SMTP
SMTP
Simple Mail Transfer Protocol (SMTP) is the de facto standard for e-mail transmission across the Internet. Formally SMTP is defined in RFC 821 (STD 10) as amended by RFC 1123 (STD 3) chapter 5. The protocol used today is also known as ESMTP and defined in RFC 2821.
SMTP is a relatively simple, text-based protocol, where one or more recipients of a message are specified (and in most cases verified to exist) and then the message text is transferred. It is quite easy to test a SMTP server using the telnet program.
Definitions provided by Wikipedia - The Free Encyclopedia
SMTP Related Products
The GB-Ware is a software firewall powered by GNAT Box System Software certified to ICSA 4.0 Corporate criteria. The GNAT Box System Software was designed from the ground up as an integrated firewall system with interoperability of features, easy installation and remote management. We supply the OS and firewall software - you supply the hardware.
More information
Protecting customer and other confidential data from malicious and accidental leaks is one of the top business and IT security challenges facing organisations today. Compounding this problem, CIOs and CSOs must protect their data amid pressure from regulatory and corporate compliance requirements, customer and competitive pressures, and the rising cost and publicity of data leaks. Websense Data Security Suite is the leading solution for preventing data loss.
More information
Intelligent application delivery controller for data center optimisation delivering advanced Layer 4-7 policies, application acceleration services, integrated security and bandwidth management to eliminate traffic surges, server bottlenecks, connectivity disconnects and downtime for ensured business continuity.
More information
The Blue Coat ProxySG 210 provides an affordable appliance solution for remote offices where direct Internet access requires accelerated performance of business applications and granular control of web communications. At the edge of an organization’s application delivery infrastructure, the ProxySG 210 provides controlled acceleration of business applications across the globally-distributed enterprise.
More information
SMTP Related Industry News
Microsoft tweaks, new laws won't make '04 safer Looking back at security issues of 2003 and ahead to 2004 For computer security experts, 2003 started with the Slammer Internet worm and went downhill from there. The year, which included four major worm and virus outbreaks just in August, has been labeled the "year of the worm" and "the worst year ever" by more than one computer security expert.
All that activity meant good news for antivirus software companies, such as Symantec. It was bad ne......
[more] New version of MyDoom appears Internet security companies said Monday that they discovered a new version of the MyDoom e-mail worm circulating on the Internet The new version, MyDoom.C, is a modified copy of the virus that ravaged the Internet in January. Unlike its predecessor, however, the new variant does not use e-mail or the Kazaa peer-to-peer network to spread and is not expected to make much of an impact on the Internet, said managed security services provider LURHQ Corp.
MyDoom.C bot......
[more] Cheesy new Bagle virus has little bite Yet another new Internet mass-mailer worm was reported spreading in the wild on Tuesday, Bagle.B, also known as Tanx-A, and dubbed by some as Goldfinger (because it saves itself as a file au.exe, and au is the periodic symbol for gold).
It’s not another Mydoom however, although like it, it does have a remote access component. Network Associates’ McAfee AVERT anti-virus research division raised its risk assessment of Bagle.B, but only to Medium, whereas M......
[more] New worm masquerades as Microsoft update Sober variant employs latest social engineering technique A new variant of the Sober worm has surfaced this morning, antivirus specialist F-Secure has warned.
Sober D pretends to be a Microsoft software update that protects against a new version of the MyDoom worm.
Once activated the worm displays a patch loading screen, but harvests email addresses and mails itself out using its own SMTP engine.
The email, written in either English or German, h......
[more] ISP Gets Tough With 'Zombie' Customers Broadband provider Comcast is taking a tough new approach to targeting "spam zombies" -- those virus-infected, unwitting spam-sending computers among its broadband base.
The ISP is telling customers to get virus-scanning and firewall software loaded or risk losing their high-speed connection until the problem of virus infections on their computer is fixed.
In recent weeks, the cable broadband giant has been alerting surprised customers to the probl......
[more] Trust me I'm clean, claims virus The latest in a long line of NetSky variants, Netsky-P, tries to lull users into a false sense of security by containing spoofed disclaimers from anti-virus firms.
