Mailing List SIMS@stalker.com Message #5813
From: Michael Croft <michael@whiterose.org>
Subject: source routing?
Date: Mon, 24 Apr 2000 17:32:40 -0500
To: <SIMS@mail.stalker.com>
X-Mailer: QUALCOMM Windows Eudora Version 4.3.1
one of my users asked me the following.  Is this an exploit?  Did his routed mail get through because he checked his mail and thus validated his IP?  I am running 1.8b8 and have relay for clients only, 3 minute timeout on authenticated relay, and verify return paths turned on in the SMTP module.

It looks like I forwarded mail from an fdns.net address to a bigfoot address.

his comments and headers and logs follow:
>
>Do you want source routing to work via your server?  It's a policy
>decision, and perhaps your server software doesn't let you say one way
>or the other.
>
>I sent this message to:
>
>  @whiterose.org:myuser@bigfoot.com
>
16:46:45 2 SYSTEM [S.0001037354] <200004242146.QAA01843@:myuser.fdns.net> 1+0 From:myuser@bigfoot.com
16:46:46 2 SMTP-743(bigfoot.com) [S.0001037354] sent, 532 bytes
16:46:46 2 SYSTEM(SMTP) [S.0001037354] sent to (bigfoot.com)myuser
16:46:46 2 SYSTEM [S.0001037354] deleted
16:46:47 2 SMTP-744([208.156.39.206]) {S.0001037355} received, 1009 bytes
16:46:47 2 SYSTEM [S.0001037355] <200004242146.QAA01843@myuser.fdns.net> 0+1 From:myuser@bigfoot.com
16:46:48 2 SYSTEM(POP) [S.0001037355] delivered to (myuser)
16:46:48 2 SYSTEM [S.0001037355] deleted
16:49:31 2 SMTP-745([208.191.153.196]) {S.0001037356} received, 1665 bytes
16:49:31 2 SYSTEM [S.0001037356] <200004242148.QAA01853@myuser.fdns.net> 0+1 From:myuser@binkley.fdns.net
16:49:32 2 SYSTEM(POP) [S.0001037356] delivered to (myuser) 16:49:32 2 SYSTEM [S.0001037356] deleted


>
>
>-------- Original Message --------
>Return-Path: myuser@bigfoot.com
>Received: from [208.156.39.206] (HELO bigfoot.com) by whiterose.org
>(Stalker SMTP Server 1.8b8) with SMTP id S.0001037355 for
><myuser@whiterose.org>; Mon, 24 Apr 2000 16:46:47 -0500
>Received: from whiterose.org ([216.59.27.83])by BFLITEMAIL5.bigfoot.com
>(LiteMail v2.43(BFLITEMAIL5)) with SMTP id
>24Apr2000_BFLITEMAIL5_19362_167853030;Mon, 24 Apr 2000 17:49:14 -0400
>EST
>Received: from [208.191.153.196] (HELO binkley.fdns.net) by
>whiterose.org (Stalker SMTP Server 1.8b8) with ESMTP id S.0001037354 for
><@whiterose.org:myuser@bigfoot.com>; Mon, 24 Apr 2000 16:46:44 -0500
>Received: from localhost (IDENT:myuser@localhost.localdomain
>[127.0.0.1])by myuser.fdns.net (8.9.3/8.9.3) with SMTP id QAA01843for
>@whiterose.org:myuser@bigfoot.com; Mon, 24 Apr 2000 16:46:05 -0500
>Date: Mon, 24 Apr 2000 16:46:05 -0500
>From: binkley@bigfoot.com
>Message-Id: <200004242146.QAA01843@myuser.fdns.net>
>X-Mozilla-Status: 8001
>X-Mozilla-Status2: 00000000
>X-UIDL: 1037355
>
>blah!
>--------------
Michael Croft                     "Babeheart?  What's it about?"
mailto:michael@whiterose.org      it's about a cute little pig that
http://www.whiterose.org/michael  slaughters the English"
                                              -- Freakazoid
>--------------
Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster