| Platform: | Check Point VPN-1/FireWall-1 |
| Product: | Check Point NGX, Next Generation and 4.x |
| Problem: |
Some E-Mails contain RCPT TO: addresses like me%aerasec.com@aerasec.de These are allowed by e.g. a resource accepting email for aerasec.de, even if this mail is probably destined for aerasec.com by a "half-open" internal mail relay. Additional characters for this form of trickery are '!' and '@'. |
| Workaround/Fix: |
You should configure a separate SMTP resource to handle these sender-specified routing attempts independently of your normal SMTP resources.
Define a new SMTP resource with the following Match specifications: Then, block all E-Mail matched by this resource: After installing this ruleset, E-Mail messages containing sender-specified routing will be dropped. |
No warranty at all, your Feedback is welcome!
© 2002-2010 AERAsec Network Services and Security GmbH, last change 2007-01-02
back to http://www.vpn-1.de/aerasec/
