Computer Mail Services Inc. Uncovers Mail Relay Threat To Enterprise Mail Servers.Business Editors/High-Tech Writers Microsoft TechED teched adj. Variant of tetched. 2003 Booth 374 DALLAS--(BUSINESS WIRE)--June 4, 2003 Reverse Non-Delivery Report (RNDR) Used to Steal Server Capacity, Enabling Undetected Spamming from Enterprise Servers; Vulnerability can be Measured via Free Online Test Computer Mail Services, Inc., a leading e-mail security and management software provider, has exposed a significant email threat to enterprises using the organization's own servers. The threat, announced at Microsoft Tech-Ed 2003 in Dallas, exploits the system's Non-Delivery Report (NDR NDR Norddeutscher Rundfunk NDR non-delivery report (email) NDR Network Data Representation NDR National Driver Register NDR Non-Delivery Receipt (email) NDR Negative Differential Resistance ) feature, enabling outside spammers to hijack servers in order to send out thousands of spam messages without the enterprise's knowledge. Computer Mail Services (CMS (1) See content management system and color management system. (2) (Conversational Monitor System) Software that provides interactive communications for IBM's VM operating system. ) has created a free online check to test the user's server for this vulnerability. Go to http://www.cmsconnect.com/Praetor/RNDR/RequestCheck.htm. According to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. Neil Berger, President of NSB NSB National Science Board NSB New Smyrna Beach (Florida, USA) NSB Norges Statsbaner NSB Naval Submarine Base NSB National Standards Body (RSA) NSB North Slope Borough Systems and Consulting Inc., a network solutions provider servicing many major Canadian corporations, the problem has become widespread in recent months. "Almost every installation I've encountered suffers from the problem of Reverse NDR," Berger states. "Not only does Reverse NDR eat up huge amounts of mail server resources, but also the enterprise's domain risks being blacklisted by ISPs, customers, and organizations with which the enterprise does business." Undetected Spam A Reverse Non-Delivery Report (RNDR) attack occurs when the spammer takes advantage of a server's inherent ability to return email that is misaddressed. Typically, when misaddressed email is sent, the mail is returned to the originating sender along with an error notification and the original message. By forging the originator's address and sending to fictitious addresses within the domain of the victimized enterprise's servers, the spammer can send emails to thousands of intended addressees without his own server ever being detected. "The insidious thing about this ploy is that when the addressee (communications) addressee - One to whom something is addressed. E.g. "The To, CC, and BCC headers list the addressees of the e-mail message". Normally an addressee will eventually be a recipient, unless there is a failure at some point (an e-mail "bounces") or the message is gets the NDR, the subject line is usually something about a Non-Delivery Report," notes Lih-Tah Wong, Director of Sales and Marketing for Computer Mail Services, Inc. "The person's curiosity is piqued to learn what message of his or hers was undeliverable un·de·liv·er·a·ble adj. Difficult or impossible to deliver: undeliverable mail. un . Thus, the person is likely to open the attached message which is the original spam." All Servers Vulnerable Very few email servers See mail server. have a fix for the RNDR problem. One option is to turn off the NDR feature on the server; however, this is an all-or-nothing response that will stop valid NDR messages in addition to fraudulent ones. Berger stated one of his customers was sending out thousands of previously undetected spam email each night. "Pornography, prescription pills, insurance, home financing, you name it. This technique has been used for every imaginable purpose," he added. Problem Explained at Tech-Ed 2003 Reverse Non-Delivery Report attacks, along with possible solutions, are being explained in greater detail at Microsoft Tech-Ed 2003. For additional information visit Computer Mail Services, Inc. at Booth 374, Dallas Convention Center The Dallas Convention Center, originally the Dallas Memorial Auditorium, is a meeting hall, event/convention center and civic center in the Convention Center District of downtown Dallas, Texas (USA). during the conference, June 1-6, 2003, or by visiting the company website at www.cmsconnect.com. About Computer Mail Services, Inc.: Founded in 1982, Southfield, Michigan-based Computer Mail Services, Inc. (CMS), is a privately-held company specializing in products that improve the return on investment of electronic mail systems. Its flagship product A primary product of a company, which is typically why the company was founded and/or what made it well known. For example, MS-DOS, Windows and the Microsoft Office suite have been flagship products of Microsoft. CorelDRAW is a flagship product of Corel Corporation. , Praetor praetor (prēt`ər), in ancient Rome, originally a consul, and later a judicial magistrate (from c.366 B.C.). In 242 B.C. two praetors were appointed, the urban praetor (praetor urbanus , is a rules-based, content-filtering and anti-spam firewall product for email servers. In addition to improving enterprise productivity and limiting objectionable or unwanted email, Praetor can stop invasion from spammers who use Reverse NDR attacks. For more information about Computer Mail Services, contact the company at 248-352-6700 or visit www.cmsconnect.com. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion