SMTP: Microsoft Exchange Guest Account Auth
This signature detects attempts to use SMTP AUTH to authenticate to a Microsoft Exchange mail server using the guest account. Although guest accounts are disabled by default, they can be accidentally activated in multiple ways. Spammers can use this guest account to relay spam through a server that would normally not permit relaying.
Extended Description
When the guest accounts are enabled, an attacker can utilize Exchange Server as a relay with which to send spam e-mail messages.
References
URL: http://www.winnetmag.com/Article/ArticleID/40543/40543.html
Short Name
SMTP:EXCHANGE:AUTH-GUEST
Severity
Minor
Recommended
False
Recommended Action
None
Category
SMTP
Keywords
Account Auth Exchange Guest Microsoft
Release Date
11/20/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown