Exchange 2003 SMTP DATA command bug

This is an extract from a log file I’m looking at right now for an Exchange 2003 SMTP service… I sure as hell hope there’s just a patch missing, otherwise, this could be one NASTY bug. It appears as if the DATA section of the SMTP session has been escaped, possibly by inclusion of the escape sequence used by SMTP to exit the DATA block, thus tacking the rest of the email straight to the SMTP service for processing… Anyone who knows anything about SMTP should be able to see the implications of this… And hopefully, I’m not just making an ass of myself 😛

13:13:30 124.61.182.49 EHLO – 250
13:13:30 124.61.182.49 MAIL – 250
13:13:30 124.61.182.49 RCPT – 250
13:13:32 124.61.182.49 DATA – 250
13:13:32 124.61.182.49 so – 500
13:13:32 124.61.182.49 ——=_nextpart_000_0007_01ca4ccf.fc799c50 – 500
13:13:32 124.61.182.49 content-type: – 500
13:13:32 124.61.182.49 charset=”iso-8859-1″ – 500
13:13:32 124.61.182.49 content-transfer-encoding: – 500
13:13:32 124.61.182.49 <!doctype – 500
13:13:32 124.61.182.49 <html><head> – 500
13:13:32 124.61.182.49 <meta – 500
13:13:32 124.61.182.49 > – 500
13:13:32 124.61.182.49 <meta – 500
13:13:32 124.61.182.49 <style></style> – 500
13:13:32 124.61.182.49 </head> – 500
13:13:32 124.61.182.49 <body> – 500
13:13:32 124.61.182.49 <html> – 500
13:13:32 124.61.182.49 <head> – 500
13:13:32 124.61.182.49 <title></title> – 500
13:13:32 124.61.182.49 </head> – 500
13:13:32 124.61.182.49 <body – 500
13:13:32 124.61.182.49 “> – 500
13:13:32 124.61.182.49 <table – 500
13:13:32 124.61.182.49 <tr> – 500
13:13:32 124.61.182.49 <td> – 500
13:13:32 124.61.182.49 <center><a – 500
13:13:32 124.61.182.49 QUIT – 240

0 0 votes
Article Rating
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x