It seems insecure, but I don't know if it's normal for companies who share a server and have an smtp. Is this something that's standard or is there a hole in the IT security that I should notify someone of?
Asked
Active
Viewed 162 times
2 Answers
0
No, I don't that has been "normal" for years. SMTP servers normally require authentication in order to prevent spamming. For example, see this ten year old Microsoft article: http://support.microsoft.com/kb/324285.
0
I used this in my test scripts. For example: I have one that will tell me when a host comes online so that i dont have to sit there and watch pings.
I am allowed to do this, as an Exchange Administrator, since i allowed my computer's ip anonymous access to our Client Access Server(Exchange 2010).
All other hosts require basic smtp authentication. If they did not use it they would not be allowed.
That being said it is possible that you are allowed this right depending on what your ip or subnet is. Ultimately, this is something that should be controlled by IT though as you can send out mail however you want which could be dangerous.
Matt
- 45,022
- 8
- 78
- 119