NetSky-P, first spotted over the weekend, was programmed to begin mass mailing yesterday. After encountering only a few copies of the virus during its "seeding" period, email filtering firm MessageLabs blocked 200,000 copies of the worm yesterday afternoon.
Like previous versions, NetSky-P is......
[more] The Joe Job DoS attack A problem with the way that non-delivery notifications are sent by many mail servers could be exploited to launch "mail bomb" denial of service attacks.
Incorrectly configured mail servers may respond to mail delivery failure with as many non-delivery reports as there are undeliverable cc: and bcc: addresses contained in the original email. By forging the source of an email, hackers could bombard systems with spurious emails.
Security researchers have now demonstrat......
[more] How did MyDoom become the worst virus outbreak ever? Find out why the MyDoom worm tricked so many users and IT departments. During the last two weeks of January 2004, the MyDoom e-mail worm (also known as Novarg, Shimg, or Mimail.R) swept across the Internet in epic proportions, causing some analysts to declare it the worst-ever virus outbreak.
This worm arrived with the executable extensions of .pif, .scr, .exe, .cmd, .bat, or .zip. With the exception of the .zip file extension, most IT dep......
[more] Can eMstamps Stop Spam? A small Massachusetts software company wants to stop spammers by making sure they feel some pain in their pocketbooks.
The company, eMstamp, has applied for a patent to add an electronic postage system to the existing SMTP e-mail protocol, all in an effort to stop spammers by upping their costs of business.
eMstamp is the brainchild of ImagineNation, a father and son software company based in Swansea, Massachusetts. According to Mel Davey, the father part of the......
[more] Don't let e-mail be your Achilles' heel Throwing money at a problem doesn't guarantee that it will go away. Sometimes the answer is to throw around a little common sense.
At the recent Enterprise Messaging Decisions 2004 conference, Kevin Beaver, founder and principal at Kennesaw, Ga.-based Principle Logic LLC, offered some plain-spoken advice to IT professionals on how to protect against messaging-system vulnerabilities without busting their budgets.
Beaver discussed common mistakes th......
[more] Wallon Worm Deceives Users New threat exploits long-patched flaw in Internet Explorer. Antivirus experts are warning users about a new worm called Wallon that uses deceptive Web links to Yahoo.com to trick users into downloading malicious programs.
Wallon first appeared last Friday and spreads in e-mail messages. Antivirus companies report increased instances of the worm this week, and say users could be tricked by its e-mail messages, which do not contain virus-infected file attachments.......
[more] Secure E-Mail Specs Could Merge Microsoft meets with SPF author to craft a technology standard. After submitting its Caller ID e-mail authentication specification to a standards body, Microsoft is discussing merging its spec with another, called Sender Policy Framework, or SPF.
E-mail experts from Microsoft will spend a weekend meeting with SPF author Meng Weng Wong of Pobox.com, looking for ways to merge the closely-related Caller ID and SPF standards, according to Wong.
"Basically, we'......
[more] Zombie PCs spew out 80% of spam Four-fifths of spam now emanates from computers contaminated with Trojan horse infections, according to a study by network management firm Sandvine out this week. Trojans and worms with backdoor components such as Migmaf and SoBig have turned infected Windows PCs into drones in vast networks of compromised zombie PCs.
Sandvine reckons junk mails created and routed by "spam Trojans" are clogging ISP mail servers, forcing unplanned network upgrades and stoking......
[more] Microsoft's anti-spam plan 'hijacked by zombies' Microsoft's plan to reduce spam by forcing an email sender's machine to solve a puzzle may be defeated by the Internet's army of zombie PCs, say security experts One of Microsoft's plans to fight the spam epidemic is unlikely to adversely affect spammers or reduce the quantity of spam, according to security experts.
Microsoft's chairman Bill Gates has been calling for the IT industry to work together and eradicate the spam problem. About six m......
[more] Better checks to stop spam An open-source anti-spam group is pioneering technical changes to the email system Open-source anti-spam specialist ASSP this week became the latest software developer to implement the Sender Policy Framework (SPF) anti-spam scheme.
Beta versions of ASSP with SPF support are currently being tested, and SPF is set to be included in the next version of ASSP, expected soon. SPF extends the Simple Mail Transfer Protocol (SMTP) and Domain Name System (DNS) so systems do no......
