[Sussex] Securing Mail Servers
paul.morriss at tokenbay.co.uk
paul.morriss at tokenbay.co.uk
Sun Apr 16 17:07:05 UTC 2006
[Reposted - if you want to start a new thread, do NOT reply to an
existing thread.]
Hi all
Sorry I have yet another question ;) This is regarding mail
servers....
I have been testing a new mail server setup (atm it's on a private
network, but will be public when configuration finished), I have noticed
that anyone can telnet into the mail server and issue:
helo, from, to, data and then send.... I see this as a large security
hole
as it means hacker X could send a malicious email from
webmaster at whatever.com without any authorisation.
We have added security that it will be bounced if the from address is
not
valid but is there a way so that only authorised users can send mail..
Apologies if this has been asked many times but I am new to mail
systems.
Paul
More information about the Sussex
mailing list