Mail Server Flaw Opens MS Exchange to Spam

bl8n8r writes: " Exchange 5.5 and 2000 can be used by spammers to send anonymous e-mail. He says even though software Microsoft provides on its site certifies that the server is secure, it's not. There are dozens of messages--with subject lines such as 'Open relay problem' and 'We are sending spam?'--on Microsoft's Exchange Administration newsgroup, sent by information system managers who haven't been able to staunch the flow of spam from their servers. 'It is really inexcusable for a company that claims security is its top priority,' he said." If you are using vulnerable versions of Exchange, and have been hit by a Code Red variant, you may want to insure your 'guest' accounts are still disabled.

Re:Just like sendmail

[bgog]

Yes but generally (not always) it's because sendmail is misconfigured, not because of a hole. Now you could make a good case the sendmail is way to complicated to configure from scratch.

Can we sue M$??

[adelayde]

I wondering, and especially so following their ridiculous bounty on the head of virus writers propaganda stunt, if we (all users, but especially mail server administrators, network admins, ISPs) could all get together and sue M$ for gross negligence and deception, hell! even fraud for the allowing programmes that facilitate the spread of viruses via email and dodgy mail servers that have hole that propagate span.

Only a small ISP but it's cost us quite a bit already in terms of wasted bandwidth through SPAM and customer support for these viruses?

Is it possible?

Slashdot Sucks

[8400_RPM]

Why dont we try to go one day without bashing MS. How about one day with unbiased news?