|Check Point Reference:||CPAI-2012-1330|
|Date Published:||12 Feb 2013|
|Protection Provided by:||
|Who is Vulnerable?|| Postfix Project Postfix 2.1.3 to 2.1.4-4 |
Postfix Project Postfix 2.1.3-1ubuntu17
|Vulnerability Description||There is a vulnerability in the way Postfix handles the relaying of e-mail messages A successful attack allows an attacker to use the target Postfix as an open relay to MX hosts with IPv6addresses.|
|Vulnerability Details||In certain configurations, the vulnerable Postfix becomes an open relay for mail addressed to MX host with IPv6 addresses. An attacker sends a email from untrusted host through a vulnerable Postfix server. The email destinationdomain contains a MX record which has a AAAA (IPv6) record. The email is relayed by the Postfix server, triggering the vulnerability.|
This protection will detect and block arbitrary mail ent by the attacker
- In the IPS tab, click Protections and find the Postfix IPv6 Relaying Security Issue protection using the Search tool and Edit the protection's settings.
- Install policy on all modules.
SmartView Tracker will log the following entries:
Attack Name: SMTP Protection Violation
Attack Information: Postfix IPv6 Relaying Security Issue