Announcement

Collapse
No announcement yet.

SMTP header vulnerability

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • SMTP header vulnerability

    Dera friends,

    I am just annoyed after recieving mail from my exchange server successfully in GMAIL and looked deep for the header information, coz its displaying my server details, internal LAN ip assigned to it, my domain name, domain's UPN suffix and all the very very sensitive information.

    PLz plz plz...consider this as a seveiour problem and help me to secure my server..

    Here i am pasting the details. and for security reasons i altered the original message


    X-Gmail-Received: 60f4b33a6bfac24bfd44bd18738d9dccc14fd659
    Delivered-To: [email protected]
    Received: by xx.xx.xx.xx with SMTP id k20cs119410nzk;
    Wed, 24 May 2006 06:22:05 -0700 (PDT)
    Received: by xx.xx.xx.xx with SMTP id f16mr1701597huf;
    Wed, 24 May 2006 06:22:05 -0700 (PDT)
    Return-Path: < [email protected] >
    Received: from exchange.mydomain.com (exchange.mydomain.com [xx.xx.xx.xx])
    by mx.gmail.com with ESMTP id 4si1771001hud.2006.05.24.06.22.03;
    Wed, 24 May 2006 06:22:05 -0700 (PDT)
    Received-SPF: pass (gmail.com: best guess record for domain of [email protected] designates xx.xx.xx.xx as permitted sender)
    Received: from exchange.mydomain.com ([xx.xx.xx.xx]) by exchange.mydomain.com with Microsoft SMTPSVC(6.0.3790.1830);
    Wed, 24 May 2006 18:52:02 +0530
    Subject: TEST
    MIME-Version: 1.0
    Content-Type: multipart/alternative;
    boundary="----_=_NextPart_001_01C67F35.0AED490D"
    Content-class: urn:content-classes:message
    X-MimeOLE: Produced By Microsoft Exchange V6.5
    Date: Wed, 24 May 2006 18:52:01 +0530
    Message-ID: <[email protected] exchange.mydomain.com>
    X-MS-Has-Attach:
    X-MS-TNEF-Correlator:
    Thread-Topic: TEST
    Thread-Index: AcZ/NQrq8KJEXA0fT267S1rbeFDOBw==
    From: "radhakanth ayyagari" < [email protected] >
    To: <[email protected]>
    Return-Path: [email protected]
    X-OriginalArrivalTime: 24 May 2006 13:22:02.0394 (UTC) FILETIME=[0B2A17A0:01C67F35]

    This is a multi-part message in MIME format.



    Thankx to u all in advance...waiting for your valuble reply

    Regards

    Radha Kanth

  • #2
    Re: SMTP header vulnerability

    Unfortunatlet i don't think you can remove this information as it is vital for the tracking of the email.

    As far as i know the information in the email headers is widely available anyway if you know where and how to look.

    As for it showing the internal address of your server is this the same as your MX record??

    Comment


    • #3
      Re: SMTP header vulnerability

      Hi..Thankx for your immediate reply...

      As u told this is quite common information in a header, But in my case all the information about my LAN IP and NetBIOS name assigned to the exchange server is even getting exposed.....Can't i prevent this?????

      Plz help me...

      Comment


      • #4
        Re: SMTP header vulnerability

        Hii....there is an another bug i found...

        It is even displaying my location from where i attatched my SIGNATURE file......


        GOD save ME.....

        Comment

        Working...
        X