[more] Ha, ha you're infected A new version of the infamous Bagle worm series is spreading widely across the net.
Bagle-AS (AKA Bagle-AZ) normally arrives in emails with a price or joke-related (infected) attachments with exe, cpl, scr or com extensions. Subject lines are picked one of a series of innocuous greetings such as Re: Hello, Re: Thank you! or Re: Hi.
Open these on a vulnerable Windows box and you get the pox. The worm scours the hard disk of infected PCs for the email addresses of potenti......
[more] Trojans with a Twist Trojans are a bad enough problem since they might allow remote access to a user's computer. One would think that having a firewall in place prevents a Trojan from opening backdoors in case of infection. But with Windows Firewall and the Win32.Surila.K Trojan that simply isn't always the case.
The reason is two-fold. The first reason is that while Windows Firewall is a decent effort on Microsoft's part to offer users a built-in firewall, many people consider the firewall to......
[more] Worm takes aim at Google and Microsoft ...and, for some reason, the Hungarian prime minister... The latest variant of the Zafi worm was discovered on Wednesday and unlike the previous two variants, Zafi.C has been coded to launch a DDoS attack against Google.com, Microsoft.com and miniszterelnok.hu, which is the website of the Hungarian prime minister.
The Zafi worm has evolved since it was first discovered in April of this year. Zafi.A contained Hungarian text and only tried to send itself to......
[more] Aladdin Identifies Potential Mega Virus Related to JPEG Vulnerability Aladdin Knowledge Systems, Ltd. today announced it has identified a potential \'mega virus\' stemming from the recent JPEG vulnerability. Aladdin content security specialists based in Haifa, Israel have pinpointed three scenarios that could lead to a wide-spreading virus affecting organizations around the globe.
Mr. Shimon Gruper, vice president of technologies for the Aladdin eSafe Business Unit, outlines three possible sce......
[more] Sober worm variant shimmies A new version of the Sober mass-mailing worm was discovered Friday as it quickly spread through Europe and into the United States. Tech security companies gave it a midlevel threat warning.
The W32.Sober.i worm, which sends itself as an e-mail attachment to English and German messages, is one of the more serious threats this fall, said security experts.
"It's probably one of the worst cases we've seen in a month or two," said Mikko Hypponen, antivirus research dire......
[more] Zafi worm will deliver an unhappy Christmas A new version of the Zafi e-mail worm is spreading seasonal greetings along with its malicious code, according to antivirus software companies. Zafi.D is a mass-mailing worm that arrives in a Zip file attached to e-mail messages with the subject "Merry Christmas." Instead of a gift, however, the e-mail package delivers worm code that infects Windows systems on which it is opened.
Antivirus companies have issued warnings about the new worm and updated......
[more] MyDoom mutant promises porn passwords A newly intercepted mutant of the MyDoom virus is spreading by promising access to password protected pornographic websites.
Once running the worm harvests email addresses from the infected machine and sends itself on using its own SMTP engine. It will also attempt to spread using peer-to-peer services like Kazaa.
The mutant leaves a Trojan program that will allow compromised computers to be controlled remotely by hackers.
"Like previous MyDooms, the lat......
[more] Spammers' ISP attacks 'all hype and bluster' Industry hits back at zombie claims from SpamHaus Security vendors have accused anti-spam experts at Spamhaus of hyping a trick that allows spammers to take advantage of internet service providers' mail servers.
Earlier this week Steve Linford, director of Spamhaus, warned that email infrastructures were on the verge of collapse because a new worm is forcing zombie computers to relay spam via ISPs' mail servers. This, Linford said, is a huge problem......
[more] Spam - some figures on the threat Spam lies at the heart of the modern cyber-crime phenomenon. So how big is the problem? You hear all sorts of statistics these days about the level of threat faced by companies, and the Infosecurity show is bound to see these rolled out by vendors at every opportunity. But which ones deserve to be taken seriously?
Proving there is a threat is easy; working out the scale of this is another thing altogether. We decided to research the latest reliable figures we......
