Video Screencast Help
Search Video Help Close Back
to help

is it SMG security issue?

Created: 24 Jun 2012 | Updated: 25 Jun 2012 | 3 comments
nnn's picture
nnn
0 0 Votes
Login to vote
This issue has been solved. See solution.

Hi,

we use SMG 9.5.4. What I found, i tried to connect from any computer in local vlan and send email to local exchange server using telnet:

220 mail.ourdomain.local ESMTP Symantec Messaging Gateway
helo computername
250 mail.ourdomain.local says HELO to 192.168.1.24:59181
mail from: aaa@aaa.com
250 MAIL FROM accepted
rcpt to: postmaster@ourdomain.local
250 RCPT TO accepted
data
354 continue.  finished with "\r\n.\r\n"
test massage
.
250 OK 6E/1E-19702-2FA85EF4
quit
221 mail.ourdomain.local closing connection

 

Is this an security issue? Can this be used to send unauthorised emails to outside or inside mail server or recipients?

thanks
n

Discussion Filed Under:
,

Comments 3 CommentsJump to latest comment

TSE-JDavis's picture
TSE-JDavis Symantec Employee Accredited
is it SMG security issue? - Comment:25 Jun 2012 : Link

This is the default setting, to accept incoming email from any IP address. This allows the Messaging Gateway to accept email from anyone. Most people use the Messaging Gateway to relay mail from their application servers in their network and accept email from anyone out on the Internet.

Outgoing mail is different. We don't let you allow outgoing mail from any IP address, you can only specify a range or specific IP to allow outgoing mail from to avoid making the Messaging Gateway an open relay.

SOLUTION
+2
Login to vote
  • Actions
nnn's picture
nnn
is it SMG security issue? - Comment:25 Jun 2012 : Link

Is this configured on:

To configure the Scanner for inbound mail filtering only

1 On the Scanner Role page, click Inbound mail filtering and click Next.
2 On the Inbound Mail Filtering page, click the drop-down list to select the IP address to use for inbound mail filtering.
3 In the Inbound mail SMTP port field, type the port, and then click Next.
4 On the Inbound Mail Filtering - Accepted Hosts page, to specify the IP addresses of the mail servers from which this Scanner should accept inbound mail, select one of the following options:

You want your Scanner to accept mail from all sources or the Scanner is deployed at the Internet gateway. For a Scanner that is deployed at the Internet gateway, Symantec recommends that you select this option to let the appliance accept mail from any MTA on the Internet.

Can I restrict Inbound Mail Filtering only to my exchange server? as exchange works as SMTP server.

thanks, 

0
Login to vote
  • Actions
TSE-JDavis's picture
TSE-JDavis Symantec Employee Accredited
is it SMG security issue? - Comment:25 Jun 2012 : Link

Absolutely, although that defeats most of our features, especially spam effectiveness.

+1
Login to vote
  • Actions