NTMail3 Arbitrary Mail Relay

High Nessus Plugin ID 10167

Synopsis

An open SMTP relay is running on the remote host.

Description

Nessus has detected that the remote SMTP server allows anyone to use it as a mail relay provided that the source address is set to '<>'.
This issue allows any spammer to use your mail server to send their mail to the world, thus flooding your network bandwidth and possibly getting your mail server blacklisted.

Solution

Reconfigure your SMTP server so that it cannot be used as an indiscriminate SMTP relay. Make sure that the server uses appropriate access controls to limit the extent to which relaying is possible.

See Also

https://en.wikipedia.org/wiki/Email_spam

http://www.nthelp.com/40/ntmailspam.htm

Plugin Details

Severity: High

ID: 10167

File Name: nt_spam.nasl

Version: Revision: 1.41

Type: remote

Published: 1999/06/22

Updated: 2017/05/05

Dependencies: 10262, 10249, 11038, 17975

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS v3.0

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vulnerability Information

Vulnerability Publication Date: 1999/06/06