[more] The Web, not email, poses the biggest security threat to systems To most companies, the perception is that the biggest threat to their users’ security continues to come from email and Spam. In today’s world, corporate communications systems are totally reliant on giving their employees Web access and email to conduct their business. Take away access to email and the Web for most employees, and they’d claim their productivity would fall. So the focus today of most IT security vendors and corpora......
[more] Sophos announces new "Tiger" version of their leading Mac OS X anti-virus solution New version of Sophos Anti-Virus provides centralised control for businesses upgrading to Mac OS X 10.4 Tiger Sophos, a world leader in protecting businesses from spam and viruses, today announced that Sophos Anti-Virus for Mac OS X has been extended to include support for the latest version of the Apple Macintosh operating system, Mac OS X 10.4 Tiger.
Ideal for multi-national organisations as well as small and m......
[more] Trio of security holes kick sysadmins in teeth RSA, Ethereal and Smail all need patching. Serious security vulnerabilities have been disclosed in three networking tools found in many enterprises: the RSA Authentication Agent for Web for Internet Information Services; ethereal, a network protocol analyser; and smail, a Mail Transfer Agent.
All three vulnerabilities could allow remote attackers to execute malicious code, according to security researchers, and patches have been released for all t......
[more] Aladdin announces eSafe 5 for spyware protection and Web security Aladdin Knowledge Systems Ltd. has announced the availability of Aladdin eSafe 5 that is presented as transforming the way Web security is handled in large organisations, addressing the latest spyware/adware threats with multi-layered comprehensive content protection.
Also introduced in Aladdin eSafe 5 is a gateway solution featuring four layers of spyware protection. Designed to fight the ever-increasing spyware epidemic, Aladd......
[more] Thanksgiving will bring a Sober hangover The largest virus outbreak this year will gain new momentum when the US comes back from its Thanksgiving break, say experts. IT managers should brace themselves The latest outbreak of the Sober worm will accelerate as US computer users turns the PCs back on after the Thanksgiving holiday, security firm MessageLabs warned on Friday.
Business users will return from the break and open mail that has been sitting in their inbox since the first hours of the a......
[more] Sober attack averted - for the moment The Sober worm has yet to launch its payload, despite it being several days since the worm was programmed to download unknown programs from a number of websites.
"There’s nothing going on with Sober," at the moment, said Joe Telafici, director of operations at McAfee's Anti-Virus Emergency Response Team (AVERT)
All of the websites that the last version of the Sober worm was programmed to reach out to and download malicious code from have already been disa......
[more] Serious security bug found in Sendmail Security experts at Internet Security Systems (ISS) yesterday revealed the existence of a serious vulnerability in the Sendmail SMTP server software. Sendmail is one of the most popular mail transfer agents on the internet, used extensively by large corporations and government agencies to route and deliver email. The ISS X-Force team of security researchers said that in order to exploit this vulnerability, an attacker simply needs to be able to connect to t......
[more] Instant Messaging Attacks Jump 160 Percent in July Postini,a global leader in Integrated Message Management, announced last week that its Monthly Message Security & Management Update for July confirms a 160 percent increase over June in instant messaging (IM) attacks against corporate networks. In July, Postini detected and prevented new IM threats including Prokeylogger, which logs the keystrokes typed by the user, captures passwords and screenshots, and sends them to identity thieves.Post......
[more] NorthSeas E-mail Archiving Appliances Now Offer SAN Support, Stand-in Mail Services and much more NorthSeas AMT (NorthSeas), pioneer of the e-mail archiving appliance, today announced that firmware Version 3.0 (V3) is now available for its new NorthSeas Guard E/N product line. The two most noteworthy V3 features are the option to archive to an IP SAN, and messaging functionality that offers users access to e-mail and mail services, even when their mail-server is unavailable. iSCSI support means......
[more] Zhelatin mutants storm virus charts The Zhelatin virus is challenging Bagle and Warezov for the dubious honour of number one virus after eight new variants were detected in the past four days, security experts have warned.Kaspersky Lab said that Zhelatin.s, .t and .u were detected on 8 February, while Zhelatin.v was detected on 9 February. Four more variants, .w to .z, were detected during the weekend of 10-11 February.The most significant of these is Zhelatin.u, which Kaspersky Lab currently r......
