![[SpamCop.net - protecting the internet through technology]](http://news.spamcop.net/newlogo.jpg)
[SpamCop-List] Re: spamcop posting
Mike Easter
MikeE at ster.invalid
Tue Aug 24 16:02:17 EDT 2004
Mike Easter wrote:
>> More likely you just haven't determined your insecurity. There's an
>> Exchange server there; they are notorious for smtpauth exploits.
>
> 220 mail.viecore.com Microsoft ESMTP MAIL Service, Version:
> 5.0.2195.6713 ready
Here's some information which Ellen has posted in the past re smtp/auth
when she looked at evidence:
<Ellen quote>
Your exchange server is
relaying spam for spammers. It appears that your exchange server is being
used by spammers exploiting the SMTP/AUTH hack. Please see this faq for
information about the exploit and how to fix the problem:
http://news.spamcop.net/cgi-bin/fom?file=372
http://www.winnetmag.com/article/articleid/40507/40507.html
http://www.winnetmag.com/article/articleid/42406/42406.html
This exploit allows spammers to relay thru your exchange server. This
relaying does not show up using standard open relay tests as the spammer
has
gained "legal" access to your server by hacking an account/password
combination.
</quote>
I didn't know this about the exchange version nos snipped from the 372
faq above:
"At first glance that does look like MS Exchange 5.0, but tracing the
version number through the Microsoft website we find this is really
Microsoft IIS/5 service, which is included as part of Microsoft Windows
2000 Professional and Windows 2000 Server."
--
Mike Easter
kibitzer, not SC admin
More information about the SpamCop-List
mailing list