resident Module Version 14.2.1.7
Copyright 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997 SNMP Research, Inc.


This is the version??
0 Kudos
Reply
Ivan Ferreira
Honored Contributor

тАО05-18-2007 02:51 AM

тАО05-18-2007 02:51 AM

Re: SMTP Open Mail Relay vulnerability

Hi Joel, we are talking about SMTP, not SNMP. Don't worry, it's easy to mix the things.

What we need to know is what is your mail transfer agent (MTA), for example, sendmail, postfix, exim, etc.

One option to try to identify the information is to run:

telnet localhost 25

That "could" display server and version information.

Or, if you use an rpm based linux distro, run:

rpm -qa | grep -e "sendmail|postfix"
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Reply
Joel Pavon
Advisor

тАО05-18-2007 02:58 AM

тАО05-18-2007 02:58 AM

Re: SMTP Open Mail Relay vulnerability

This is the output of command.


#telnet localhost 25
Trying...
Connected to localhost.
Escape character is '^]'.
220 gamhap25. ESMTP Sendmail @(#)Sendmail version 8.13.3 - Revision 2.004 - 06/29/2006/8.9.3; Fri, 18 May 2007 09:50:56 -0500 (CDT)
0 Kudos
Reply
Leandro Daniel Costa
Occasional Advisor

тАО05-18-2007 03:07 AM

тАО05-18-2007 03:07 AM

Re: SMTP Open Mail Relay vulnerability

Try this:

cat mysendmail.cf | grep FR-o

If it outputs something like this:

FR-o /etc/somefile

Then, you should edit /etc/somefile and set from which hosts you're willing to relay mail for, the most common setup for this, is to relay mail from localhost and from your local network. You have to put for example:

192.168.0.0/24
127.0.0.1

In that file and then send a SIGHUP to sendmail: killall -1 sendmail

Hope it helps
0 Kudos
Reply
Ivan Ferreira
Honored Contributor

тАО05-18-2007 03:52 AM

тАО05-18-2007 03:52 AM

Re: SMTP Open Mail Relay vulnerability

Hola Joel, please see:

http://www.usebox.net/jjm/sendmail/#relay

Que viva el tequila!
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.