smtp relay - internal IP
Results 1 to 10 of 10

Thread: smtp relay - internal IP

  1. #1
    Junior Member
    Join Date
    May 2005
    Posts
    4

    smtp relay - internal IP

    Hello all,
    when internal clients that work with Linux or outlool express uses our Exchange 5.5 IMC to relay messages to the Internet, the internal IP of the client is shown in the headers (received: XX....).

    I´m running exchange 5.5 SP4 over w2000 updated. This server is in a DMZ (2 network adapters) behind a firewall. The "routing restrictions" of the IMC is set to "Host & clients with these IP addresses"
    How can I avoid these? Is there a way to masquerade these IPs?
    Thanks.
    Andrea

  2. #2
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Since the internal addresses should be private why would you care that the address shows, it's unreachable from the internet?
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  3. #3
    Senior Member
    Join Date
    Oct 2002
    Posts
    1,130
    Could it theoretically be an information leak maybe?

    Maybe it could be used as a primitive mapping technique?
    Government is like fire - a handy servant, but a dangerous master - George Washington
    Government is not reason, it is not eloquence - it is force. - George Washington.

    Join the UnError community!

  4. #4
    Junior Member
    Join Date
    May 2005
    Posts
    4
    Its called Information disclosure. Certains attacks can be done through a firewall if you know the internal IPs.
    Andrea

  5. #5
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    IIRC Exchange 5.5 isn't able to filter out these 'internal' received headers. You probably need a third party tool to relay and reformat your email before sending them out on the Internet.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  6. #6
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Those attacks through the firewall require a level of sophistication that far exceeds your average cracker. If your assets are not of _critical_ value then the potential for loss is probably negligable.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  7. #7
    Senior Member
    Join Date
    Oct 2001
    Posts
    748
    Those attacks through the firewall require a level of sophistication that far exceeds your average cracker. If your assets are not of _critical_ value then the potential for loss is probably negligable.
    And if your resources are that important that that type of attack would be an issue you should consider running a mail system that is still supported by the vendor. Exchange5.5 is no longer a supported product unless you also bought the software assurance package with your licenses. If you have software assurance there wouldn't be a reason for you to not upgrade, so I would guess that you don't have software assurance.

    You won't get any non-security related hotfixes for 5.5 without the extended support, and security hotfixes will stop being produced this year.

  8. #8
    Junior Member
    Join Date
    May 2005
    Posts
    4
    so ..... a third party tool or installing Qmail server for those clients ...
    Thank you.
    Andrea

  9. #9
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    I'm no Qmail expert but I believe you can use an upstream qmail server (e-mail gateway) to filter/reformat your outgoing email. This will keep your Exchange/Outlook functionality but has the added bonus of being able to filter stuff out (including 'dangerous' attachments, spam etc.). Which is basicly the "third party tool" I was talking about..
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  10. #10
    Junior Member
    Join Date
    May 2005
    Posts
    4
    thanks.
    Andrea

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •