My school has a completely open SMTP server. A friend today who works for the tech department just showed me how anyone could fake an email. He did this by sending me an email as the president of the school, it looked legit. He told the security dudes but they can't secure it due to legacy systems. This is madness surely!?! Is open SMTP as bad as I think? (It is at least only accessible on the schools network).

  • 0
    @Bitwise yeah, but if the right domain has an open smtp, just like in OPs post, those protections won't help at all.
  • 1
    Yea, this is at University too. I can pose as treasurer or something and forge emails. Scary shit
  • 0
    SPF records. Not that fucking difficult!
Add Comment