Re: [exim] Exim installations data

Top Page
Delete this message
Reply to this message
Author: Nigel Metheringham
Date:  
To: exim users
Subject: Re: [exim] Exim installations data
On 13 Dec 2010, at 14:59, W B Hacker wrote:

> I'd be surprised if more than 70% of all in-service 'legitimate' MTA even HAVE
> an MX record. I've seen far too many rely on A and PTR only.


There are many MTA configs which are intended to mail relay only
and may never accept mail for delivery at all. Given an exploitable
issue these may be at risk even if they would never actually accept
relayed mail in normal circumstances.

As it happens I had a vulnerable install on a Bytemark VPS, but the
config meant it wasn't exposed (localhost exposure only so required
a login on the box to exploit).

    Nigel.
--
[ Nigel Metheringham             Nigel.Metheringham@??? ]
[ - Comments in this message are my own and not ITO opinion/policy - ]