[AusNOG] Did you wake up one day as a slave? unmask the reality of our financial existence.
scott at doc.net.au
Fri Mar 1 16:38:38 EST 2013
On Fri, Mar 1, 2013 at 5:33 AM, Tim March <march.tim at gmail.com> wrote:
> On 1/03/13 12:22 PM, Heinz N wrote:
> IMHO : If the ausnog SMTP MTA relays for ausnog.net, then the external
> spammer can pretend to be FROM ausnog.net, sending TO ausnog.net. The
> SMTP agent will then relay with no questions asked. No pwnage required.
> This is a Bad Thing ™ from a security perspective. Imagine the amount of
> spam you'd get if Google allowed unauthenticated localdomain relay for
Umm.. They do. It's called "inbound email".
scott at zaphod:~$ telnet gmail-smtp-in.l.google.com 25
Connected to gmail-smtp-in.l.google.com.
Escape character is '^]'.
220 mx.google.com ESMTP pd3si9862485icb.71 - gsmtp
250 mx.google.com at your service
mail from:<march.tim at gmail.com>
250 2.1.0 OK pd3si9862485icb.71 - gsmtp
rcpt to:<march.tim at gmail.com>
250 2.1.5 OK pd3si9862485icb.71 - gsmtp
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the AusNOG