Есть проблема с уязвимостью 25 порта zimbra, можно написать с любого адреса на почту зная существующий адрес этого почтового сервера , хотя включена аутентификация 25 порта.
There is a problem with vulnerability of port 25 of zimbra, you can write from any address to mail knowing the existing address of this mail server, although authentication of port 25 is enabled.
- Zimbra Collaboration 8.6 Patch 9 now available (includes fix for CVE-2017-8802). Read the announcement.
- Zimbra Collaboration 8.8.7 + Zimbra Connector for Outlook 8.8.7 are available.. Read the announcement.
- Are you a Zimbra Developer? You can find some interesting stuff in our Official GitHub: https://github.com/Zimbra and check the Community Projects too: https://github.com/Zimbra-Community/
Discuss your pilot or production implementation with other Zimbra admins or our engineers.
2 posts • Page 1 of 1
That's not a vulnerability, any mail server will accept mail for a domain that it's hosting and that's how your users get their mail. If you think about it and required it to only accept mail from authenticated sources then you would never be able to receive email.mkalmin wrote:There is a problem with vulnerability of port 25 of zimbra, you can write from any address to mail knowing the existing address of this mail server,....
Who is online
Users browsing this forum: No registered users and 8 guests