|
Family: SMTP problems --> Category: infos
Sendmail redirection check Vulnerability Scan
Vulnerability Scan Summary Redirection check
Detailed Explanation for this Vulnerability Test
The remote SMTP server is vulnerable to a redirection attack. That is, if a
mail is sent to :
user@hostname1@victim
Then the remote SMTP server (victim) will happily send the mail to :
user@hostname1
Using this flaw, a possible hacker may route a message through your firewall, in
order to exploit other SMTP servers that can not be reached from the
outside.
Solution : In sendmail.cf, at the top of ruleset 98, in /etc/sendmail.cf,
insert the following statement :
R$*@$*@$* $#error $@ 5.7.1 $: '551 Sorry, no redirections.'
Threat Level: Low
Click HERE for more information and discussions on this network vulnerability scan.
|