[Sussex] Securing Mail Servers
paul.morriss at tokenbay.co.uk
paul.morriss at tokenbay.co.uk
Sun Apr 16 16:01:15 UTC 2006
Hi all
Sorry I have yet another question ;) This is regarding mail servers....
I have been testing a new mail server setup (atm it's on a private
network, but will be public when configuration finished), I have noticed
that anyone can telnet into the mail server and issue:
helo, from, to, data and then send.... I see this as a large security hole
as it means hacker X could send a malicious email from
webmaster at whatever.com without any authorisation.
We have added security that it will be bounced if the from address is not
valid but is there a way so that only authorised users can send mail..
Apologies if this has been asked many times but I am new to mail systems.
Paul
More information about the Sussex
mailing list