[more] Warezov worm surfaces again Mass mailings of the variant, Warezov.nf, started at 5am on Thursday, and already make up between 70 and 85 percent of malicious content in email traffic, according to Kaspersky.Like previous variants of Warezov, the worm spreads via email, disguised as an attachment. The attachment is a Trojan that downloads the latest version of the worm from a number of websites. Once downloaded, the worm copies itself to disk and loads automatically at start-up. Warezov then......
[more] Image spam: In the picture Spammers are finding new ways to bypass filters, but that doesn't mean you have to let them bombard your inbox. Rob Buckley reports Need pain releif (sic)? Some Cialis, perhaps? Or maybe you'd like to invest in China YouTV Corp (CYTV)? You've probably received at least a few emails offering some of these things because they managed to sneak past your spam filters. Rather than using a simple text-based email, these spammers have embedded their kind offers into images, m......
[more] Aladdin eSafe Secure Web Gateway Blocks 100 percent of Anonymous Proxies Anonymous proxies, or anonymizers, are Web sites that allow Internet users to connect to the Web through an external Web site, thereby bypassing any restrictions typically enforced on the local network. This bypass mechanism, though originally designed for safe, anonymous Web surfing, proves extremely dangerous for businesses, schools and other organizations. It opens any computer to all malware that is usually filtered ou......
[more] Why we're losing the war on Spam The war against spam has not come to a swift and just conclusion. Ever since Bill Gates' proclamation in 2004 that spam will be "solved" within two years, the problem has gotten worse, with no light at the end of the tunnel. As with any conflict, it's instructive to understand how and why it started, how it is being fought and what we can expect. Spam started primarily as a marketing vehicle. Sending email to harvested lists was the most cost-effecti......
[more] Guide tells 'grey hats' how to avoid legal pitfalls The US-based Electronic Frontier Foundation has published a guide on how IT professionals can avoid falling foul of the law as a result of ethical hacking. The Electronic Frontier Foundation (EFF) 'Grey Hat' Guide ponders such questions as what a security researcher should do if they unintentionally "violate the law" in the course of their investigations. "A computer-security researcher who has inadvertently violated the law during the co......
[more] How to verify that an email was opened by the intended recipient To complete registration, several websites send users an email message that contains an HTTPS secured link. However, if that email is intercepted, an impersonator may complete the registration process without accessing the recipient's email account. Is there to set up a server to confirm the email was opened by the intended recipient? Unfortunately, email protocols don't really include a check point to detect whether the original......
[more] Security tips for large and small businesses Whether your business is a big fish or a small-fry home office, you can get hacked just the same, and the stakes are higher than a few canceled credit cards. Here are a few tips to protect your users and your networks--steps that even enterprise-class security specialists may slip up on. Know Who Might Be Targeted - and How and Why
With the recent news of attacks on US companies including Google, many business owners might be thinking, "That wouldn't......
[more] Security firm reveals Microsoft's 'silent' patches Microsoft acknowledges fixing three internally found flaws without disclosing the details in security advisories Microsoft silently patched three vulnerabilities last month, two of them affecting enterprise mission-critical Exchange mail servers, without calling out the bugs in the accompanying advisories, a security expert said today.Two of the three unannounced vulnerabilities, and the most serious of the trio, were packaged with MS10-024 , a......
[more] Researchers pry open Waledac, find 500,000 email passwords Researchers have taken a peek inside the recently refurbished Waledac botnet, and what they've found isn't pretty. Waledac, a successor to the once-formidable Storm botnet, has passwords for almost 500,000 Pop3 email accounts, allowing spam to be sent through SMTP servers, according to findings published on Tuesday by security firm Last Line. By hijacking legitimate email servers, the Waledac gang is able to evade IP-based blacklisting t......
[more] Germany provides a secure way to deal with spam In theory, stopping spam is easy: just make it uneconomic to send millions of messages by charging for each one sent, or make senders authenticate their identity to stop address spoofing and simplify blocking. In practice, that would involve building a secure, parallel email infrastructure linking electronic authentication with real-world identities: a daunting task. Yet that's just what Germany is about to do. De-mail -- a play on the country-code......
[more]
