[Cialug] pop-before-smtp

Tom Pohl tom at tcpconsulting.com
Wed Sep 28 20:26:53 CDT 2005


I use it and agree, yes, you are being paranoid.  In my setup (qmail  
with vpopmail), the entry lasts for 60 minutes and yes, everyone from  
behind that IP can theoretically relay through your SMTP server.

While you're being paranoid, you should use a VPN connection to  
another network so you're coming from a different IP and because you  
don't want the guy with the sniffer to know you're using POP3 without  
SSL :)

-Tom


On Sep 28, 2005, at 6:30 PM, David Champion wrote:

> Anyone here running pop-before-smtp?
>
> I think I have it all working correctly (the Perl version). Once I  
> check my email via pop (actually, imap in this case) it writes an  
> entry in the /etc/postfix/pop-before-smtp.db and then allows that  
> IP address to relay email.
>
> The main problem I see with this once one person authenticates,  
> then in theory anyone could relay mail. So if I'm at a Starbuck's,  
> and send an email, a spammer could in theory start using me as a  
> relay. I tested this and I can send email from a different PC  
> within my firewall once I've authenticated from my PC - since they  
> both look like they're coming from the same IP address from the  
> outside. I know this is being paranoid... but it would be pretty  
> trivial to figure out using a packet sniffer.
>
> The docs mention that the relaying is supposed to be open for only  
> a "very short time". I don't see a mechanism for it to clear the  
> records out of the hash db... maybe there's a time stamp in there  
> too. When I did it, there was a minute or two between the  
> authentication, and the "bogus" relaying that got thru.
>
> -dc
>
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
>



More information about the Cialug mailing list