RE: Mdeamon on my Network!

Chris Scharff Wed, 03 Sep 2003 11:31:29 -0700

A security breach that mail sent to local users is delivered? No. 

-----Original Message-----
From: Exchange List [mailto:[EMAIL PROTECTED] 
Posted At: Wednesday, September 03, 2003 9:37 AM
Posted To: swynk
Conversation: Mdeamon on my Network!
Subject: RE: Mdeamon on my Network!



Yes he is delivering it. But isn't this a security breach, is there any patch or 
something to control this by default.

-----Original Message-----
From: Chris Scharff [mailto:[EMAIL PROTECTED]
Sent: Tuesday, September 02, 2003 5:59 PM
To: Exchange Discussions
Subject: RE: Mdeamon on my Network!

He's not relaying, he's delivering inbound right?[1] You could control what servers 
are allowed to communicate on port 25 to your Exchange server, but it's a lot more 
effort than a few minutes in a closed room with the offender... unless you think this 
is the tip of the assberg, in which case it may make sense to go further lock things 
down.

[1] Although authenticated relay is generally enabled by default since one usually 
'trusts' people with authentication rights not to be complete maroons.

-----Original Message-----
From: Exchange List [mailto:[EMAIL PROTECTED]
Posted At: Tuesday, September 02, 2003 12:03 AM
Posted To: swynk
Conversation: Mdeamon on my Network!
Subject: RE: Mdeamon on my Network!

So the conclusion is that any LAN user can use my server as gateway, I have send mail 
server as well but to use e2k as a gateway I have to add the IP address for relay 
through my e2k server. Why Mdeamon is bypassing this security?

Guys, don't worry I have to kill him ;)

Irf.


-----Original Message-----
From: Steve Molkentin [mailto:[EMAIL PROTECTED]
Sent: Tuesday, September 02, 2003 4:38 AM
To: Exchange Discussions
Subject: RE: Mdeamon on my Network!

That's absolutely right - to quote the Great Ed...

"There are seldom good technological solutions to behavioural problems"

A length of 2x4 is hardly technological, and supremely satisfying
wielded in the hands of a frustrated IT admin. Win - Win!

themolk.

> -----Original Message-----
> From: Michael L. Callahan [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, 2 September 2003 9:29 AM
> To: Exchange Discussions
> Subject: RE: Mdeamon on my Network!
>
>
> In all seriousness, this is a policy issue.  If you don't
> have an acceptable use policy for your internal network and
> applications, then get one, get sign off by management,
> publish it and enforce it.  If you have one and it doesn't
> cover this, amend it so that it will.
>
> As someone wise on this list has mentioned, technology is not
> a cure for bad behavior.  A 2x4, however, is.
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Robert Moir
> Sent: Monday, September 01, 2003 3:15 PM
> To: Exchange Discussions
> Subject: RE: Mdeamon on my Network!
>
>
> I can see a recurring theme in all our replies...
>
>       -----Original Message-----
>       From: Chris Scharff [mailto:[EMAIL PROTECTED]
>       Sent: Mon 01/09/2003 19:44
>       To: Exchange Discussions
>       Cc:
>       Subject: RE: Mdeamon on my Network!
>     
>     
>
>       Grab a baseball bat and pay the user a visit.
>     
>       -----Original Message-----
>       From: Exchange List [mailto:[EMAIL PROTECTED]
>       Posted At: Monday, September 01, 2003 5:27 AM
>       Posted To: swynk
>       Conversation: Mdeamon on my Network!
>       Subject: Mdeamon on my Network!
>     
>       Hello there, I have E2k and W2k environment, what I
> have seen today is
>       that one of our user installed Mdeamon mail server &
> used my E2k as a
>       gateway to send mails to internals users with a
> different domain name.
>       How can I restrict this kind of activity?
>     
>     
>     
>       Hope you gurus out there can have some idea on this.
>     
>     
>     
>       Regards,
>     
>       Irf.
>     
>     
>     
>     
> _________________________________________________________________
>       List posting FAQ:     
> http://www.swinc.com/resource/exch_faq.htm
        Web Interface:
http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&;
lang=english
        To unsubscribe:         mailto:[EMAIL PROTECTED]
        Exchange List admin:    [EMAIL PROTECTED]
      

.ryirrʦ
.+x
 )r뺷yiu)٥+rrʸW{j


_________________________________________________________________
List posting FAQ:       http://www.swinc.com/resource/exch_faq.htm
Web Interface: 
http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=?=english
To unsubscribe:         mailto:[EMAIL PROTECTED]
Exchange List admin:    [EMAIL PROTECTED]

_________________________________________________________________
List posting FAQ:       http://www.swinc.com/resource/exch_faq.htm
Web Interface: 
http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=?=english
To unsubscribe:         mailto:[EMAIL PROTECTED]
Exchange List admin:    [EMAIL PROTECTED]


_________________________________________________________________
List posting FAQ:       http://www.swinc.com/resource/exch_faq.htm
Web Interface: 
http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=?=english
To unsubscribe:         mailto:[EMAIL PROTECTED]
Exchange List admin:    [EMAIL PROTECTED]

This email and any files transmitted with it is confidential and intended solely for 
the use of the individual or entity to which they are addressed. If you have received 
this email in error please notify the sender or mailto:[EMAIL PROTECTED] The message 
and attachment, if any, has been scanned for all known viruses, however we advice the 
recipient to check this email and any attachments for the presence of viruses, UBL 
accepts no liability for any damage caused by any virus transmitted by this 
email.3/9/2003


_________________________________________________________________
List posting FAQ:       http://www.swinc.com/resource/exch_faq.htm
Web Interface: 
http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang=english
To unsubscribe:         mailto:[EMAIL PROTECTED]
Exchange List admin:    [EMAIL PROTECTED]


_________________________________________________________________
List posting FAQ:       http://www.swinc.com/resource/exch_faq.htm
Web Interface: 
http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang=english
To unsubscribe:         mailto:[EMAIL PROTECTED]
Exchange List admin:    [EMAIL PROTECTED]

RE: Mdeamon on my Network!

Reply via email to