Jump to content

Is Outgoing Smtp Open To Abuse?


beach200
 Share

Recommended Posts

Welcome to the forum!

 

It is true, you would need a valid password for it to work. However, you can have scripts such as formmail which can be used to send mail from your server, hence the reason such scripts should have decent sercurity so that this things can not happen.

 

It is easy to fake a domain name in the header, but if you where to truely look at the headers you would see that infact they do not originate from that domaini name but infact from somewhere else.

 

Jimuni

Link to comment
Share on other sites

Welcome to the forums, beach200.

 

Jimuni said it well. Our servers do not openly relay mail, so they would have to have your account info to do so. However, that doesn't prevent them from faking your email and sending it from their own host (that's an SMTP design issue), but it will clearly show in the headers that you were not actually the sender of the email.

Link to comment
Share on other sites

Is the sun hot? Yes. I'm not convinced.

 

I'm probably just not getting what is on your mind, but it is a fact that without your password or a faulty script no one can send email from your SMTP.

 

As was said, it is easy to fake an email header sent from some other email server to appear to be from you@yourTCHdomain.com, but the headers will betray the forgery.

 

Maybe if you just tell us what you are seeing as the issue we can help explain why it is.

 

Edit: Forgot to say ... Welcome to the forums!

Link to comment
Share on other sites

Is the outgoing SMTP server where your account is at TCH?

 

Are you sending immediately after checking incoming email? Sometimes if you check email and then send something it "remembers" your authentication.

Link to comment
Share on other sites

Is the outgoing SMTP server where your account is at TCH?

 

Are you sending immediately after checking incoming email? Sometimes if you check email and then send something it "remembers" your authentication.

 

Yes, the SMTP is with TCH (the best).

Using OutLook Exp, after a reboot of Win XP, I don't need authentication. So presumably, no one else does either.

Link to comment
Share on other sites

Outlook Express nearly always does a check of your POP3 before the send (because most people have it do the default check for emails when it starts). If you have done this, then you have already authenticated with the server, and do not need to do so again when you send.

 

As Rick says though, open a ticket and we'll check

Link to comment
Share on other sites

Got a good reply from Rick via a ticket. As Andy says the process of checking the pop3 server via OutLook performs authentication which remains on the server for some time (x minutes). This fits prefectly with the evidence. It seems that if you read the pop3 server, and then use any technique to send via the smtp server (within x minutes), you can get a free ride. If this is so, my scepticism seems to be justified.

Link to comment
Share on other sites

Got a good reply from Rick via a ticket. As Andy says the process of checking the pop3 server via OutLook performs authentication which remains on the server for some time (x minutes). This fits prefectly with the evidence. It seems that if you read the pop3 server, and then use any technique to send via the smtp server (within x minutes), you can get a free ride. If this is so, my scepticism seems to be justified.

 

POP before SMTP means that once you check your email via POP3, for a certain amount of time, your IP address and only your IP address is allowed to send mail through your account. That's hardly a free ride, unless you have other people using your machine that you don't trust at the same time (but then you'd likely have bigger problems :notworthy:).

Link to comment
Share on other sites

POP before SMTP means that once you check your email via POP3, for a certain amount of time, your IP address and only your IP address is allowed to send mail through your account. That's hardly a free ride, unless you have other people using your machine that you don't trust at the same time (but then you'd likely have bigger problems :P).

 

 

This fits even more closely with the evidence! I guess the initial question is solved. Tks

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...