|
Posted by Roger Abell [MVP] on January 5, 2006, 1:31 pm
Please log in for more thread options
via an online form ???
only if the form is really poorly written
I can envision a form that allows one to enter every field
needed for an email and that just passes that along.
Then clearly one can automate something that just does
http posts over and over with as long of a to list as the
form allows.
That is a programming error however, not an issue in
the IIS implementation of SMTP, nor for that matter in
the MS implementation of CDO if that is what the form
used.
show/hide quoted text
> Hi All...
> Without being too specific here for security reasons, does anyone know if
> a
> security vulnerability in IIS 6's SMTP service that would allow an
> attacker
> to relay spam via an online web form?
>
| 
XML Sitemap
> Without being too specific here for security reasons, does anyone know if
> a
> security vulnerability in IIS 6's SMTP service that would allow an
> attacker
> to relay spam via an online web form?
>