lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <4400D4DB.6020401@fishpalace.org>
Date: Sat, 25 Feb 2006 17:06:19 -0500
From: Craig Morrison <craig@...hpalace.org>
To: bugtraq@...urityfocus.com
Subject: Mail Transport System Professional--Open Relay Hole



What: Mail Transport System Professional is a RFC compliant mail server 
for Windows.

Who: http://www.mtsprofessional.com/

Problem: Open relay hole when forwarding all outgoing mail through an ISP.

When configured to forward all outgoing mail through an ISP MTS Pro will 
accept and forward all messages that are claimed to be from a local 
domain as specified in the MAIL FROM:<.....> verb of the SMTP 
conversation regardless of point of origin.

All versions to date are affected.

Fix: MTS Pro is a pay for play solution, please contact the vendor for 
an upgrade. The issue has been resolved.

-- 
Craig Morrison
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
http://pse.2cah.com
   Controlling pseudoephedrine purchases.

http://www.mtsprofessional.com/
   A Win32 email server that works for You.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