poprelayd & sendmail Arbitrary Mail Relay

This script is Copyright (C) 2002-2017 Tenable Network Security, Inc.


Synopsis :

An open SMTP relay may be running on the remote host.

Description :

Nessus has detected that the remote SMTP server allows relaying for
users which were identified by 'POP before SMTP'. The access control
mechanism is based on the POP server logs. However, it is possible to
poison these logs, which means that any spammer could be using your
mail server to send their emails to the world, thus flooding your
network bandwidth and possibly getting your mail server blacklisted.

Note that for some SMTP servers, such as Postfix, this plugin will
display a false positive.

See also :

https://en.wikipedia.org/wiki/Email_spam
http://seclists.org/bugtraq/2001/Jul/64

Solution :

Disable poprelayd or upgrade it.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 4.3
(CVSS2#E:H/RL:OF/RC:C)
Public Exploit Available : true

Family: SMTP problems

Nessus Plugin ID: 11080 ()

Bugtraq ID: 2986

CVE ID: CVE-2001-1075

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now