Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mail Server Flaw Opens MS Exchange to Spam

Posted by Cliff on from the close-those-guest-account dept.

bl8n8r writes: " Exchange 5.5 and 2000 can be used by spammers to send anonymous e-mail. He says even though software Microsoft provides on its site certifies that the server is secure, it's not. There are dozens of messages--with subject lines such as 'Open relay problem' and 'We are sending spam?'--on Microsoft's Exchange Administration newsgroup, sent by information system managers who haven't been able to staunch the flow of spam from their servers. 'It is really inexcusable for a company that claims security is its top priority,' he said." If you are using vulnerable versions of Exchange, and have been hit by a Code Red variant, you may want to insure your 'guest' accounts are still disabled.

2 of 487 comments (clear)

  1. A pedant speaks by Lucky+Kevin · · Score: 0, Flamebait
    "you may want to insure your 'guest' accounts are still disabled."

    Sorry, I can't hold back, so many Americans get this wrong, you want to ensure that the accounts are disabled.

    --
    Kevin
    "It's not the cough that carries you off, it's the coffin they carry you off in" O. Nash
  2. Upgrade now so MS doesn't have to patch it! by orthancstone · · Score: 0, Flamebait
    Microsoft, however, said the problem is relatively minor and that the company hasn't had many complaints.


    So a problem caused by a worm is basically trivial, eh MS?

    I like how they cover their ass by implying that the easiest solution is to upgrade to the non-vulnerable 2003 Server...marketing at its best...