> the next step may be running nmap against the listening ports and > grabbing the "banner" to see if one of those ports returns the SMTP > server banner;
All ports report as expected. No unexpected ports are open. > I'd check if the server is running any kind of web service; in such > a case the "assp bypass" may come from some page or cgi allowing to > directly send emails Lasso is present, but acts as a mail server, looking up the mx for the destination domain. I know of no way to compromise Lasso to do this. php is present for WordPress sites, but I know of no security holes in the latest version of WP. I can see no other means for the mail to get through. :-/ T. ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test
