[Exim] Unathenticated SMTP ??

Top Page
Delete this message
Reply to this message
Author: Peter Richards
Date:  
To: exim-users
Subject: [Exim] Unathenticated SMTP ??
Hi,

I'm using an ADSL provider (Australia) as my ISP, and
have a website hosted by a seperate company (Dallas).
After a day of trying to get the answer I _needed_
from the web hosting company, I have (hopefully) come
to the right forum for discussing the curremt problem
I'm experiencing.

Having recently joined up with DShield, I was
surprised when the firewall logs were able to be sent
to my domain, unauthenticated. The next day I tested
this with "Blat", and sure enough, unauthenticated
SMTP was possible. To further prove that this is
possible, I setup Pegasus Mail, and once again,
unauthenticated SMTP, to my domain (at the Dallas web
hosting company) WAS possible.

With all three email clients, I ONLY supplied my
domain name:

* No username
* No password
* No POP3 prior before sending
* No SSL
* No TLS

The web hosting company won't believe me, stating
emphatically that no-one can send SMPTP without
authentication. This company uses Exim 4.24 #1 , and
the latest replies have indicated that I must have
found an open relay somehow, and that I'm only sending
"TO" the domain , and _not_ THROUGH the email servers.
But, in each test, the SMTP server details were my
domain, so isn't that sending THROUGH ??

Here is the output from doing:

telnet example.com 25
ehlo

===============================================
220-smtp.webhostingco.net ESMTP Exim 4.24 #1 Fri, 02
Jan 2004 19:57:30
-0500
220-We do not authorize the use of this system to
transport unsolicited,
220 and/or bulk e-mail.
250-smtp.webhostingco.net Hello [my.ip.add.ress]
250-SIZE 52428800
250-PIPELINING
250-AUTH PLAIN LOGIN
250-STARTTLS
250 HELP
==============================================

and one of the log files from Perl, when using the
NET::SMTP module

===============================================
<<< 220-smtp.webhostingco.net ESMTP Exim 4.24 #1 Thu,
04 Dec 2003 05:13:36 -0500
<<< 220-We do not authorize the use of this system to
transport unsolicited,
<<< 220 and/or bulk e-mail.
>>> EHLO localhost.localdomain

<<< 250-smtp.webhostingco.net Hello
localhost.localdomain [127.0.0.1]
<<< 250-SIZE 52428800
<<< 250-PIPELINING
<<< 250-AUTH PLAIN LOGIN
<<< 250-STARTTLS
<<< 250-HELP
====================================================

Doesn't the "250" reply from the email server:

AUTH PLAIN LOGIN

.. message indicate that unauthenticated SMTP is
possible ? The Perl script also only has the domain
name, no username/password, in fact I remember when I
tried the "AUTH" part, it (Perl module) crashed.

I am sending the email, of course, via my ISP, to the
web hosting site where my domain is hosted. Could
there be some compromise at my ISP ? Hmm, ... I was
able to do this a few months back, when we were using
another ISP. Surely, the "hole" is at the web hosting
company end ??

My concern is that, if I can do it, so can ANYONE, and
no doubt I'll get charged the bandwidth, this could
leave it open to relaying even ??

Definitely spammers would have a field day. :(

Hope you can give me some answers please. :)

Peter


__________________________________
Do you Yahoo!?
Find out what made the Top Yahoo! Searches of 2003
http://search.yahoo.com/top2003