Detections
Analytics

NTMail3 Arbitrary Mail Relay

high Nessus Plugin ID 10167

Language:

Synopsis

An open SMTP relay is running on the remote host.

Description

Nessus has detected that the remote SMTP server allows anyone to use it as a mail relay provided that the source address is set to '<>'.
This issue allows any spammer to use your mail server to send their mail to the world, thus flooding your network bandwidth and possibly getting your mail server blacklisted.

Solution

Reconfigure your SMTP server so that it cannot be used as an indiscriminate SMTP relay. Make sure that the server uses appropriate access controls to limit the extent to which relaying is possible.

See Also

https://en.wikipedia.org/wiki/Email_spam

http://www.nthelp.com/40/ntmailspam.htm

Plugin Details

Severity: High

ID: 10167

File Name: nt_spam.nasl

Version: Revision: 1.41

Type: remote

Published: 6/22/1999

Updated: 5/5/2017

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS v3

Risk Factor: High

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vulnerability Information

Vulnerability Publication Date: 6/6/1999