MTA Open Mail Relaying Allowed

This script is Copyright (C) 1999-2011 Tenable Network Security, Inc.


Synopsis :

An open SMTP relay is running on this port.

Description :

The remote SMTP server appears to allow mail relaying. This means
that an unauthenticated, remote user could possibly use the mail
server to send messages to the world, thus wasting network
bandwidth and computer resources. Such servers are targeted by
spammers for sending unsolicited bulk email (UBE).

In some scenarios, the number of messages enqueued for delivery could
be in the hundreds of thousands, causing the mail server to crash. In
addition, SMTP servers that allow relaying are frequently added to
real-time block lists maintained by security sites and used by
companies world-wide. If added to such a list, delivery of legitimate
mail could be severely impacted, causing a form of denial of
service.

Solution :

Investigate whether the server should allow mail relaying.

If it should not, consult the product documentation or contact the
vendor in order to reconfigure the server to reject relaying attempts.

Otherwise, make sure that the service uses appropriate access controls
to limit the extent to which relaying is possible.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 6.8
(CVSS2#E:H/RL:OF/RC:C)
Public Exploit Available : true

Family: SMTP problems

Nessus Plugin ID: 10262 ()

Bugtraq ID: 6118
7580
8196

CVE ID: CVE-1999-0512
CVE-2002-1278
CVE-2003-0285