Re: [exim] Open relay?

Top Page
Delete this message
Reply to this message
Author: Klaus Ethgen
Date:  
To: exim-users
Subject: Re: [exim] Open relay?

Am Di den 14. Feb 2012 um 22:22 schrieb Ralph Ballier:
> I found this lines in mainlog:
>
> 2012-02-13 16:25:53 1Rwxmr-0003tG-09 <= havicker@??? H=(User) [4.79.231.188] P=esmtpa A=login S=1695
> 2012-02-13 16:25:54 1Rwxmr-0003tG-09 => 23vbennett@??? R=dnslookup T=remote_smtp H=gmail-smtp-in.l.google.com [173.194.65.27]
> 2012-02-13 16:25:54 1Rwxmr-0003tG-09 Completed


There is two thinks I wonder about.
1. You have esmtpa instead of esmtpsa that means that the password of
the authentication is send unencrypted! So everybody on the line can
read it.
2. After A=login there should be the authenticated user. As it is not
shown I presume that you have a but in the authentication part that
lets users login without a user name.

Regards
Klaus

Ps. And 3. you post TOFU, but that's another story.
-- 
Klaus Ethgen                              http://www.ethgen.ch/
pub  4096R/4E20AF1C 2011-05-16   Klaus Ethgen <Klaus@???>
Fingerprint: 85D4 CA42 952C 949B 1753  62B3 79D0 B06F 4E20 AF1C