Tenon Intersystems Please see text links at bottom of page for navigation
Please see text links at bottom of page for navigation

Search tenon.com

Thanks to:

Post.Office
[Top] [All Lists]
<prev [Date] next> <prev [Thread] next>

Re3: Solved: Help: my PO is open relay

To: post_office@xxxxxxxxxxxxxxx
Subject: Re3: Solved: Help: my PO is open relay
From: "Glenn A. Bookout" <gblists@xxxxxxxxxxxxxxxxxxx>
Date: Fri, 5 Dec 2003 10:40:22 -0800
Sue:

Thanks for your update on this problem.

On Thursday, Dec 4, 2003, at 17:29 US/Pacific, Sue Chester wrote:

The problem turned out to be that one of the accounts was using POP-before-SMTP and was popping continuously from a remote location. POP-before-SMTP opens a relay window for accounts for a settable amount of time. The relay database testers used that login account name to send relay through the system, and they were able to do so. That's why the system got put into the open relay database.

POP-before-SMTP is designed for peripatetic users, who need to send mail from various locations. When used this way, there is little or no risk of some unauthorized person sending mail through your system as that account name, but for an account that needs 100% accessing, or if you have to POP that account all the time, it's better to turn POP-before-SMTP off, and use SMTP-Authentication.
Interesting.

I have a number of clients that have to use POP-before-SMTP ( mainly due to the P.O restrictions on SMTP-Authentication needing a match between ID and address, which is not very workable when hosting multiple domains ), and there are times that they will query our server for msgs. every few min. for hours on end.

How can we check our logs to see if we're being exploited by this "bug"?

I looked in my logs and there doesn't seem to be any difference between the SMTP-Accept/SMTP-Deliver logging for an incomming or outgoing msg.

Also, I thought that POP-before-SMTP was based on an ID/IP address pair for successful sending, how can an "outsider" obtain that information in order to exploit the system?

Is there any chance that Tenon is working to improve SMTP-Authentication to allow more flexible ID/address pairs?

Thanks for your time and help in this matter.

Glenn

---------
Tenon Intersystems' Post.Office Mailing List
To unsubscribe: send mailto:post_office-request@xxxxxxxxxxxxxxx
with the body only containing: unsubscribe
Find the searchable mailing list archives at:
http://postoffice.computeroil.com/

<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Solved: Help: my PO is open relay, Sue Chester
Next by Date:  mail box quota, dongsoo choi
Previous by Thread:  Re: Solved: Help: my PO is open relay, Sue Chester
Next by Thread:  Re3: Solved: Help: my PO is open relay, Anita Holmgren
Indexes:  [Date] [Thread] [Top] [All Lists]
| Tenon Home | Products | Order | Contact Us | About Tenon | Register | Tech Support | Resources | Press Room | Mailing Lists |

Powered By iTools

Copyright©2003 Tenon Intersystems, 232 Anacapa Street, Suite 2A, Santa Barbara, CA 93101. All rights reserved.
Questions about our website - Contact: webmaster@tenon.com.

Tenon Home Tenon Home Tenon Home Tenon Home Product Info Tenon Ordering Contact About Register Support Resources Press Mailing Lists