[59628] in North American Network Operators' Group
Re: qmail smtp-auth bug allows open relay
daemon@ATHENA.MIT.EDU (W.D. McKinney)
Tue Jul 15 00:47:04 2003
From: "W.D. McKinney" <dee@akwireless.net>
To: nanog@merit.edu
In-Reply-To: <20030714103400.A43126@jedi.staff.chagres.net>
Date: 14 Jul 2003 20:45:44 -0800
Errors-To: owner-nanog-outgoing@merit.edu
John,
Did you mean to post this on the qmail list per chance ?
Dee
On Mon, 2003-07-14 at 08:34, John Brown wrote:
> seems that there are installs of the smtp-auth patch
> to qmail that accept anything as a user name and password
> and thus allow you to connect.
>
> http://marc.theaimsgroup.com/?l=qmail&m=105452174430616&w=2
>
> is one URL that talks about this.
>
> There has been an increase is what appears to be qmail based
> open-relays over the last 5 days. Each of these servers
> pass the normal suite of open-relay tests.
>
> Spammers are scanning for SMTP-AUTH and STARTTLS based
> mail servers that may be misconfigured. Then using them
> to send out their trash.
>
> Some early docs on setting up qmail based smtp-auth systems
> had the config infor incorrect. This leads to /usr/bin/true
> being used as the password checker. :(
>
> >From an operational perspective, I suspect we will see more
> SMTP scans
>
> The basic test (see URL above) should get incorporated into
> various open-relay testing scripts.
>
> cheers
>
> john brown
> chagres technologies, inc
>
>
