Re: [exim] Need Help to Solve security hole

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Heiko Schlittermann
Datum:  
To: exim-users
Betreff: Re: [exim] Need Help to Solve security hole
Hello,


Sergio Basurto Juarez <sbasurtoj@???> (Mi 22 Jun 2005 01:41:21 CEST):
> Hello List,
>
> I am very new to exim, I installed on a test server
> with Debian, at the very beginning I did not configure
> SMTP auth so every one that connect to my port 25 can
> send whatever they want, a couple of days ago exim
> starts to send a lot of messages with different
> domains.


As far as I know Debian it's Exim is not configured that way per
default. Debians Exim default config is fairly restricted regarding to
relaying. So I'd suppose you've some other hole on your server and
somebody managed it to reconfigure Exim for relaying or is using some
other tool for relaying.

Having open and not authorizing port 25 doesn't mean that you've a
security hole.

How get you known about 'sending a lot of messages'?


    Best regards from Dresden
    Viele Gruesse aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann HS12-RIPE -----------------------------------------
 gnupg encrypted messages are welcome - key ID: 48D0359B ---------------
 gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2  7E92 EE4E AC98 48D0 359B -