Encapsulated SMTP Address Vulnerability

A security vulnerability exists in Microsoft® Exchange® Server which could allow an attacker to perform mail relaying via an Exchange server that is configured to act as a gateway for other Exchange sites, using the Internet Messaging Service.

Issue

Exchange Server implements features designed to defeat "mail relaying", a practice in which an attacker causes an e-mail server to forward mail from the attacker, as though the server were the sender of the mail. However, a vulnerability exists in this feature, and could allow an attacker to circumvent the anti-relaying features in an Internet-connected Exchange Server.

The vulnerability lies in the way that site-to-site relaying is performed via SMTP. Encapsulated SMTP addresses could be used to send mail to any desired e-mail address. The patch eliminates the vulnerability by making encapsulated SMTP addresses subject to the same anti-relay protections as non-encapsulated SMTP addresses.

Affected Products

• Microsoft Exchange Server 5.5

Download

Patch: ftp://ftp.microsoft.com/bussys/exchange/exchange-public/fixes/Eng/Exchg5.5/PostSP2/imc-fix

Further Details

Source: Microsoft Corporation

Reference: Microsoft Corporation

Updated: August 6, 1999

>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<