NTMail3 Arbitrary Mail Relay
High Nessus Plugin ID 10167
SynopsisAn open SMTP relay is running on the remote host.
DescriptionNessus has detected that the remote SMTP server allows anyone to use it as a mail relay provided that the source address is set to '<>'.
This issue allows any spammer to use your mail server to send their mail to the world, thus flooding your network bandwidth and possibly getting your mail server blacklisted.
SolutionReconfigure your SMTP server so that it cannot be used as an indiscriminate SMTP relay. Make sure that the server uses appropriate access controls to limit the extent to which relaying is possible.