[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Qube 3 - Open Relay when Email Delivery Frequency other than "immediate" selected
- Subject: Re: [cobalt-security] Qube 3 - Open Relay when Email Delivery Frequency other than "immediate" selected
- From: Bruce Timberlake <bruce@xxxxxxxxxx>
- Date: Thu, 27 Feb 2003 15:21:44 -0800
- Organization: BRTNet.org
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> Does anyone have their Qube3 set up to delivery email other than
> Immediately?
>
> I have reason to suspect that if a Qube3 is set to queue mail and
> deliver it every 15 mins, 30 mins, 1 hour, 6 hours, or once a day,
> it will be open to abuse as an OPEN RELAY.
>
> I hope someone can prove me wrong.
>
> I've had a Qube3 abused in this fashion and after cleaning up the
> mess I've done some trials and it does not look good. When set to
> 15 mins the Qube3 will accept messages which would have been
> rejected if immediate delivery were selected and then at the
> appropriate time relay them.
Holy crap!
I just tried what you described, and it _does_ turn the Qube into an
open relay!!
Gotta peek into the backend code to see what's happening. I don't
_think_ it does anything besides changing a variable in sendmail.cf,
which would indicate that the problem is with sendmail itself... (or
at least the version running on the Qube).
- --
Bruce Timberlake
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+Xp2IvLA2hUZ9kgwRAtnTAJwP0C2keJt8hHdGW5/XdAfpo67MMwCfeblZ
oChFdT1Bsjgu2GBKsxg3CXQ=
=p0Vc
-----END PGP SIGNATURE-----